On 2016-05-18 18:25:39 -0400, Tom Lane wrote:
> Josh berkus <[email protected]> writes:
> > Maybe this is the wrong perspective. I mean, is there a reason we even
> > need this option, other than a lack of any other way to do a full table
> > scan to check for corruption, etc.? If we're only doing this for
> > integrity checking, then maybe it's better if it becomes a function,
> > which could be later extended with additional forensic features?
>
> Yes, I've been wondering that too. VACUUM is not meant as a corruption
> checker, and should not be made into one, so what is the point of this
> flag exactly?
Well, so far a VACUUM FREEZE (or just setting vacuum_freeze_table_age =
0) verified the correctness of the visibility map; and that found a
number of bugs. Now visibilitymap grew additional responsibilities,
with a noticeable risk of data eating bugs, and there's no way to verify
whether visibilitymap's frozen bits are set correctly.
> (AFAIK, "select count(*) from table" would offer a similar amount of
> sanity checking as a full-table VACUUM scan does, so it's not like
> we've removed functionality with no near-term replacement.)
I don't think that'd do anything comparable to
/*
* As of PostgreSQL 9.2, the visibility map bit should never be
set if
* the page-level bit is clear. However, it's possible that
the bit
* got cleared after we checked it and before we took the buffer
* content lock, so we must recheck before jumping to the
conclusion
* that something bad has happened.
*/
else if (all_visible_according_to_vm && !PageIsAllVisible(page)
&& VM_ALL_VISIBLE(onerel, blkno, &vmbuffer))
{
elog(WARNING, "page is not marked all-visible but
visibility map bit is set in relation \"%s\" page %u",
relname, blkno);
visibilitymap_clear(onerel, blkno, vmbuffer);
}
If we had a checking module for all this it'd possibly be sufficient,
but we don't.
Greetings,
Andres Freund
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
