I was surprised that this Jepsen report has never been discussed here before, but it really captures just how problematic the history of 'safe' database isolation levels has been. Some excerpts:<p><i>> For the last nine years, PostgreSQL’s “serializable” mode has justifiably claimed to offer serializability.</i><p><i>> [but] PostgreSQL’s “serializable” isolation level isn’t serializable: it allows G2-item during normal operation</i><p><i>> [...] These cycles are precisely what PostgreSQL’s SSI implementation is meant to prevent!</i><p><i>> This code has gone essentially untouched since the introduction of serializable snapshot isolation in 2011.</i><p>Making things appear to be serializable is really hard.