Thread: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
Hi all,
I'm assessing the feasibility of implementing a full featured "DB as API" concept in PostgreSQL (PG) and have run across an apparent inconsistency in the transaction (TX) handling behavior with nested stored procedures. This apparent inconsistency is present in both 16.4 and 17.4 running on Linux. I'm using pgAdmin and other clients with the default autocommit behavior (i.e. no AUTOCOMMIT OFF magic START TRANSACTION; commands are being sent by the clients).
Per my understanding of the docs and some PG source code review:
- When a top-level stored procedure is called it implicitly creates a TX if there is no current TX.
- When a nested stored procedure is called it implicitly creates a subTX for that invocation.
- When a BEGIN/EXCEPTION block is used it implicitly creates a subTX for that block.
(It is not clear if a top-level procedure that uses BEGIN/EXCEPTION in the outermost block bothers with a subTX as it would be logically coincident with the main TX. A similar situation exists for nested procedures that use BEGIN/EXCEPTION, i.e., is there a coincident subTX inside a subTX?)
In my testing, as shown in the script below, when using structured exception handling in nested stored procedures with an autonomous TX workaround (for error logging), results in error 2D000 (see Test 3). Verbose logging shows it to be caused by function _SPI_rollback() at line 400 (16.4) or 399 (17.4) in spi.c. What seems inconsistent is that if the outer procedure does not use an EXCEPTION block (see Test 2 ), 2D000 is not thrown and the autonomous TX workaround works as desired.
Please advise if this is expected behavior.
Much thanks,
Kevin Stephenson
-- WARNING: Script contains DROP statements.
-- Greatly simplified schema for demonstration.
DROP TABLE IF EXISTS public.error_log;
CREATE TABLE public.error_log (
logging_routine_name text NULL,
sqlstate text NULL,
sqlerrm text NULL
);
DROP TABLE IF EXISTS public.dummy;
CREATE TABLE public.dummy (
data text NULL
);
CREATE OR REPLACE PROCEDURE public.inner_proc()
LANGUAGE plpgsql AS $$
DECLARE
dummy_var int;
BEGIN
-- Assuming subTX implicitly starts under (main) TX 'A'
INSERT INTO public.dummy (data) VALUES ('inner_proc');
dummy_var = 1/0;
EXCEPTION
-- Assuming only subTX implicitly rolled back
WHEN OTHERS THEN
-- Autonomous TX workaround.
ROLLBACK; -- rollback TX 'A' and start new TX 'B'
INSERT INTO public.error_log (logging_routine_name, sqlstate, sqlerrm)
VALUES ('inner_proc', SQLSTATE, SQLERRM);
-- commit TX 'B' and start new TX 'C'
COMMIT;
-- Autonomous TX workaround finished.
-- Rethrow for caller to handle.
RAISE;
END;$$;
CREATE OR REPLACE PROCEDURE public.outer_proc_simple()
LANGUAGE plpgsql AS $$
BEGIN
-- TX 'A' starts here
-- Simple example with no exception handling in outer proc.
INSERT INTO public.dummy (data) VALUES ('outer_proc_simple');
CALL public.inner_proc();
-- TX 'C' in aborted state with uncaught exception bubbling up to caller.
END;$$;
CREATE OR REPLACE PROCEDURE public.outer_proc_complex()
LANGUAGE plpgsql AS $$
BEGIN
-- TX 'A' starts here
-- Complex example that allows additional error logging.
INSERT INTO public.dummy (data) VALUES ('outer_proc_complex');
CALL public.inner_proc();
EXCEPTION
WHEN OTHERS THEN
-- TX 'C' should already be in aborted state. Finish it off and start TX 'D'.
ROLLBACK;
INSERT INTO public.error_log (logging_routine_name, sqlstate, sqlerrm)
VALUES ('outer_proc', SQLSTATE, SQLERRM);
-- We want to rethrow again so commit TX 'D'.
COMMIT;
RAISE; -- app layer can handle as appropriate
END;$$;
-- Test 1 (Works as expected.)
CALL public.inner_proc();
/*
ERROR: division by zero
CONTEXT: ... (truncated for brevity)
*/
SELECT * FROM public.dummy;
-- empty result set
SELECT * FROM public.error_log;
-- inner_proc, 22012, division by zero
-- Test 2 (Works as expected.)
TRUNCATE TABLE public.dummy;
TRUNCATE TABLE public.error_log;
-- Note: Do not run TRUNCATEs and CALL in a single batch.
-- Creates an outer TX that would not be done in real use.
CALL public.outer_proc_simple();
/*
ERROR: division by zero
CONTEXT: ... (truncated for brevity)
*/
SELECT * FROM public.dummy;
-- empty result set
SELECT * FROM public.error_log;
-- inner_proc, 22012, division by zero
-- Test 3 (Fails?)
TRUNCATE TABLE public.dummy;
TRUNCATE TABLE public.error_log;
--
CALL public.outer_proc_complex();
/*
ERROR: invalid transaction termination
CONTEXT: PL/pgSQL function inner_proc() line 14 at ROLLBACK
SQL statement "CALL public.inner_proc()"
PL/pgSQL function outer_proc_complex() line 6 at CALL
SQL state: 2D000
*/
SELECT * FROM public.dummy;
-- empty result set
SELECT * FROM public.error_log;
-- outer_proc, 2D000, invalid transaction termination
-- Cleanup.
/*
DROP PROCEDURE IF EXISTS public.outer_proc_complex;
DROP PROCEDURE IF EXISTS public.outer_proc_simple;
DROP PROCEDURE IF EXISTS public.inner_proc;
DROP TABLE IF EXISTS public.error_log;
DROP TABLE IF EXISTS public.dummy;
*/
Re: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
From
Christophe Pettus
Date:
Hello, > On Mar 22, 2025, at 08:38, Kevin Stephenson <kjs714@hotmail.com> wrote: > • When a top-level stored procedure is called it implicitly creates a TX if there is no current TX. > • When a BEGIN/EXCEPTION block is used it implicitly creates a subTX for that block. These statements are correct. > • When a nested stored procedure is called it implicitly creates a subTX for that invocation. This one is not. (Although the behavior you are looking for may not depend on that.) A procedure cannot issue top-level transaction control statements from within an exception block, and attempting to do soraises the error you saw. This includes procedures that are called from within an exception block.
Christophe Pettus <xof@thebuild.com> writes:
> A procedure cannot issue top-level transaction control statements from within an exception block, and attempting to
doso raises the error you saw. This includes procedures that are called from within an exception block.
Yeah. Postgres doesn't have autonomous transactions (not yet anyway),
and you can't fake them like that.
A way that does work, I believe, is to set up a second session with
dblink[1] and use that to issue the autonomous transaction. Ugly
and inefficient for sure, but if you've gotta have it...
regards, tom lane
[1] https://www.postgresql.org/docs/current/dblink.html
Re: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
From
Kevin Stephenson
Date:
Christophe and Tom, thank you for your responses, but I'm still a bit confused. In my original email, the Test 2 case is allowing a ROLLBACK in the EXCEPTION clause without throwing an error. Is it a NOP ROLLBACK being applied to an aborted subTX, a real full ROLLBACK, or something else? Please advise.
Thanks,
Kevin Stephenson
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: Saturday, March 22, 2025 7:59 AM
To: Christophe Pettus <xof@thebuild.com>
Cc: Kevin Stephenson <kjs714@hotmail.com>; pgsql-general@postgresql.org <pgsql-general@postgresql.org>
Subject: Re: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
Sent: Saturday, March 22, 2025 7:59 AM
To: Christophe Pettus <xof@thebuild.com>
Cc: Kevin Stephenson <kjs714@hotmail.com>; pgsql-general@postgresql.org <pgsql-general@postgresql.org>
Subject: Re: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
Christophe Pettus <xof@thebuild.com> writes:
> A procedure cannot issue top-level transaction control statements from within an exception block, and attempting to do so raises the error you saw. This includes procedures that are called from within an exception block.
Yeah. Postgres doesn't have autonomous transactions (not yet anyway),
and you can't fake them like that.
A way that does work, I believe, is to set up a second session with
dblink[1] and use that to issue the autonomous transaction. Ugly
and inefficient for sure, but if you've gotta have it...
regards, tom lane
[1] https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.postgresql.org%2Fdocs%2Fcurrent%2Fdblink.html&data=05%7C02%7C%7Ce846300d6b9c402760ec08dd69521aad%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638782523529471489%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=2Rn9iT1VcDJgCXesww3AcwD16UIWE3HsEgniD0Byodk%3D&reserved=0
> A procedure cannot issue top-level transaction control statements from within an exception block, and attempting to do so raises the error you saw. This includes procedures that are called from within an exception block.
Yeah. Postgres doesn't have autonomous transactions (not yet anyway),
and you can't fake them like that.
A way that does work, I believe, is to set up a second session with
dblink[1] and use that to issue the autonomous transaction. Ugly
and inefficient for sure, but if you've gotta have it...
regards, tom lane
[1] https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.postgresql.org%2Fdocs%2Fcurrent%2Fdblink.html&data=05%7C02%7C%7Ce846300d6b9c402760ec08dd69521aad%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638782523529471489%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=2Rn9iT1VcDJgCXesww3AcwD16UIWE3HsEgniD0Byodk%3D&reserved=0
Re: Nested Stored Procedures - ERROR: invalid transaction termination 2D000
From
Christophe Pettus
Date:
> On Mar 22, 2025, at 21:37, Kevin Stephenson <kjs714@hotmail.com> wrote:
>
> Christophe and Tom, thank you for your responses, but I'm still a bit confused. In my original email, the Test 2 case
isallowing a ROLLBACK in the EXCEPTION clause without throwing an error. Is it a NOP ROLLBACK being applied to an
abortedsubTX, a real full ROLLBACK, or something else? Please advise.
That's an interesting question. It appears to be a no-op, although a quick scan of the code doesn't reveal why.
Here'san illustrative test case:
xof=# CREATE OR REPLACE PROCEDURE outer() AS $$
BEGIN
INSERT INTO t VALUES(3);
BEGIN
CALL inner();
PERFORM 1/0;
EXCEPTION WHEN OTHERS THEN
RAISE NOTICE 'in outer exception handler';
END;
END;
$$ language plpgsql;
CREATE PROCEDURE
xof=# create or replace procedure inner() as $$
BEGIN
BEGIN
INSERT INTO t VALUES(1);
PERFORM 1/0;
EXCEPTION WHEN OTHERS THEN
ROLLBACK;
INSERT INTO t VALUES(2);
END;
END;
$$
language plpgsql;
CREATE PROCEDURE
xof=# call outer();
NOTICE: in outer exception handler
CALL
xof=# table t;
i
---
3
(1 row)
xof=# truncate t;
TRUNCATE TABLE
xof=# call inner();
CALL
xof=# table t;
i
---
2
(1 row)
It clearly doesn't roll back the outer transaction. The savepoint that BEGIN ... EXCEPTION creates is released upon
entryinto the EXCEPTION block, so there's no savepoint in that context to roll back to.
Pragmatically, the answer is: don't put top-level transaction control statements in procedures where they might be
invokedwithin an EXCEPTION block, either directly or indirectly.
Kevin Stephenson <kjs714@hotmail.com> writes:
> Christophe and Tom, thank you for your responses, but I'm still a bit confused. In my original email, the Test 2 case
isallowing a ROLLBACK in the EXCEPTION clause without throwing an error. Is it a NOP ROLLBACK being applied to an
abortedsubTX, a real full ROLLBACK, or something else? Please advise.
The sub-transaction only exists for the body of the BEGIN construct,
up until EXCEPTION. By the time control arrives at an exception
handler, we've rolled back the sub-xact and are executing in the outer
transaction again. So if that's a top-level transaction, you can roll
it back, but if it's a subtransaction you can't.
regards, tom lane
Christophe Pettus <xof@thebuild.com> writes:
> That's an interesting question. It appears to be a no-op, although a quick scan of the code doesn't reveal why.
Here'san illustrative test case:
This test case would be less confusing if the outer handler did
RAISE NOTICE 'in outer exception handler: %', sqlerrm;
With that, the test shows
regression=# call outer();
NOTICE: in outer exception handler: invalid transaction termination
CALL
What is happening is that inner() does PERFORM 1/0, fails and bounces
out to its exception handler, and then the ROLLBACK throws an error
because we're still inside outer()'s subtransaction. So inner()'s
first INSERT has been rolled back and the second one is never
reached. Back at outer()'s exception handler, we trap the error
from ROLLBACK, abort that subtransaction, and go on our merry way,
allowing the original INSERT (which was outside both subtransactions)
to complete.
regards, tom lane