Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1njEfJ-0001ZJ-L5 for pgsql-hackers@arkaria.postgresql.org; Tue, 26 Apr 2022 06:27:13 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1njEfI-0006bt-3d for pgsql-hackers@arkaria.postgresql.org; Tue, 26 Apr 2022 06:27:12 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1njEfH-0006bk-Lw for pgsql-hackers@lists.postgresql.org; Tue, 26 Apr 2022 06:27:11 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1njEfA-00044j-Bw for pgsql-hackers@lists.postgresql.org; Tue, 26 Apr 2022 06:27:10 +0000 Received: by mail-ej1-x631.google.com with SMTP id k23so33975607ejd.3 for ; Mon, 25 Apr 2022 23:27:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybertec-at.20210112.gappssmtp.com; s=20210112; h=message-id:subject:from:to:cc:date:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=3gt7gTMaj7nEGO20PX4Oeq5SdmorqhwhdKPST/hKQKQ=; b=DchLifC0GkFRYTFSfrfwQ5Gp6Mevk6ogulICPLdF2ixbCRgpyT7YI8HLxTnJIxl9hH K1jbwVRC3NRs5PPC0FtYOmkkRB22yU44f3FFaOWO8iefa5mq7IExGRCDVo8CC4o4Je4c dcor1jxiEWeY/lPVYekkKqbYAKe7ux+ytPmud83Pqm1HIDOcSAapX+Q0YyBSKEDAzeZP dChcLtamo4jxB4d2USGcBoyhaEpb48xUJtCUfWzdoePlxbXoZHgyJ/haFEPXwRt635zt j4f16/ASez7MAP+lg35yfaO5Noe5jKfMpC8AvxuK+Os1gMFugMp3gtmOXSlMj8xgWAWr QwvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=3gt7gTMaj7nEGO20PX4Oeq5SdmorqhwhdKPST/hKQKQ=; b=5w0m/Z0SUd/3Ba2j0XCPLhWuQMxDyH7L+uA8UjL6fjEDOrUL1YZb+Xg2Tagu73SQ6l 5J9+xhEetRff38ShvVXSUxpa9a81EPJSEYEYdPsVgJg106/UGZyKwD4aW/MYQtuV3II5 BjwDBKZ4Rt1wf6Sa/RUGtskfiOezWCnsFgkFFzmn/WcbdXFyMbct3kEBk+MU3I5p8h5o wRUPjVOAk+d5CviAoNg532EYFydccuy3u+bqWe986axhV57Mj76VQHzz4Ufy4xbiYLmr BLGwerbw3ZM+Xwl8euAvdh/hUA/ONzkNjFq/a8bmIMH6YID9/VDe7QKCM3OJ0t4fygB1 98Bw== X-Gm-Message-State: AOAM532UppriSuPHNW9JRyLVfPAoFN6PxhUJ4eM99/YlOA0RORRt0Nso kCcHnXgkxXOm6HO30uB2Qx4BWA== X-Google-Smtp-Source: ABdhPJw2cXvpPft0DEXC6Eq9tjoW8JbKBYsRKAi856hyZk4IxthgG0OisGLSokY+86qiZLXE1Oqf7w== X-Received: by 2002:a17:907:2ce3:b0:6f3:a4c4:100a with SMTP id hz3-20020a1709072ce300b006f3a4c4100amr4579753ejc.218.1650954421352; Mon, 25 Apr 2022 23:27:01 -0700 (PDT) Received: from localhost.localdomain ([2001:871:5e:280:b8e4:fb13:2e22:7e07]) by smtp.gmail.com with ESMTPSA id p5-20020a1709060e8500b006f3abcc14b8sm579445ejf.150.2022.04.25.23.27.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Apr 2022 23:27:00 -0700 (PDT) Message-ID: <9290b55b6ae2b04e002ca9dadadd1cca09461482.camel@cybertec.at> Subject: Re: An attempt to avoid locally-committed-but-not-replicated-to-standby-transactions in synchronous replication From: Laurenz Albe To: Bharath Rupireddy , PostgreSQL Hackers Cc: SATYANARAYANA NARLAPURAM Date: Tue, 26 Apr 2022 08:26:59 +0200 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.40.4 (3.40.4-5.fc34) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Mon, 2022-04-25 at 19:51 +0530, Bharath Rupireddy wrote: > With synchronous replication typically all the transactions (txns) > first locally get committed, then streamed to the sync standbys and > the backend that generated the transaction will wait for ack from sync > standbys. While waiting for ack, it may happen that the query or the > txn gets canceled (QueryCancelPending is true) or the waiting backend > is asked to exit (ProcDiePending is true). In either of these cases, > the wait for ack gets canceled and leaves the txn in an inconsistent > state [...] > > Here's a proposal (mentioned previously by Satya [1]) to avoid the > above problems: > 1) Wait a configurable amount of time before canceling the sync > replication by the backends i.e. delay processing of > QueryCancelPending and ProcDiePending in Introduced a new timeout GUC > synchronous_replication_naptime_before_cancel, when set, it will let > the backends wait for the ack before canceling the synchronous > replication so that the transaction can be available in sync standbys > as well. > 2) Wait for sync standbys to catch up upon restart after the crash or > in the next txn after the old locally committed txn was canceled. While this may mitigate the problem, I don't think it will deal with all the cases which could cause a transaction to end up committed locally, but not on the synchronous standby. I think that only using the full power of two-phase commit can make this bulletproof. Is it worth adding additional complexity that is not a complete solution? Yours, Laurenz Albe