| From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Fujii Masao <masao(dot)fujii(at)oss(dot)nttdata(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal |
| Date: | 2024-07-15 19:14:06 |
| Message-ID: | ZpV0_gkCyGYooEZD@nathan |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Jul 15, 2024 at 01:47:14PM -0500, Nathan Bossart wrote:
> On Mon, Jul 15, 2024 at 02:30:42PM -0400, Robert Haas wrote:
>> I guess I'm in the group of people who doesn't understand how this can
>> possibly work. There's no guarantee about the order in which GUC check
>> hooks are called, so you don't know if the value of the other variable
>> has already been set to the final value or not, which seems like a
>> fatal problem even if the code happens to work correctly as of today.
>> Even if you have such a guarantee, you can't prohibit a configuration
>> change at pg_ctl reload time: the server can refuse to start in case
>> of an invalid configuration, but a running server can't decide to shut
>> down or stop working at reload time.
>
> My understanding is that the correctness of this GUC check hook depends on
> wal_level being a PGC_POSTMASTER GUC. The check hook would always return
> true during startup, and there'd be an additional cross-check in
> PostmasterMain() that would fail startup if necessary. After that point,
> we know that wal_level cannot change, so the GUC check hook for
> summarize_wal can depend on wal_level. If it fails, my expectation would
> be that the server would just ignore that change and continue.
I should also note that since wal_level defaults to "replica", I don't
think we even need any extra "always return true on startup" logic. If
wal_level is set prior to summarize_wal, the check hook will fail startup
as needed. If summarize_wal is set first, the check hook will return true,
and we'll fall back on the PostmasterMain() check (that already exists).
In short, the original patch [0] seems like it should work in this
particular scenario, barring some corner case I haven't discovered. That
being said, it's admittedly fragile and probably not a great precedent to
set. I've been thinking about some ideas for more generic GUC dependency
tooling, but I don't have anything to share yet.
--
nathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2024-07-15 19:15:44 | Re: [PATCH v1] Fix parsing of a complex type that has an array of complex types |
| Previous Message | Julien Tachoires | 2024-07-15 18:50:56 | Re: Compress ReorderBuffer spill files using LZ4 |