The FS API provides two ways to remove a transaction: svn_fs_abort_txn and
svn_fs_purge_txn. The BDB implementation of abort first marks the txn as "dead"
and then purges the dead txn. The reason for this two stage approach is that
purge involves several steps and so may fail, or be interrupted, part way
through. Marking the txn dead prevents svn_fs_open_txn from opening the txn
which means that a partially purged txn can only be purged and not used for any
other operation.
FSFS also implements abort and purge but doesn't have the dead state, instead
abort simply removes the transaction. This means that a partially aborted
transaction may still be present on disk. Depending on which files have been
removed it may still be possible to svn_fs_open_txn the transaction even though
it is incomplete. Or it may not be possible to open the transaction which will
prevent another abort from finishing the removal.
"svnadmin rmtxns" uses abort to delete transactions, if that fails with
SVN_ERR_FS_TRANSACTION_DEAD if falls back on purge. Since FSFS never returns
"dead" svnadmin never calls purge on FSFS transactions. This means there is no
way for the admin to delete partially deleted transactions.
Bug
Major