On Fri, Jun 26, 2020 at 5:59 AM Michael Paquier <mich...@paquier.xyz> wrote: > Any operation working on on-disk relation blocks needs to have a > consistent state, and a clean shutdown gives this guarantee thanks to > the shutdown checkpoint (see also pg_rewind). There are two states in > the control file, shutdown for a primary and shutdown while in > recovery to cover that. So if you stop the server cleanly but fail to > see a proper state with pg_checksums, it seems to me that the proposed > patch does not handle correctly the state of the cluster in the > control file at shutdown. That's not good.
I think it is actually very good. If a feature that supposedly prevents writing WAL permitted a shutdown checkpoint to be written, it would be failing to accomplish its design goal. There is not much of a use case for a feature that stops WAL from being written except when it doesn't. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
