Hi, On 2016-05-02 10:07:50 -0400, Robert Haas wrote: > I also think that it would be a swell idea to detect whether a system > has ever crashed with fsync=off, and do something about that, like > maybe bleat on every subsequent startup for the lifetime of the > cluster. I think Andres may have even proposed a patch for this sort > of thing before, although I don't remember for sure and I think he and > I disagreed on the details. Sketch:
Hm, I can't remember doing that. > - Keep a copy of the fsync status in pg_control. > - If we ever enter recovery while it's turned off, say: > WARNING: Entering recovery with fsync=off; this cluster may be > irretrievably corrupted. > ...and also set a separate flag indicating that we've done at least > one recovery with fsync=off. > - If that flag is set on a subsequent startup, say: > WARNING: Recovery was previously performed with fsync=off; this > cluster may be irretrievably corrupted. Well, the problem with that is that postgres crashes are actually harmless with regard to fsync=on/off. It's just OS crashes that are a problem. So it seems quite likely that the false-positive rate here would be high enough, to make people ignore it. Andres -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
