On Wed, Jan 8, 2020 at 5:20 PM Kyotaro Horiguchi <horikyota....@gmail.com> wrote: > Relfilenode can be reused right after commit. There can be a case > where readers of the resued relfilenode see the pages from already > removed files left on shared buffers. On the other hand newly > allocated buffers for the reused relfilenode are not flushed out until > the lazy invalidate machinery actually frees the "garbage" buffers and > it leads to a broken database after a crash. But finally the > machinery trashes away the buffers involving the correct ones at > execution time.
The relfilenode can't be reused until the next checkpoint, can it? The truncated file remains in the file system, specifically to prevent anyone from reusing the relfilenode. See the comment for mdunlink(). There may be other problems with the idea, but wouldn't the zombie buffers be harmless, if they are invalidated before SyncPostCheckpoint() unlinks the underlying files (and you never try to flush them)?
