Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal - Mailing list pgsql-hackers

From Nathan Bossart
Subject Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal
Date
Msg-id ZpVushkGx0_nYIip@nathan
Whole thread Raw
In response to Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal
Re: Add a GUC check hook to ensure summarize_wal cannot be enabled when wal_level is minimal
List pgsql-hackers
On Mon, Jul 15, 2024 at 02:30:42PM -0400, Robert Haas wrote:
> On Sun, Jul 14, 2024 at 10:56 PM Fujii Masao
> <masao.fujii@oss.nttdata.com> wrote:
>> I don't think it's a rare scenario since summarize_wal can be enabled
>> after starting the server with wal_level=minimal. Therefore, I believe
>> such a configuration should be prohibited using a GUC check hook,
>> as my patch does.
> 
> I guess I'm in the group of people who doesn't understand how this can
> possibly work. There's no guarantee about the order in which GUC check
> hooks are called, so you don't know if the value of the other variable
> has already been set to the final value or not, which seems like a
> fatal problem even if the code happens to work correctly as of today.
> Even if you have such a guarantee, you can't prohibit a configuration
> change at pg_ctl reload time: the server can refuse to start in case
> of an invalid configuration, but a running server can't decide to shut
> down or stop working at reload time.

My understanding is that the correctness of this GUC check hook depends on
wal_level being a PGC_POSTMASTER GUC.  The check hook would always return
true during startup, and there'd be an additional cross-check in
PostmasterMain() that would fail startup if necessary.  After that point,
we know that wal_level cannot change, so the GUC check hook for
summarize_wal can depend on wal_level.  If it fails, my expectation would
be that the server would just ignore that change and continue.

-- 
nathan



pgsql-hackers by date:

Previous
From: Peter Geoghegan
Date:
Subject: Re: Adding skip scan (including MDAM style range skip scan) to nbtree
Next
From: Julien Tachoires
Date:
Subject: Re: Compress ReorderBuffer spill files using LZ4