From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Pre-page images in WAL |
Date: | 2001-11-27 06:52:01 |
Message-ID: | 17977.1006843921@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> I was wondering if we should disable the writing of pre-page images into
> WAL if the user has turned off fsync?
I'm worried about what vulnerabilities that would create.
Historically we've always defined "fsync off" to mean "I trust my
kernel, hardware, and power supply ... but not necessarily Postgres
itself". In a Postgres crash, even with fsync off, you are not supposed
to lose any committed transactions, so long as the kernel and hardware
stay up.
In the brave new world of WAL, Postgres does not flush dirty buffers to
disk at transaction commit, relying on WAL to clean up if a database or
system failure occurs. If we don't log page images to WAL then I think
there's a hole here wherein a Postgres crash can lose data even though
no failure of the surrounding OS occurs. Maybe it's safe, but I'm not
convinced.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2001-11-27 06:53:52 | Re: Pre-page images in WAL |
Previous Message | Philip Warner | 2001-11-27 04:38:55 | Re: 7.2 stuff |