Robert Haas <robertmhaas@gmail.com> writes:
> ... To go back to recovery rather than just to a read-only
> state, I think you'd need to grapple with some additional issues that
> patch doesn't touch, like some of the snapshot-taking stuff, but I
> think you still need to solve all of the problems that it does deal
> with, unless you're OK with killing every session.
It seems like this is the core decision that needs to be taken. If
we're willing to have these state transitions include a server restart,
then many things get simpler. If we're not, it's gonna cost us in
code complexity and hence bugs. Maybe the usability gain is worth it,
or maybe not.
I think it would probably be worth the trouble to pursue both designs in
parallel for awhile, so we can get a better handle on exactly how much
complexity we're buying into with the more ambitious definition.
regards, tom lane
