Re: Concerns about statement-timeout patch - Mailing list pgsql-hackers
| From | Bruce Momjian |
|---|---|
| Subject | Re: Concerns about statement-timeout patch |
| Date | |
| Msg-id | 200211080429.gA84TIS27269@candle.pha.pa.us Whole thread Raw |
| In response to | Concerns about statement-timeout patch (Tom Lane <tgl@sss.pgh.pa.us>) |
| List | pgsql-hackers |
Added to TODO: * Research interaction of setitimer() and sleep() used by statement_timeout --------------------------------------------------------------------------- Tom Lane wrote: > I've been trying to do some code review of the recent statement-timeout > feature addition, and I've got some fairly serious concerns about it. > > One problem that needs discussion is that the enable_sig_alarm and > disable_sig_alarm calls were dropped into postgres.c at rather randomly > chosen places. The disable in particular is wrong because in the normal > case it will occur after we have done transaction commit. This creates > a window between committing a command and reaching the disable call > wherein the timeout interrupt could happen. If it does happen, the > net result will be that the client receives an error message, making > it look like the command failed --- when in fact it was committed. > > The simplest solution would be to move the calls into start_xact_command > and finish_xact_command respectively. However that would affect the > semantics a little, in that for a querystring containing BEGIN and/or > COMMIT commands, the timeout would be measured across subsets of the > query string, not the whole string as now. I am not sure if this is > a problem or not; the existing semantics don't exactly match my idea > of a "statement" timeout anyway. > > Another possible objection is that end-of-transaction cleanup would > not be counted in the statement timeout. This does not bother me, > since the cleanup should be quick, but maybe it would bother someone. > (I would place the disable after DeferredTriggerEndQuery(), so that > RI triggers are run before we disable the timeout.) > > I am also concerned about the fact that the feature requires assuming > that setitimer(ITIMER_REAL) plays nicely with sleep(). The documents > I have say that on some platforms sleep() destroys any pending > ITIMER_REAL setting. We could perhaps fix that by adding a call to > reset the end-of-statement timeout after every sleep() in the backend > ... but that's obviously a fragile way to proceed. > > Comments? > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/users-lounge/docs/faq.html > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania19073
pgsql-hackers by date: