Re: Hot standby, recovery infra

On Fri, 2009-01-30 at 16:55 +0200, Heikki Linnakangas wrote:
> Ok, here's an attempt to make shutdown work gracefully.
>
> Startup process now signals postmaster three times during startup: first
> when it has done all the initialization, and starts redo. At that point.
> postmaster launches bgwriter, which starts to perform restartpoints when
> it deems appropriate. The 2nd time signals when we've reached consistent
> recovery state. As the patch stands, that's not significant, but it will
> be with all the rest of the hot standby stuff. The 3rd signal is sent
> when startup process has finished recovery. Postmaster used to wait for
> the startup process to exit, and check the return code to determine
> that, but now that we support shutdown, startup process also returns
> with 0 exit code when it has been requested to terminate.

Yeh, seems much cleaner.

Slightly bizarre though cos now we're pretty much back to my originally
proposed design. C'est la vie.

I like this way because it means we might in the future get Startup
process to perform post-recovery actions also.

> The startup process now catches SIGTERM, and calls proc_exit() at the
> next WAL record. That's what will happen in a fast shutdown. Unexpected
> death of the startup process is treated the same as a backend/auxiliary
> process crash.

Good. Like your re-arrangement of StartupProcessMain also.

Your call to PMSIGNAL_RECOVERY_COMPLETED needs to be if
(IsUnderPostmaster), or at least a comment to explain why not or perhaps
an Assert.

Think you need to just throw away this chunk

@@ -5253,7 +5386,7 @@ StartupXLOG(void)
* Complain if we did not roll forward far enough to render the
backup
* dump consistent.
*/
- if (XLByteLT(EndOfLog, ControlFile->minRecoveryPoint))
+ if (InRecovery && !reachedSafeStartPoint)
{
if (reachedStopPoint) /* stopped because of stop
request */
ereport(FATAL,

--
Simon Riggs www.2ndQuadrant.com
PostgreSQL Training, Services and Support