From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Greg Stark <stark(at)mit(dot)edu>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se> |
Subject: | Re: Online enabling of checksums |
Date: | 2018-03-03 12:38:40 |
Message-ID: | CA+TgmoaqaBoxRUEzXk904QAGzvw5DVKEkGo-nSutvgq9FbP4fg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sat, Mar 3, 2018 at 7:32 AM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Fri, Mar 2, 2018 at 6:26 PM, Tomas Vondra
> <tomas(dot)vondra(at)2ndquadrant(dot)com> wrote:
>> Hmmm, OK. So we need to have a valid checksum on a page, disable
>> checksums, set some hint bits on the page (which won't be WAL-logged),
>> enable checksums again and still get a valid checksum even with the new
>> hint bits? That's possible, albeit unlikely.
>
> No, the problem is if - as is much more likely - the checksum is not
> still valid.
Hmm, on second thought ... maybe I didn't think this through carefully
enough. If the checksum matches on the master by chance, and the page
is the same on the standby, then we're fine, right? It's a weird
accident, but nothing is actually broken. The failure scenario is
where the standby has a version of the page with a bad checksum, but
the master has a good checksum. So for example: checksums disabled,
master modifies the page (which is replicated), master sets some hint
bits (coincidentally making the checksum match), now we try to turn
checksums on and don't re-replicate the page because the checksum
already looks correct.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2018-03-03 13:08:21 | idea - custom menu |
Previous Message | Shinoda, Noriyoshi | 2018-03-03 12:35:14 | [WIP] Document update for Logical Replication security |