>>> If that can happen, don't we have the same problem in many other places?
>>> Like, all the SLRUs? They don't fsync the directory either.
>> Right, pg_commit_ts and pg_clog enter in this category.
>
> Implemented as attached.
>
>>> Is unlink() guaranteed to be durable, without fsyncing the directory? If
>>> not, then we need to fsync() the directory even if there are no files in it
>>> at the moment, because some might've been removed earlier in the checkpoint
>>> cycle.
What is protection if pg crashes after unlimk() but before fsync()? Right, it's
rather small window for such scenario, but isn't better to have another
protection? Like WAL-logging of WAL segment removing...
--
Teodor Sigaev E-mail: teodor@sigaev.ru
WWW: http://www.sigaev.ru/