Bruce Momjian <bruce@momjian.us> writes:
> On Sun, Dec 29, 2013 at 02:48:21AM -0500, Tom Lane wrote:
>> 3. pg_upgrade ignores the fact that pg_resetxlog failed, and keeps going.
> Does pg_resetxlog return a non-zero exit status? If so, pg_upgrade
> should have caught that and exited.
It certainly does:
if (errno) { fprintf(stderr, _("%s: could not read from directory \"%s\": %s\n"), progname,
XLOGDIR,strerror(errno)); exit(1); }
The bug is that pg_upgrade appears to assume (in many places not just this
one) that exec_prog() will abort if the called program fails, but *it
doesn't*, contrary to the claim in its own header comment. This is
because pg_log(FATAL, ...) doesn't call exit(). pg_fatal() does, but
that's not what's being called in the throw_error case.
I imagine that this used to work correctly and got broken by some
ill-advised refactoring, but whatever the origin, it's 100% broken today.
regards, tom lane
