Claudio Natoli <[EMAIL PROTECTED]> writes: > Actually, if I was going to argue anything, I'd say that if a backend goes > nuts and zeroes the whole shmem segment you've probably some bigger things > to worry about (Aside: Would postgres actually recover from such an > occurence? BTW, I'd be pretty impressed if it did, but not all that > surprised ;-).
It should, although there are limits (for instance, if someone is actively writing out a page of WAL at the same time the bogus backend comes by and zeroes that buffer, you might lose WAL entries for already-committed transactions, which would be unhappy-making). As a developer, though, I crash backends all the time, and I can say that this mechanism is indeed pretty robust. The postmaster never goes down (what, never? well, hardly ever) and it's *extremely* seldom that a crash results in on-disk corruption, because the postmaster generally manages to kill the other backends before any corruption in shared memory gets propagated to disk. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster