summaryrefslogtreecommitdiff
path: root/src/backend/utils/error
diff options
context:
space:
mode:
authorTom Lane <tgl@sss.pgh.pa.us>2012-11-21 15:18:43 -0500
committerTom Lane <tgl@sss.pgh.pa.us>2012-11-21 15:18:43 -0500
commit8af60da9ddab5fa6c27b41ec6413965ee75203c4 (patch)
tree9ba7dced7edff55fce96dd3a65659003b9ee65a0 /src/backend/utils/error
parent278b60598c648b677dbde1330f9f95676aa82e46 (diff)
Don't launch new child processes after we've been told to shut down.
Once we've received a shutdown signal (SIGINT or SIGTERM), we should not launch any more child processes, even if we get signals requesting such. The normal code path for spawning backends has always understood that, but the postmaster's infrastructure for hot standby and autovacuum didn't get the memo. As reported by Hari Babu in bug #7643, this could lead to failure to shut down at all in some cases, such as when SIGINT is received just before the startup process sends PMSIGNAL_RECOVERY_STARTED: we'd launch a bgwriter and checkpointer, and then those processes would have no idea that they ought to quit. Similarly, launching a new autovacuum worker would result in waiting till it finished before shutting down. Also, switch the order of the code blocks in reaper() that detect startup process crash versus shutdown termination. Once we've sent it a signal, we should not consider that exit(1) is surprising. This is just a cosmetic fix since shutdown occurs correctly anyway, but better not to log a phony complaint about startup process crash. Back-patch to 9.0. Some parts of this might be applicable before that, but given the lack of prior complaints I'm not going to worry too much about older branches.
Diffstat (limited to 'src/backend/utils/error')
0 files changed, 0 insertions, 0 deletions