diff options
| author | Tomas Vondra <tomas.vondra@postgresql.org> | 2021-03-18 16:05:03 +0100 |
|---|---|---|
| committer | Tomas Vondra <tomas.vondra@postgresql.org> | 2021-03-18 17:38:28 +0100 |
| commit | cd91de0d17952b5763466cfa663e98318f26d357 (patch) | |
| tree | d0e543e40dc62b32ccf4cbb34cbe3bb77f2ba78d /src/backend/storage/file/fd.c | |
| parent | da18d829c28197efb04805a43f129f62650e50c8 (diff) | |
| download | postgresql-cd91de0d17952b5763466cfa663e98318f26d357.tar.gz postgresql-cd91de0d17952b5763466cfa663e98318f26d357.zip | |
Remove temporary files after backend crash
After a crash of a backend using temporary files, the files used to be
left behind, on the basis that it might be useful for debugging. But we
don't have any reports of anyone actually doing that, and it means the
disk usage may grow over time due to repeated backend failures (possibly
even hitting ENOSPC). So this behavior is a bit unfortunate, and fixing
it required either manual cleanup (deleting files, which is error-prone)
or restart of the instance (i.e. service disruption).
This implements automatic cleanup of temporary files, controled by a new
GUC remove_temp_files_after_crash. By default the files are removed, but
it can be disabled to restore the old behavior if needed.
Author: Euler Taveira
Reviewed-by: Tomas Vondra, Michael Paquier, Anastasia Lubennikova, Thomas Munro
Discussion: https://postgr.es/m/CAH503wDKdYzyq7U-QJqGn%3DGm6XmoK%2B6_6xTJ-Yn5WSvoHLY1Ww%40mail.gmail.com
Diffstat (limited to 'src/backend/storage/file/fd.c')
| -rw-r--r-- | src/backend/storage/file/fd.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/src/backend/storage/file/fd.c b/src/backend/storage/file/fd.c index b58502837aa..110ba31517a 100644 --- a/src/backend/storage/file/fd.c +++ b/src/backend/storage/file/fd.c @@ -3024,11 +3024,13 @@ CleanupTempFiles(bool isCommit, bool isProcExit) * remove any leftover files created by OpenTemporaryFile and any leftover * temporary relation files created by mdcreate. * - * NOTE: we could, but don't, call this during a post-backend-crash restart - * cycle. The argument for not doing it is that someone might want to examine - * the temp files for debugging purposes. This does however mean that - * OpenTemporaryFile had better allow for collision with an existing temp - * file name. + * During post-backend-crash restart cycle, this routine is called when + * remove_temp_files_after_crash GUC is enabled. Multiple crashes while + * queries are using temp files could result in useless storage usage that can + * only be reclaimed by a service restart. The argument against enabling it is + * that someone might want to examine the temporary files for debugging + * purposes. This does however mean that OpenTemporaryFile had better allow for + * collision with an existing temp file name. * * NOTE: this function and its subroutines generally report syscall failures * with ereport(LOG) and keep going. Removing temp files is not so critical |