Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s9j7J-004bqv-Mn for pgsql-hackers@arkaria.postgresql.org; Wed, 22 May 2024 10:22:43 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1s9j6L-00FdZp-5k for pgsql-hackers@arkaria.postgresql.org; Wed, 22 May 2024 10:21:41 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s9j6K-00FdZh-Pp for pgsql-hackers@lists.postgresql.org; Wed, 22 May 2024 10:21:40 +0000 Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1s9j6H-000BRJ-Dl for pgsql-hackers@lists.postgresql.org; Wed, 22 May 2024 10:21:40 +0000 Received: by mail-wr1-x430.google.com with SMTP id ffacd0b85a97d-354de3c5d00so221405f8f.1 for ; Wed, 22 May 2024 03:21:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1716373296; x=1716978096; darn=lists.postgresql.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=cjH3jsBRpTN/UXVs2T3P3/XrwtCyYjEmuv3d/ApcseU=; b=dXNIff5sb5zvLTRPoxyatyBjTcl5bKk29RPvPbjvkzaNnI7NZA9Xsgdxd2oqWVHhun aiFvJe9JeCFg3q4P2Wpg7xYyWn2bsAPrfw+KtGG96Qz/CaDI6E5w00EK6bVdl4AceFTp d8s1AJCk3B+wsokJcUbb3C2+KLCx/f5bIaTx6IbdtBydaproUoxEySDylFHrul1S2i/1 81+60nX9IVAuGxbc3XRCtr2gT1aaGcfOnW2hgqwXWb3ugz6x9J8yot6IzL6MUHAOBblK 1JB3TizJpefd3bcmlHlL49pOXEJUVN0MwXsRsnWumq78+vHj9MOUJjCBAMuCoO1Ra3lL JT4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716373296; x=1716978096; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cjH3jsBRpTN/UXVs2T3P3/XrwtCyYjEmuv3d/ApcseU=; b=FNtwOzNrAodrVHwXJEGQjyeI77M5KV6W00b9RaaqulqRjqTNE23ST+cLuG1LVPuLf9 rMscNcLQ0itsj/4HTrQDVYe4IcVMBO9Yrrz188H67IMJN5RdHdpeqNyBe+/1D2httXnK AvfqVEr+ce01SsAWvOMocuZVGAipyKCeFAenMb5tXcZI0wqYFW8GpFfO7jyEjlRswloX zB5LjZ0gOiCuWja81RO39WpPrDjkvcZrVt55iVz4+gXcRqDViafFbqp7renruWM8NQXH mWOcdBZP7OPVlqvk1Le3bISjWTrCxgPUH3//0qZPVU67xuYytKoPMwT+QJ6SSK5fgif6 XAZQ== X-Forwarded-Encrypted: i=1; AJvYcCURrZkJRl5HqXBIPkHyBbBnfxgK51uqEyxzPtRxBeFUVGCIOuPkq4wyHc2Q7B+q2UspCC2q3X30+rJHvv/2wDLVQL9IcMeYHqWMwbCigzdtC6n4 X-Gm-Message-State: AOJu0YxUqmnE+AWDN5vWFmMu4PlwySarSBhB8VQ1jFfPMhI5JUpbF7BK qQG7XlGkgyfmFR4OCNmEd4AMzEbSRCIJQr4Zpr3gtH6cZJ9kbTCI X-Google-Smtp-Source: AGHT+IGaEg0PhKS0A9AMwb/VU/f6TQqcUWcOa4n711R84W6jgZkn8R6uF/Kh4gtTzTrLA+tbBYa+OA== X-Received: by 2002:a5d:494f:0:b0:34d:8d11:f8c0 with SMTP id ffacd0b85a97d-354d806e84fmr1342874f8f.18.1716373296118; Wed, 22 May 2024 03:21:36 -0700 (PDT) Received: from ip-10-97-1-34.eu-west-3.compute.internal (ec2-15-236-134-5.eu-west-3.compute.amazonaws.com. [15.236.134.5]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3502b8a77f8sm33776598f8f.54.2024.05.22.03.21.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 May 2024 03:21:35 -0700 (PDT) Date: Wed, 22 May 2024 10:21:34 +0000 From: Bertrand Drouvot To: Robert Haas Cc: Michael Paquier , Alexander Lakhin , pgsql-hackers@lists.postgresql.org Subject: Re: Avoid orphaned objects dependencies, take 3 Message-ID: References: <62310067-6dc4-97ab-6724-7d3602b5056d@gmail.com> <403075e1-4d60-09e2-a06a-749cd9d88f66@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Hi, On Tue, May 21, 2024 at 08:53:06AM -0400, Robert Haas wrote: > On Wed, May 15, 2024 at 6:31 AM Bertrand Drouvot > wrote: > > Please find attached v6 (only diff with v5 is moving the tests as suggested > > above). > > I don't immediately know what to think about this patch. Thanks for looking at it! > I've known about this issue for a long time, but I didn't think this was how we > would fix it. I started initially with [1] but it was focusing on function-schema only. Then I proposed [2] making use of a dirty snapshot when recording the dependency. But this approach appeared to be "scary" and it was still failing to close some race conditions. Then, Tom proposed another approach in [2] which is that "creation DDL will have to take a lock on each referenced object that'd conflict with a lock taken by DROP". This is the one the current patch is trying to implement. > What you've done here instead is add locking at a much > lower level - whenever we are adding a dependency on an object, we > lock the object. The advantage of that approach is that we definitely > won't miss anything. Right, as there is much more than the ones related to schemas, for example: - function and arg type - function and return type - function and function - domain and domain - table and type - server and foreign data wrapper to name a few. > The disadvantage of that approach is that it > means we have some very low-level code taking locks, which means it's > not obvious which operations are taking what locks. Right, but the new operations are "only" the ones leading to recording or altering a dependency. > Maybe it could > even result in some redundancy, like the higher-level code taking a > lock also (possibly in a different mode) and then this code taking > another one. The one that is added here is in AccessShareLock mode. It could conflict with the ones in AccessExclusiveLock means (If I'm not missing any): - AcquireDeletionLock(): which is exactly what we want - get_object_address() - get_object_address_rv() - ExecAlterObjectDependsStmt() - ExecRenameStmt() - ExecAlterObjectDependsStmt() - ExecAlterOwnerStmt() - RemoveObjects() - AlterPublication() I think there is 2 cases here: First case: the "conflicting" lock mode is for one of our own lock then LockCheckConflicts() would report this as a NON conflict. Second case: the "conflicting" lock mode is NOT for one of our own lock then LockCheckConflicts() would report a conflict. But I've the feeling that the existing code would already lock those sessions. One example where it would be the case: Session 1: doing "BEGIN; ALTER FUNCTION noschemas.foo2() SET SCHEMA alterschema" would acquire the lock in AccessExclusiveLock during ExecAlterObjectSchemaStmt()->get_object_address()->LockDatabaseObject() (in the existing code and before the new call that would occur through changeDependencyFor()->depLockAndCheckObject() with the patch in place). Then, session 2: doing "alter function noschemas.foo2() owner to newrole;" would be locked in the existing code while doing ExecAlterOwnerStmt()->get_object_address()->LockDatabaseObject()). Means that in this example, the new lock this patch is introducing would not be responsible of session 2 beging locked. Was your concern about "First case" or "Second case" or both? [1]: https://www.postgresql.org/message-id/flat/5a9daaae-5538-b209-6279-e903c3ea2157%40amazon.com [2]: https://www.postgresql.org/message-id/flat/8369ff70-0e31-f194-2954-787f4d9e21dd%40amazon.com Regards, -- Bertrand Drouvot PostgreSQL Contributors Team RDS Open Source Databases Amazon Web Services: https://aws.amazon.com