On Thu, 2007-12-13 at 16:41 -0500, Tom Lane wrote:
> Recovery is inherently one of the least-exercised parts of the system,
> and it gets more so with each robustness improvement we make elsewhere.
> Moreover, because it is fairly dumb, anything that does go wrong will
> likely result in silent data corruption that may not be noted until much
> later. Any bugs we introduce into recovery will be very hard to find
> ... and timing-dependent ones will be damn near impossible.
>
> So in my mind the watchword has got to be KISS. If that means that
> recovery isn't terribly speedy, so be it. I'd far rather get the
> right answer slower.
Very much agreed, and really the real reason the main recovery code is
essentially untouched for so long. That thought was #1 priority when
writing PITR. Thanks for reminding me/us.
-- Simon Riggs 2ndQuadrant http://www.2ndQuadrant.com