On Tue, Jan 30, 2024 at 11:50:03AM -0800, Noah Misch wrote:
> (1) CreateDirAndVersionFile() uses a code sequence: XLogInsert(), XLogFlush(),
> write(PG_VERSION). This is missing the interlock with checkpoints, which
> pd_lsn usually secures. This breaks when one takes a base backup between the
> XLogInsert() and the write(). The transam/README "action first and then write
> a WAL entry" strategy works well. createdb_failure_callback() will remove the
> whole directory on failure.
>
> (2) RelationMapCopy() reasons that it doesn't need RelationMappingLock.
> CheckPointRelationMap() relies on RelationMappingLock to avoid completing a
> checkpoint between the WAL and the sync. A base backup taken in the middle of
> write_relmap_file() has no relmap after recovery.
>
> (3) CreateDirAndVersionFile() populates the PG_VERSION file without syncing
> it. An OS crash after the next checkpoint may leave PG_VERSION empty or
> missing. Let's fsync the file immediately. I used LazyFS to confirm the
> defect and fix. Though I was skeptical about adding a wait event in back
> branches, I plan to do so anyway. Commit 368ffde got away with it, and we do
> have this pattern of the sync event being separate from the write event.
Pushed at commit 0b6517a.
