How TLA+ Caught a Silent Data Divergence Bug in Postgres’s pg_rewind
· 25 min read
Engineer, Multigres
Multigres is Supabase's high-availability and horizontal scaling project for Postgres. The Multigres team at Supabase used [TLA+][TLAPlus] to model Postgres streaming replication and found a silent data-loss bug in [pg_rewind][pg_rewind]. Here's what we found and how we fixed it.