| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Shay Rojansky <roji(at)roji(dot)org>, Simon Riggs <simon(at)2ndquadrant(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Proposed change to make cancellations safe |
| Date: | 2016-04-26 21:39:19 |
| Message-ID: | 25468.1461706759@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Mon, Apr 25, 2016 at 12:16 PM, Shay Rojansky <roji(at)roji(dot)org> wrote:
>> Sure. I'd consider sending in a patch, but as this is a protocol-changing
>> feature it seems like working on this before the team "officially" starts
>> working on a new protocol might be a waste of time. Once there's critical
>> mass for a new protocol and agreement that PostgreSQL is going for it I'd be
>> happy to work on it.
> I don't immediately see a reason why this couldn't be done as an
> isolated change. Suppose that we change the server to allow a cancel
> request to be either 16 bytes or 20 bytes, rather than always 16 bytes
> as they are currently. Clients will need to be careful not to send
> the new type of cancel request to a server that is too old to
> understand it, but since they've got an active connection,
> server_version will have been previously reported.
> More generally, as long as new protocol bits are client-initiated, I
> don't think we really need to bump the protocol version. If we want
> to change the kinds of responses the server sends or structurally
> change the format of protocol messages or deprecate messages that
> exist now, then we do.
Meh --- I'm fairly suspicious of shoehorning things in and pretending
it's not a protocol change. That usually leads to crufty and ultimately
unmaintainable designs, because you're forced to do strange things when
you do it that way. (Cf the COPY RAW thread for a recent example.)
Having said that, CANCEL is sufficiently outside the normal protocol
that maybe you are right: we could invent what amounts to a new cancel
protocol and trust clients to look at server_version to know what to send.
One problem is that we really ought to widen the random cancel key while
we're at it; 32 bits doesn't seem like enough to prevent brute-force
searches anymore. However, since the cancel key is transmitted from the
server within the normal protocol, I don't see any way to do that without
a compatibility break.
Is there anything else people have complained about w.r.t. CANCEL?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Rowley | 2016-04-26 22:44:17 | Re: EXPLAIN VERBOSE with parallel Aggregate |
| Previous Message | Andres Freund | 2016-04-26 21:32:07 | Re: [BUGS] Breakage with VACUUM ANALYSE + partitions |