August Zajonc wrote: > The thing is, the leak occurs in situation where a COMMIT hasn't > returned to the user, so we are trying to guarantee no data-loss even > when the user doesn't see a successful commit? That's a tall order > obviously and hopefully people design their apps to attend to > transaction success / failure.
No, by the time we'd delete/move to trash the files, we know that they're no longer needed. But because deleting a relation is such a drastic thing to do, with potential for massive data loss, we're being extra paranoid. What if there's a bug in PostgreSQL that makes us delete the wrong file? Or transaction wraparound happens, despite the protections that we now have in place? Or you have bad RAM in the server, and a bit flips at an unfortunate place? That's the kind of situations we're worried about. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com ---------------------------(end of broadcast)--------------------------- TIP 7: You can help support the PostgreSQL project by donating at http://www.postgresql.org/about/donate