Tomas Vondra <tomas.von...@enterprisedb.com> writes:
> Why should it be OK for the subscriber to confirm a flush LSN and then
> later take that back and report a lower LSN? Seems somewhat against my
> understanding of what "flush LSN" means.
> The commit message explains this happens when the subscriber does not
> need to do anything for - but then why shouldn't it just report the
> prior LSN, in such cases?
Yeah, I was wondering about that too when I saw the commit go by.
> I haven't looked into the details, but my concern is this removes an
> useful assert, protecting us against certain type of bugs. And now we'll
> just happily ignore them. Is that a good idea?
If we think this is a real protection, then it shouldn't be an Assert
anyway, because it will not protect production systems that way.
It needs to be regular test-and-elog. Or maybe test-and-ignore-the-
bogus-value? If you want to take this seriously then you need to
define a recovery procedure after the problem is detected.
regards, tom lane
