On Tue, Sep 26, 2023 at 06:28:30PM -0700, Noah Misch wrote: > On Wed, Sep 27, 2023 at 11:06:37AM +1300, Thomas Munro wrote: >> What Michael wants to do now is remove the 2004-era assumption that >> malloc failure implies bogus data. It must be pretty unlikely in a 64 >> bit world with overcommitted virtual memory, but a legitimate >> xl_tot_len can falsely end recovery and lose data, as reported from a >> production case analysed by his colleagues. In other words, we can >> actually distinguish between lack of resources and recycled bogus >> data, so why treat them the same? > > Indeed. Hard failure is fine, and ENOMEM=end-of-WAL definitely isn't.
Are there any more comments and/or suggestions here? If none, I propose to apply the patch to switch to palloc() instead of palloc_extended(NO_OOM) in this code around the beginning of next week, down to 12. -- Michael
signature.asc
Description: PGP signature
