| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Noah Misch <noah(at)leadboat(dot)com> |
| Cc: | Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Fail hard if xlogreader.c fails on out-of-memory |
| Date: | 2023-09-28 00:36:37 |
| Message-ID: | ZRTKlS0nSrynNgBu@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Sep 26, 2023 at 06:28:30PM -0700, Noah Misch wrote:
> On Wed, Sep 27, 2023 at 11:06:37AM +1300, Thomas Munro wrote:
>> What Michael wants to do now is remove the 2004-era assumption that
>> malloc failure implies bogus data. It must be pretty unlikely in a 64
>> bit world with overcommitted virtual memory, but a legitimate
>> xl_tot_len can falsely end recovery and lose data, as reported from a
>> production case analysed by his colleagues. In other words, we can
>> actually distinguish between lack of resources and recycled bogus
>> data, so why treat them the same?
>
> Indeed. Hard failure is fine, and ENOMEM=end-of-WAL definitely isn't.
Are there any more comments and/or suggestions here?
If none, I propose to apply the patch to switch to palloc() instead of
palloc_extended(NO_OOM) in this code around the beginning of next
week, down to 12.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Melanie Plageman | 2023-09-28 00:42:05 | Re: Eager page freeze criteria clarification |
| Previous Message | Karl O. Pinc | 2023-09-28 00:30:36 | Re: [PGdocs] fix description for handling pf non-ASCII characters |