static int Shutdown = NoShutdown;
static bool FatalError = false; /* T if recovering from backend crash */
+static bool RecoveryError = false; /* T if recovery failed */
/* State of WAL redo */
#define NoRecovery 0
}
/*
* Any unexpected exit (including FATAL exit) of the startup
- * process is treated as a crash.
+ * process is treated as a crash, except that we don't want
+ * to reinitialize.
*/
if (!EXIT_STATUS_0(exitstatus))
{
+ RecoveryError = true;
HandleChildCrash(pid, exitstatus,
_("startup process"));
continue;
*/
if (pmState == PM_RECOVERY || pmState == PM_RECOVERY_CONSISTENT)
{
+ RecoveryError = true;
HandleChildCrash(pid, exitstatus,
_("startup process"));
continue;
* enough to reset FatalError.
*/
pmState = PM_RECOVERY_CONSISTENT;
- FatalError = false;
/*
* Load the flat authorization file into postmaster's cache. The
(errmsg("database system is in consistent recovery mode")));
}
}
- if ((pmState == PM_RECOVERY || pmState == PM_RECOVERY_CONSISTENT || pmState == PM_STARTUP) && RecoveryStatus == RecoveryCompleted)
+ if ((pmState == PM_RECOVERY ||
+ pmState == PM_RECOVERY_CONSISTENT ||
+ pmState == PM_STARTUP) &&
+ RecoveryStatus == RecoveryCompleted)
{
/*
- * Startup succeeded - we are done with system startup or
- * recovery.
- */
- FatalError = false;
-
- /*
+ * Startup succeeded.
+ *
* Go to shutdown mode if a shutdown request was pending.
*/
if (Shutdown > NoShutdown)
}
}
+ /*
+ * If recovery failed, wait for all non-syslogger children to exit,
+ * and then exit postmaster. We don't try to reinitialize when recovery
+ * fails, because more than likely it will just fail again and we will
+ * keep trying forever.
+ */
+ if (RecoveryError && pmState == PM_NO_CHILDREN)
+ ExitPostmaster(1);
+
/*
* If we need to recover from a crash, wait for all non-syslogger
* children to exit, then reset shmem and StartupDataBase.
projects / users / simon / postgres.git / commitdiff