Michael Paquier <mich...@paquier.xyz> writes:
> On Wed, Dec 26, 2018 at 09:08:23PM +0000, Tom Lane wrote:
>> Fix failure to check for open() or fsync() failures.
>>
>> While it seems OK to not be concerned about fsync() failure for a
>> pre-existing signal file, it's not OK to not even check for open()
>> failure. This at least causes complaints from static analyzers,
> Wouldn't it be more simple to remove stat() and just call
> BasicOpenFilePerm, complaining with FATAL about any failures,
> including EACCES, on the way? The code is racy as designed, even if
> that's not a big deal for recovery purposes.
It appears to me that the code is intentionally not worrying about
fsync failure, so it seems wrong for it to FATAL out if it's unable
to open the file to fsync it. And it surely shouldn't do so if the
file isn't there.
regards, tom lane
