Re: [PATCHES] wal_checksum = on (default) | off

On Thu, 2007-01-04 at 11:09 -0500, Tom Lane wrote:
> "Simon Riggs" <simon@2ndquadrant.com> writes:
> > On Thu, 2007-01-04 at 10:00 -0500, Tom Lane wrote:
> >> "Simon Riggs" <simon@2ndquadrant.com> writes:
> >>> Recovery can occur with/without same setting of wal_checksum, to avoid
> >>> complications from crashes immediately after turning GUC on.
> >>
> >> Surely not.  Otherwise even the "on" setting is not really a defense.
>
> > Only when the CRC is exactly zero, which happens very very rarely.
>
> "It works most of the time" doesn't exactly satisfy me.  What's the
> use-case for changing the variable on the fly anyway?  Seems a better
> solution is just to lock down the setting at postmaster start.

That would prevent us from using the secondary checkpoint location, in
the case of a crash effecting the primary checkpoint when it is a
shutdown checkpoint where we changed the setting of wal_checksum. It
seemed safer to allow a very rare error through to the next level of
error checking rather than to close the door so tight that recovery
would not be possible in a very rare case.

If your're good with server start, so am I.

--
  Simon Riggs
  EnterpriseDB   http://www.enterprisedb.com