Participants
Jeff Davis
Jeff Davis
Tom Lane
Tom Lane
Bruce Momjian
Bruce Momjian
Attachments
Show all attachments
Thread Outline
#1Jeff DavisJeff Davis
Feb 10, 2011
#2Tom LaneTom Laneto Jeff Davis (#1)
Feb 10, 2011
#3Jeff DavisJeff Davisto Tom Lane (#2)
Feb 10, 2011
#4Bruce MomjianBruce Momjianto Jeff Davis (#3)
Feb 16, 2011

possible bug: orphaned files left after immediate shutdown during DDL

Started by Jeff Davisabout 15 years ago4 messagesbugs
Jump to latest
#1Jeff Davis
Jeff Davis
pgsql@j-davis.com

Case:

BEGIN;
CREATE TABLE foo AS SELECT generate_series(1,1000);
CHECKPOINT;
SELECT relfilenode FROM pg_class WHERE relname='foo';

Let's say that returns 23456. Send the postmaster a SIGQUIT (immediate
shutdown), and then restart. The file 23456 is still in the filesystem,
but there's no record in pg_class for it. I don't see any obvious path
where it will be removed, so it looks like it will just stay there
forever.

My question is: is this a conscious decision to be paranoid during
recovery, or is this a bug? Or is there some reason that properly
determining which files should be removed at recovery time is
challenging?

Regards,
Jeff Davis

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Jeff Davis (#1)
Re: possible bug: orphaned files left after immediate shutdown during DDL

Jeff Davis <pgsql@j-davis.com> writes:

Case:

BEGIN;
CREATE TABLE foo AS SELECT generate_series(1,1000);
CHECKPOINT;
SELECT relfilenode FROM pg_class WHERE relname='foo';

Let's say that returns 23456. Send the postmaster a SIGQUIT (immediate
shutdown), and then restart. The file 23456 is still in the filesystem,
but there's no record in pg_class for it. I don't see any obvious path
where it will be removed, so it looks like it will just stay there
forever.

My question is: is this a conscious decision to be paranoid during
recovery, or is this a bug?

It's intentional ... not that other people haven't complained about it
before. Remember that what you have done is forced a crash, and
recovery from it is crash recovery. If we proactively removed such
files we would very possibly be destroying evidence of forensic value.

IMO, immediate shutdown is not a tool to be used at random, and this
isn't something we need to fix.

regards, tom lane

#3Jeff Davis
Jeff Davis
pgsql@j-davis.com
In reply to: Tom Lane (#2)
Re: possible bug: orphaned files left after immediate shutdown during DDL

On Wed, 2011-02-09 at 22:58 -0500, Tom Lane wrote:

It's intentional ... not that other people haven't complained about it
before. Remember that what you have done is forced a crash, and
recovery from it is crash recovery. If we proactively removed such
files we would very possibly be destroying evidence of forensic value.

I thought that might be the case, but I wasn't able to find any previous
discussions.

It might be a good idea to issue a warning during recovery, however,
like "possible orphaned file ...". I'm not sure if it's worth the
bookkeeping effort though.

Regards,
Jeff Davis

#4Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Jeff Davis (#3)
Re: possible bug: orphaned files left after immediate shutdown during DDL

Jeff Davis wrote:

On Wed, 2011-02-09 at 22:58 -0500, Tom Lane wrote:

It's intentional ... not that other people haven't complained about it
before. Remember that what you have done is forced a crash, and
recovery from it is crash recovery. If we proactively removed such
files we would very possibly be destroying evidence of forensic value.

I thought that might be the case, but I wasn't able to find any previous
discussions.

It might be a good idea to issue a warning during recovery, however,
like "possible orphaned file ...". I'm not sure if it's worth the
bookkeeping effort though.

I thought we had a TODO item about removing orphaned files, but I don't
see it now, perhaps because I thought we had fixed that.

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ It's impossible for everything to be true. +

← Back to Topics