Bruce Momjian <pgman@candle.pha.pa.us> writes:
>> Think harder: we are only safe if the first write to a given page after
>> it's mis-copied by the archiver is a full page write. The requirement
>> therefore continues after pg_stop_backup. Unless you want to add
>> infrastructure to keep track for *every page* in the DB of whether it's
>> been fully written since the last backup?
> I am confused. Since we checkpoint during pg_start_backup(), isn't any
> write to a file while the tar backup is going on going to be a full page
> write? And once we pg_stop_backup(), do we need full page writes?
Hm. The case I was concerned about was where a page is never written
to while the backup occurs (thus not triggering any full-page WAL
entry), and then the first post-backup write is partial. However, if
the backup is guaranteed to have captured a non-torn copy of such a page
then there shouldn't be any problem. So if we consider the initial
checkpoint to be a *required part* of pg_start_backup (right now it is
not) then maybe we can get away with this. It needs more eyeballs on it
though ... after having been burnt once by full_page_writes, I'm pretty
shy ...
regards, tom lane