Regarding this comment:
> + /*
> + * Prior to 8.4 we wrote a Shutdown Checkpoint at the end of recovery.
> + * This could add minutes to the startup time, so we want bgwriter
> + * to perform it. This then frees the Startup process to complete so we can
> + * allow transactions and WAL inserts. We still write a checkpoint, but
> + * it will be an online checkpoint. Online checkpoints have a redo
> + * location that can be prior to the actual checkpoint record. So we want
> + * to derive that redo location *before* we let anybody else write WAL,
> + * otherwise we might miss some WAL records if we crash.
> + */
Does this describe a failure case or something that would cause
corruption? The tone of the message implies so, but I don't see anything
wrong with deriving the redo location for the first checkpoint the usual
way.
I belive the case of "missing some WAL records" refers to the
possibility that someone connects to the database and does a WAL logged
change before the first checkpoint starts. But if we then crash before
the checkpoint finishes, we'll start crash recovery from the previous
restartpoint/checkpoint as usual, and replay that WAL record as well.
And if the first checkpoint finishes, the redo ptr of that checkpoint is
after that WAL record, and those changes are safely on disk.
-- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com
