On 12/20/16 2:54 AM, Michael Paquier wrote: > On Sat, Dec 17, 2016 at 9:23 PM, Magnus Hagander <mag...@hagander.net> wrote: >> On Fri, Dec 16, 2016 at 7:08 AM, Michael Paquier <michael.paqu...@gmail.com> >> wrote: >>> Looking at PrescanPreparedTransactions(), I am thinking as well that it >>> would >>> be better to get a hard failure when bumping on a corrupted 2PC file. >>> Future >>> files are one thing, but corrupted files should be treated more carefully. >> >> >> Again without looking at it, I agree (so much easier that way :P). Ignoring >> corruption is generally a bad idea. Failing hard makes the user notice the >> error, and makes it possible to initiate recovery from a standby or from >> backups or something, or to *intentionally* remove/clear/ignore it. > > And I am finishing with the two patches attached: > - 0001 changes the 2PC checks so as corrupted entries are FATAL. > PreScanPreparedTransaction is used when a hot standby is initialized. > In this case a failure protects the range of XIDs generated, > potentially saving from corruption of data. At the end of recovery, > this is done before any on-disk actions are taken. > - 0002 is the thing that Heikki has sent previously to minimize the > window between end-of-recovery record write and timeline history file > archiving. > > I am attaching that to next CF.
This patch still applies cleanly and compiles at cccbdde. Any idea when you'll have a chance to review? -- -David da...@pgmasters.net -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
