safe delete cache directory files #8710
Conversation
since we safeFileGetContents, it makes sense to also acquire lock before deleting, to avoid reading partial data
kkmuffme
force-pushed
the
safe-delete-cache-directory
branch
from
43195b0
to
4b20fd3
Compare
|
Ready for review |
orklah
added
the
release:internal
|
Thanks! |
|
Are there any filesystems where |
|
RHEL 8/9 it seems. We have 100s of psalm instances running at the same time (which partially use the same cache directories) and as we recently increased the number of instances, we got tons of igbinary unserialize end-of-data errors, which prompted me to submit this. (I previously submitted the psalm lock/safe read stuff, as we got those issue before) There seems to be more race condition issues though with things that were recently changed, so I'll probably add another PR soon to address those. |
I find it unlikely, as POSIX specifically mandates that data should not be removed until there are no open file descriptors referencing the file:
In my experience, partial reads were pretty much always caused by partial writes, so to avoid them, all one needed was to write data into a temporary file (on the target filesystem) and then rename them to the desired file name. |
|
Possibly, the problem is that those race conditions are extremely hard to debug, since it's impossible to deliberately reproduce them. So it's kind of a best effort at fixing them: As I found out today, it seems most of the race conditions had another source problem anyway (and this issue here was just a symptom of it), which I PRed here #8714 |
since we safeFileGetContents, it makes sense to also acquire lock before deleting, to avoid reading partial data