On Thu, Aug 28, 2008 at 7:16 PM, <david@xxxxxxx> wrote: > the ACID guarantees that postgres is making are supposed to mean that even > if the machine dies, the CPU goes up in smoke, etc, the transactions that > are completed will not be corrupted. And if any of those things happens, the machine will shut down and you'll be safe. > if killing the process voids all the ACID protection then something is > seriously wrong. No, your understanding of what postgresql can expect to have happen to it are wrong. You'll lose data integrity if: If a CPU starts creating bad output that gets written to disk, your RAID controller starts writing garbage to disk, your memory has bad bits and you don't have ECC, Some program hijacks a postgres process and starts writing random bits in the code, some program comes along and kills the postmaster, which coordinates all the backends, and corrupts shared data in the process. > it may loose transactions that are in flight, but it should not corrupt the > database. That's true for anything that just stops the machine or all the postgresql processes dead. It's not true for a machine that is misbehaving. And any server that randomly kills processes is misbehaving.
