| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Potential data loss of 2PC files |
| Date: | 2016-12-22 01:30:48 |
| Message-ID: | CAB7nPqS6QyFT=2Nh7EbG-LiQzfoiHZcp37SihS8ifPiMhFK3ew@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
2PC files are created using RecreateTwoPhaseFile() in two places currently:
- at replay on a XLOG_XACT_PREPARE record.
- At checkpoint with CheckPointTwoPhase().
Now RecreateTwoPhaseFile() is careful to call pg_fsync() to be sure
that the 2PC files find their way into disk. But one piece is missing:
the parent directory pg_twophase is not fsync'd. At replay this is
more sensitive if there is a PREPARE record followed by a checkpoint
record. If there is a power failure after the checkpoint completes
there is a risk to lose 2PC status files here.
It seems to me that we really should have CheckPointTwoPhase() call
fsync() on pg_twophase to be sure that no files are lost here. There
is no point to do this operation in RecreateTwoPhaseFile() as if there
are many 2PC transactions to replay performance would be impacted, and
we don't care about the durability of those files until a checkpoint
moves the redo pointer. I have drafted the patch attached to address
this issue.
I am adding that as well to the next CF for consideration.
Thoughts?
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| 2pc-loss.patch | application/x-download | 841 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2016-12-22 01:55:06 | Re: [PATCH] Transaction traceability - txid_status(bigint) |
| Previous Message | Joe Conway | 2016-12-22 01:06:23 | Re: Getting rid of "unknown error" in dblink and postgres_fdw |