Simon Riggs wrote: > I would much prefer: > > * VACUUMs seeing these errors would perform as with zero_damaged_pages. > * other backends seeing those errors should just ERROR out. > > We can do this by having a new function: boolean PageIsValid() which > performs the sanity checks. This can then be executed by > heap_page_prune() prior to entering the critical section. That will then > be called correctly by both VACUUM and other code. VACUUM can then > optionally zero out the block, as is done with PageHeaderIsValid().
I tend to hate automatic zeroing of pages because there's no way to get the contents later for forensics. I would support your proposal if we had a way of saving the block elsewhere before zeroing it (say create a directory corrupted+zeroed similar to lost+found in the database dir and save it annotated with the OID of the table and the block number). The main problem I see with this is that if you don't immediately act to examine the data, some of the pg_clog files that you need to be able to read these files may be gone. -- Alvaro Herrera http://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers