| From: | shveta malik <shveta(dot)malik(at)gmail(dot)com> |
|---|---|
| To: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
| Cc: | Dilip Kumar <dilipbalaut(at)gmail(dot)com>, vignesh C <vignesh21(at)gmail(dot)com>, Nisha Moond <nisha(dot)moond412(at)gmail(dot)com>, Peter Smith <smithpb2250(at)gmail(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, shveta malik <shveta(dot)malik(at)gmail(dot)com> |
| Subject: | Re: Proposal: Conflict log history table for Logical Replication |
| Date: | 2026-06-10 09:37:27 |
| Message-ID: | CAJpy0uBVpriG+SrL_gzztRTZqUq82UNJsRFTfSKGCvS_uB9x+Q@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jun 10, 2026 at 12:48 PM Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> wrote:
>
> On Mon, Jun 8, 2026 at 7:01 PM Dilip Kumar <dilipbalaut(at)gmail(dot)com> wrote:
> >
> > On Mon, Jun 8, 2026 at 11:43 AM shveta malik <shveta(dot)malik(at)gmail(dot)com> wrote:
> > >
> > > On Fri, Jun 5, 2026 at 4:22 PM Dilip Kumar <dilipbalaut(at)gmail(dot)com> wrote:
> >
> > After rethinking my previous stance on blocking these operations, let
> > me clarify the core principle I think we should follow for CLTs. I am
> > completely open to feedback on this approach:
> >
> > 1. Block Direct Mutations: We should block any operation that directly
> > modifies the CLT or its underlying data (e.g., DROP TABLE, ALTER
> > TABLE, INSERT, UPDATE), which impact the operation on CLT or update
> > the CLT data.
> > 2. Don't block Indirect/Edge-Case Operations: We should not write
> > custom code just to block edge cases that don't directly modify CLT
> > data or impact the operations on CLT.
>
> Unlike system catalogs which are allowed to be modified with the
> allow_system_table_mods GUC, the TOAST model seems more appropriate
> for conflict log tables where the external modifications are blocked,
> due to following reasons:
> 1. The apply worker assumes a fixed schema. ConflictLogSchema[] in
> conflict.c is a hardcoded array of column definitions used to build
> tuples at runtime. If allow_system_table_mods=on lets someone add a
> column or attach a trigger that errors out, the apply worker's
> insertion path breaks with error or crash. There is no recovery path —
> it's not like a user catalog where a DBA might legitimately need to
> patch something in an emergency.
> 2. allow_system_table_mods allowed to modify catalog tables and that
> seems to be designed for bootstrap, not conflict log tables. The GUC
> exists so initdb can modify system catalogs they own. Conflict log
> tables are subscription-specific runtime objects. No legitimate
> internal tooling scenario requires adding triggers or rules to them.
>
> There could be other cases for allow_system_table_mods to allow
> modifying system catalog for emergency repair of catalog table or some
> upgrade scripts used by extensions to allow adding additional entries
> in catalog tables like pg_proc but I don't see such maintenance
> required for conflict log tables. So, it seems better to block all the
> additional operations discussed.
>
+1. irrespective of GUC value, we can block such operations. Some
operations are allowed even with this GUC set to false (as stated in
my previous emails).
thanks
Shveta
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Japin Li | 2026-06-10 09:39:16 | Re: [PATCH] vacuumdb: Add --exclude-database option |
| Previous Message | Chao Li | 2026-06-10 09:21:40 | Re: repack: clarify final phase of concurrent mode in file header comment |