docs: durable-execution feasibility study#259
Draft
NikolayS wants to merge 10 commits into
Draft
Conversation
Evaluate whether PgQue should extend into a durable-workflow engine (DBOS/absurd-style) on Postgres, and the adoption odds if so. Synthesizes deep research on DBOS, absurd, Temporal, Restate, Rivet, and Gadget Silo, grounded against SPECx 2.3 positioning and the PgQ engine constraints. Key finding: the durable layer needs SKIP-LOCKED claim/lease semantics, a second concurrency model beside PgQ rotation, so the zero-bloat differentiator does not transfer. Recommends a thin transactional-durable-enqueue + experimental checkpointed-steps path rather than a head-on Temporal/DBOS competitor.
Earlier draft concluded the zero-bloat differentiator does not transfer to a workflow layer, assuming a mutable workflow_status row updated per step (the DBOS/absurd strategy). That was wrong. Model workflow state transitions as appended events over the rotating log (continuation-passing): each step enqueues its successor instead of mutating a row. Transitions become appends, not UPDATEs, so zero-bloat carries through. Exactly-once handoff falls out of insert_event + finish_batch in one transaction; sleep/timers use the rotating send_at from PR #237; exclusivity is structural via cooperative consumers; the only mutable state is a current-state projection bounded by concurrency. Verdict flips from 'do not compete' to 'compete on a substrate SKIP-LOCKED systems cannot match for high-throughput durable workflows'. Remaining real risk: awaitEvent/join semantics.
Event-sourced durable-execution layer authored with samospec (all-Claude panel). Ships SPEC.md, self-contained HTML brief (BRIEF.html/index.html), and auxiliary artifacts under blueprints/workflows/. .nojekyll added for GitHub Pages.
Map the durable-workflow design to pgque's real primitives and verify the keystone against sql/pgque.sql: insert_event + finish_batch compose atomically in the caller transaction (exactly-once handoff), finish_batch is one subscription UPDATE per batch (amortization), ev_extra1..4 are settable+indexable (workflow_id lookup). Flags the retry_queue DELETE-bloat constraint (route sleeps through rotating send_at, PR #237), gives the new coordination DDL, concrete awaitEvent/emit + join SQL, a bloat audit, and the pgque gaps to close (promote send_at, ev_extra1 index, durable.sql).
NikolayS
commented
Jun 7, 2026
Owner
Author
NikolayS
left a comment
NikolayS
left a comment
There was a problem hiding this comment.
REV for PR #259 (docs: durable-execution feasibility study)
Verdict: do not merge this as public blueprint yet. It is docs-only, but a few claims are still stronger than the evidence and one generated artifact leaked into the markdown.
Findings:
-
Blocking — benchmark result now contradicts the acceptance/kill criteria and headline.
blueprints/workflows/HOT_PATH_BENCHMARK.md:127defines viability as workload B having materially better throughput than A, andblueprints/workflows/HOT_PATH_BENCHMARK.md:144says to stop if B does not clearly beat A on dead-tuple growth and sustained throughput.blueprints/DURABLE_EXECUTION_FEASIBILITY.md:300still says “zero-bloat at high step-throughput” andblueprints/DURABLE_EXECUTION_FEASIBILITY.md:304says a million agent iterations leave zero dead tuples and “append+rotate structurally beats update+vacuum.”- But the 2026-06-06 1M-transition hot-path run against this PR branch showed: A mutable baseline 186,770 tps / ~815k dead tuples; B PgQue continuation 52,310 tps / 0 event-table dead tuples / ~2k subscription dead tuples. So the tuple-churn claim survives, but the throughput-win claim does not. Before merge, update the docs to say exactly that, or keep the PR draft until a revised benchmark proves a throughput claim. As written, it invites us to publish the part that benchmark just failed.
-
Medium — stale feasibility framing conflicts with SPEC v0.6’s “hypothesis, not promise” posture.
blueprints/DURABLE_EXECUTION_FEASIBILITY.md:326still has the older “up to a few thousand workflow transitions/sec per database; concede hyperscale to Temporal” framing, whileblueprints/workflows/SPEC.md:517says throughput is a benchmark hypothesis andblueprints/workflows/SPEC.md:526says v0.6 downgraded asserted throughput claims.- Pick one posture. My vote: remove the numeric ceiling and the “concede to Temporal” sentence entirely until benchmark data is in the repo, then frame measured numbers with workload/hardware caveats.
-
Low — generated wrapper leaked into a markdown file.
blueprints/workflows/IMPLEMENTATION_RESEARCH.md:292contains a literal</content>line. That should not ship.
Notes:
git diff --check origin/main...HEADis clean.BRIEF.htmlandindex.htmlare byte-identical.- The core spec is much better than the earlier draft: it now scopes exactly-once to handoff, calls throughput a hypothesis, handles
pg_durable, and has the right caution around await/join-heavy dead tuples. The stale/overconfident bits are mostly in the feasibility and benchmark wrapper docs. - GitHub Pages is still not serving this brief (
pgque.dev/blueprints/workflows/returns 404), so nothing is publicly published from the PR branch yet.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Refreshes the durable-execution feasibility draft and workflow spec after review of Microsoft
pg_durableand after checking PR #259 for internal mismatches.What changed
pg_durableas fresh prior art and records the product boundary: workflow durability in Postgres, workflow code in app repositories.blueprints/workflows/HOT_PATH_BENCHMARK.md, the first gate for the batching question: compare mutableworkflow_statusupdates vs PgQue continuation events, plus dedup andwf_livevariants.workflow_idcapability model: raw ids exist in protected hot queue rows /ev_extra1; lower-trust audit, DLQ, metrics, and error/export surfaces must hash or truncate.Why
The old PR body and generated spec bundle contradicted the revised feasibility doc, and the draft predated
pg_durable, which is now the most relevant fresh prior art for Postgres-native durable execution.The new hot-path benchmark doc exists because the whole workflow idea lives or dies on one narrow claim: N workflow step-events in one PgQue batch should append N successors and advance the subscription once, without recreating per-workflow update churn.
Verification
Documentation only.
git diff --checkrgscan for stale active claims / architecture placeholderCurrent status
Keep as draft. The feasibility doc is useful now; the next real gate is the hot-path benchmark/prototype, not merging a claim.