Re: [OSSTEST PATCH 0/1] PostgreSQL db: Retry on constraint violation [and 2 more messages] [and 1 more messages]

Kevin Grittner writes ("Re: [HACKERS] [OSSTEST PATCH 0/1] PostgreSQL db: Retry on constraint violation [and 2 more messages] [and 1 more messages]"):
> On Wed, Dec 14, 2016 at 10:20 AM, Ian Jackson <ian(dot)jackson(at)eu(dot)citrix(dot)com> wrote:
>
> > Let me try to summarise my understanding of what the developers think
> > they can and intend to promise, about SERIALIZABLE transactions:
> >
> > There is a consistent serialisation of all transactions which
> > successfully commit; or which do not attempt to make any changes.
> >
> > A "consistent serialisation" means that there is an order in which
> > the same transactions might have been executed giving exactly the
> > answers. This includes, if applicable, the same errors. (The
> > database is free to generate synchronisation failure errors 40P01 and
> > 40001 whenever it chooses.)
>
> I would alter that slightly to:
>
> There is a consistent serialization of all serializable
> transactions which successfully commit.

Here `serializable' means SERIALIZABLE ?

> > A transaction which attempts to make any changes, and which does not
> > commit (whether because the application never asks for COMMIT, or
> > because of reported synchronisation failure) might see internally
> > inconsistent data, or an internally-consistent view which is not
> > compatible with any serialisation of other transactions. An
> > application which needs a coherent view should not rely on any of the
> > information from such a transaction.
>
> Even a read-only transaction can see a state that is not consistent
> with business rules (as enforced in the software) given that some
> particular later state is reached.
>
> For examples, please see this Wiki page. You might be particularly
> interested in the examples in the "Read Only Transactions" section:
>
> https://wiki.postgresql.org/wiki/SSI

Thanks. I read that part of the wiki page. But in that example, we
are told that T1 will be aborted, not T3.

Can it happen that a transaction which does not make any update
attempts, will see "impossible" data, and that this is only detected
at COMMIT ? Does that apply even to READ ONLY transactions ?

> > Serialisation failures in subtransactions might cause the parent
> > transaction to experience a serialisation failure too.
>
> There is currently at least one bug

Right. I was trying to capture the intent, modulo bugs.

> Once a serialization failure occurs the transaction is flagged as
> "doomed" and will not, under any circumstances be allowed to
> commit. If you find any exception to that, please report it as a
> bug.

Right. I think this prevents any exception-catching arrangements from
suppressing the serialisation failure. Since AIUI it is not possible
to run the outer COMMIT from within an exception trapping context.

If it /is/ possible to run that outer COMMIT in a way which swallows
the exception then this is not a practical problem but the wording
ought to be changed to refer to the success of the COMMIT statement.

Ian.