diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2006-11-05 23:40:38 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2006-11-05 23:40:38 +0000 |
| commit | befd4e4e482e5d2f02ac930bba4336478a5e685c (patch) | |
| tree | 1118aa08c04f8a08694e7e450fcd464ecb098a77 /src/backend/utils/cache | |
| parent | 23092b992819855d3ffa14a3cf4ca4cdbb0c27a7 (diff) | |
Fix recently-identified PITR recovery hazard: the base backup could contain
stale relcache init files (pg_internal.init), and there is no mechanism for
updating them during WAL replay. Easiest solution is just to delete the init
files at conclusion of startup, and let the first backend started in each
database take care of rebuilding the init file. Simon Riggs and Tom Lane.
Back-patched to 8.1. Arguably this should be fixed in 8.0 too, but it would
require significantly more code since 8.0 has no handy startup-time scan of
pg_database to piggyback on. Manual solution of the problem is possible
in 8.0 (just delete the pg_internal.init files before starting WAL replay),
so that may be a sufficient answer.
Diffstat (limited to 'src/backend/utils/cache')
| -rw-r--r-- | src/backend/utils/cache/relcache.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/backend/utils/cache/relcache.c b/src/backend/utils/cache/relcache.c index 50b4686ce62..9334cb38cd9 100644 --- a/src/backend/utils/cache/relcache.c +++ b/src/backend/utils/cache/relcache.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/cache/relcache.c,v 1.230.2.3 2006/01/19 20:28:48 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/cache/relcache.c,v 1.230.2.4 2006/11/05 23:40:38 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -3425,3 +3425,25 @@ RelationCacheInitFileInvalidate(bool beforeSend) LWLockRelease(RelCacheInitLock); } } + +/* + * Remove the init file for a given database during postmaster startup. + * + * We used to keep the init file across restarts, but that is unsafe in PITR + * scenarios, and even in simple crash-recovery cases there are windows for + * the init file to become out-of-sync with the database. So now we just + * remove it during startup and expect the first backend launch to rebuild it. + * Of course, this has to happen in each database of the cluster. For + * simplicity this is driven by flatfiles.c, which has to scan pg_database + * anyway. + */ +void +RelationCacheInitFileRemove(const char *dbPath) +{ + char initfilename[MAXPGPATH]; + + snprintf(initfilename, sizeof(initfilename), "%s/%s", + dbPath, RELCACHE_INIT_FILENAME); + unlink(initfilename); + /* ignore any error, since it might not be there at all */ +} |