Commit graph

4371 commits

Author SHA1 Message Date
Tom Lane
1d9a0abec1 Remove bogus use of PGDLLIMPORT.
That macro should be attached to extern declarations, not actual
definitions of variables.
2010-11-26 17:05:29 -05:00
Robert Haas
cc1ed40d57 Object access hook framework, with post-creation hook.
After a SQL object is created, we provide an opportunity for security
or logging plugins to get control; for example, a security label provider
could use this to assign an initial security label to newly created
objects.  The basic infrastructure is (hopefully) reusable for other types
of events that might require similar treatment.

KaiGai Kohei, with minor adjustments.
2010-11-25 11:50:13 -05:00
Bruce Momjian
ba11258ccb When reporting the server as not responding, if the hostname was
supplied, also print the IP address.  This allows IPv4 and IPv6 failures
to be distinguished.  Also useful when a hostname resolves to multiple
IP addresses.

Also, remove use of inet_ntoa() and use our own inet_net_ntop() in all
places, including in libpq, because it is thread-safe.
2010-11-24 17:04:19 -05:00
Tom Lane
725d52d0c2 Create the system catalog infrastructure needed for KNNGIST.
This commit adds columns amoppurpose and amopsortfamily to pg_amop, and
column amcanorderbyop to pg_am.  For the moment all the entries in
amcanorderbyop are "false", since the underlying support isn't there yet.

Also, extend the CREATE OPERATOR CLASS/ALTER OPERATOR FAMILY commands with
[ FOR SEARCH | FOR ORDER BY sort_operator_family ] clauses to allow the new
columns of pg_amop to be populated, and create pg_dump support for dumping
that information.

I also added some documentation, although it's perhaps a bit premature
given that the feature doesn't do anything useful yet.

Teodor Sigaev, Robert Haas, Tom Lane
2010-11-24 14:22:17 -05:00
Peter Eisentraut
fc946c39ae Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
Alvaro Herrera
5272d79875 Remove GucContext parameter from ParseConfigFile 2010-11-22 19:00:31 -03:00
Robert Haas
7504870778 Add new SQL function, format(text).
Currently, three conversion format specifiers are supported: %s for a
string, %L for an SQL literal, and %I for an SQL identifier.  The latter
two are deliberately designed not to overlap with what sprintf() already
supports, in case we want to add more of sprintf()'s functionality here
later.

Patch by Pavel Stehule, heavily revised by me.  Reviewed by Jeff Janes
and, in earlier versions, by Itagaki Takahiro and Tom Lane.
2010-11-20 22:33:27 -05:00
Tom Lane
d1d8462d99 Assorted further cleanup for integer-conversion patch.
Avoid depending on LL notation, which is likely to not work in pre-C99
compilers; don't pointlessly use INT32_MIN/INT64_MIN in code that has
the numerical value hard-wired into it anyway; remove some gratuitous
style inconsistencies between pg_ltoa and pg_lltoa; fix int2 test case
so it actually tests int2.
2010-11-20 12:09:36 -05:00
Robert Haas
4343c0e546 Expose quote_literal_cstr() from core.
This eliminates the need for inefficient implementions of this
functionality in both contrib/dblink and contrib/tablefunc, so remove
them.  The upcoming patch implementing an in-core format() function
will also require this functionality.

In passing, add some regression tests.
2010-11-20 10:04:48 -05:00
Robert Haas
815810ed31 Attempt to fix breakage caused by signed integer conversion patch.
Use INT_MIN rather than INT32_MIN as we do elsewhere in the code, and
try to work around nonexistence of INT64_MIN if necessary.  Adjust the
new regression tests to something hopefully saner, per observation by
Tom Lane.
2010-11-20 01:09:26 -05:00
Robert Haas
4fc115b2e9 Speed up conversion of signed integers to C strings.
A hand-coded implementation turns out to be much faster than calling
printf().  In passing, add a few more regresion tests.

Andres Freund, with assorted, mostly cosmetic changes.
2010-11-19 22:13:11 -05:00
Tom Lane
511e902b51 Make TRUNCATE ... RESTART IDENTITY restart sequences transactionally.
In the previous coding, we simply issued ALTER SEQUENCE RESTART commands,
which do not roll back on error.  This meant that an error between
truncating and committing left the sequences out of sync with the table
contents, with potentially bad consequences as were noted in a Warning on
the TRUNCATE man page.

To fix, create a new storage file (relfilenode) for a sequence that is to
be reset due to RESTART IDENTITY.  If the transaction aborts, we'll
automatically revert to the old storage file.  This acts just like a
rewriting ALTER TABLE operation.  A penalty is that we have to take
exclusive lock on the sequence, but since we've already got exclusive lock
on its owning table, that seems unlikely to be much of a problem.

The interaction of this with usual nontransactional behaviors of sequence
operations is a bit weird, but it's hard to see what would be completely
consistent.  Our choice is to discard cached-but-unissued sequence values
both when the RESTART is executed, and at rollback if any; but to not touch
the currval() state either time.

In passing, move the sequence reset operations to happen before not after
any AFTER TRUNCATE triggers are fired.  The previous ordering was not
logically sensible, but was forced by the need to minimize inconsistency
if the triggers caused an error.  Transactional rollback is a much better
solution to that.

Patch by Steve Singer, rather heavily adjusted by me.
2010-11-17 16:42:18 -05:00
Robert Haas
3134d8863e Add new buffers_backend_fsync field to pg_stat_bgwriter.
This new field counts the number of times that a backend which writes a
buffer out to the OS must also fsync() it.  This happens when the
bgwriter fsync request queue is full, and is generally detrimental to
performance, so it's good to know when it's happening.  Along the way,
log a new message at level DEBUG1 whenever we fail to hand off an fsync,
so that the problem can also be seen in examination of log files
(if the logging level is cranked up high enough).

Greg Smith, with minor tweaks by me.
2010-11-15 12:42:59 -05:00
Robert Haas
5ccbc3d802 Correct poor grammar in comment. 2010-11-14 23:10:45 -05:00
Robert Haas
5aa446c961 Cleanup various comparisons with the constant "true".
Itagaki Takahiro, with slight modifications.
2010-11-14 21:03:48 -05:00
Peter Eisentraut
19e231bbda Improved parallel make support
Replace for loops in makefiles with proper dependencies.  Parallel
make can now span across directories.  Also, make -k and make -q work
properly.

GNU make 3.80 or newer is now required.
2010-11-12 22:15:16 +02:00
Tom Lane
b0f2d681bd Fix line_construct_pm() for the case of "infinite" (DBL_MAX) slope.
This code was just plain wrong: what you got was not a line through the
given point but a line almost indistinguishable from the Y-axis, although
not truly vertical.  The only caller that tries to use this function with
m == DBL_MAX is dist_ps_internal for the case where the lseg is horizontal;
it would end up producing the distance from the given point to the place
where the lseg's line crosses the Y-axis.  That function is used by other
operators too, so there are several operators that could compute wrong
distances from a line segment to something else.  Per bug #5745 from
jindiax.

Back-patch to all supported branches.
2010-11-10 16:52:24 -05:00
Tom Lane
dd1c781903 Make get_stack_depth_rlimit() handle RLIM_INFINITY more sanely.
Rather than considering this result as meaning "unknown", report LONG_MAX.
This won't change what superusers can set max_stack_depth to, but it will
cause InitializeGUCOptions() to set the built-in default to 2MB not 100kB.
The latter seems like a fairly unreasonable interpretation of "infinity".
Per my investigation of odd buildfarm results as well as an old complaint
from Heikki.

Since this should persuade all the buildfarm animals to use a reasonable
stack depth setting during "make check", revert previous patch that dumbed
down a recursive regression test to only 5 levels.
2010-11-06 16:50:18 -04:00
Tom Lane
09211659d9 Use appendStringInfoString() where appropriate in elog.c.
The nominally equivalent call appendStringInfo(buf, "%s", str) can be
significantly slower when str is large.  In particular, the former usage in
EVALUATE_MESSAGE led to O(N^2) behavior when collecting a large number of
context lines, as I found out while testing recursive functions.  The other
changes are just neatnik-ism and seem unlikely to save anything meaningful,
but a cycle shaved is a cycle earned.
2010-11-04 15:28:35 -04:00
Tom Lane
9f376e146b Ensure an index that uses a whole-row Var still depends on its table.
We failed to record any dependency on the underlying table for an index
declared like "create index i on t (foo(t.*))".  This would create trouble
if the table were dropped without previously dropping the index.  To fix,
simplify some overly-cute code in index_create(), accepting the possibility
that sometimes the whole-table dependency will be redundant.  Also document
this hazard in dependency.c.  Per report from Kevin Grittner.

In passing, prevent a core dump in pg_get_indexdef() if the index's table
can't be found.  I came across this while experimenting with Kevin's
example.  Not sure it's a real issue when the catalogs aren't corrupt, but
might as well be cautious.

Back-patch to all supported versions.
2010-11-02 17:15:07 -04:00
Tom Lane
186cbbda8f Provide hashing support for arrays.
The core of this patch is hash_array() and associated typcache
infrastructure, which works just about exactly like the existing support
for array comparison.

In addition I did some work to ensure that the planner won't think that an
array type is hashable unless its element type is hashable, and similarly
for sorting.  This includes adding a datatype parameter to op_hashjoinable
and op_mergejoinable, and adding an explicit "hashable" flag to
SortGroupClause.  The lack of a cross-check on the element type was a
pre-existing bug in mergejoin support --- but it didn't matter so much
before, because if you couldn't sort the element type there wasn't any good
alternative to failing anyhow.  Now that we have the alternative of hashing
the array type, there are cases where we can avoid a failure by being picky
at the planner stage, so it's time to be picky.

The issue of exactly how to combine the per-element hash values to produce
an array hash is still open for discussion, but the rest of this is pretty
solid, so I'll commit it as-is.
2010-10-30 21:56:11 -04:00
Tom Lane
bfd3f37be3 Fix comparisons of pointers with zero to compare with NULL instead.
Per C standard, these are semantically the same thing; but saying NULL
when you mean NULL is good for readability.

Marti Raudsepp, per results of INRIA's Coccinelle.
2010-10-29 15:51:52 -04:00
Peter Eisentraut
35670340f5 Refactor typenameTypeId()
Split the old typenameTypeId() into two functions: A new typenameTypeId() that
returns only a type OID, and typenameTypeIdAndMod() that returns type OID and
typmod.  This isolates call sites better that actually care about the typmod.
2010-10-25 21:44:49 +03:00
Tom Lane
c6873eac4c Fix overly-enthusiastic Assert in printing of Param reference expressions.
A NestLoopParam's value can only be a Var or Aggref, but this isn't the
case in general for SubPlan parameters, so print_parameter_expr had better
be prepared to cope.  Brain fade in my recent patch to print the referenced
expression instead of just printing $N for PARAM_EXEC Params.  Per report
from Pavel Stehule.
2010-10-25 14:25:10 -04:00
Tom Lane
84c123be1d Allow new values to be added to an existing enum type.
After much expenditure of effort, we've got this to the point where the
performance penalty is pretty minimal in typical cases.

Andrew Dunstan, reviewed by Brendan Jurd, Dean Rasheed, and Tom Lane
2010-10-24 23:05:41 -04:00
Tom Lane
529cb267a6 Improve handling of domains over arrays.
This patch eliminates various bizarre behaviors caused by sloppy thinking
about the difference between a domain type and its underlying array type.
In particular, the operation of updating one element of such an array
has to be considered as yielding a value of the underlying array type,
*not* a value of the domain, because there's no assurance that the
domain's CHECK constraints are still satisfied.  If we're intending to
store the result back into a domain column, we have to re-cast to the
domain type so that constraints are re-checked.

For similar reasons, such a domain can't be blindly matched to an ANYARRAY
polymorphic parameter, because the polymorphic function is likely to apply
array-ish operations that could invalidate the domain constraints.  For the
moment, we just forbid such matching.  We might later wish to insert an
automatic downcast to the underlying array type, but such a change should
also change matching of domains to ANYELEMENT for consistency.

To ensure that all such logic is rechecked, this patch removes the original
hack of setting a domain's pg_type.typelem field to match its base type;
the typelem will always be zero instead.  In those places where it's really
okay to look through the domain type with no other logic changes, use the
newly added get_base_element_type function in place of get_element_type.
catversion bumped due to change in pg_type contents.

Per bug #5717 from Richard Huxton and subsequent discussion.
2010-10-21 16:07:17 -04:00
Tom Lane
48c7d9f6ff Improve GIN indexscan cost estimation.
The better estimate requires more statistics than we previously stored:
in particular, counts of "entry" versus "data" pages within the index,
as well as knowledge of the number of distinct key values.  We collect
this information during initial index build and update it during VACUUM,
storing the info in new fields on the index metapage.  No initdb is
required because these fields will read as zeroes in a pre-existing
index, and the new gincostestimate code is coded to behave (reasonably)
sanely if they are zeroes.

Teodor Sigaev, reviewed by Jan Urbanski, Tom Lane, and Itagaki Takahiro.
2010-10-17 20:52:32 -04:00
Tom Lane
07f1264dda Allow WITH clauses to be attached to INSERT, UPDATE, DELETE statements.
This is not the hoped-for facility of using INSERT/UPDATE/DELETE inside
a WITH, but rather the other way around.  It seems useful in its own
right anyway.

Note: catversion bumped because, although the contents of stored rules
might look compatible, there's actually a subtle semantic change.
A single Query containing a WITH and INSERT...VALUES now represents
writing the WITH before the INSERT, not before the VALUES.  While it's
not clear that that matters to anyone, it seems like a good idea to
have it cited in the git history for catversion.h.

Original patch by Marko Tiikkaja, with updating and cleanup by
Hitoshi Harada.
2010-10-15 19:55:25 -04:00
Peter Eisentraut
3cde44374a Change references to SQL/XML:2003 to :2008 and renumber sections accordingly 2010-10-15 22:56:18 +03:00
Tom Lane
11cad29c91 Support MergeAppend plans, to allow sorted output from append relations.
This patch eliminates the former need to sort the output of an Append scan
when an ordered scan of an inheritance tree is wanted.  This should be
particularly useful for fast-start cases such as queries with LIMIT.

Original patch by Greg Stark, with further hacking by Hans-Jurgen Schonig,
Robert Haas, and Tom Lane.
2010-10-14 16:57:57 -04:00
Itagaki Takahiro
d0f876ca8c Accept 'public' as a pseudo-role name in has_table_privilege() and friends
to see if a particular privilege has been granted to PUBLIC.

The issue was reported by Jim Nasby.
Patch by Alvaro Herrera, and reviewed by KaiGai Kohei.
2010-10-13 14:37:23 +09:00
Tom Lane
2ec993a7cb Support triggers on views.
This patch adds the SQL-standard concept of an INSTEAD OF trigger, which
is fired instead of performing a physical insert/update/delete.  The
trigger function is passed the entire old and/or new rows of the view,
and must figure out what to do to the underlying tables to implement
the update.  So this feature can be used to implement updatable views
using trigger programming style rather than rule hacking.

In passing, this patch corrects the names of some columns in the
information_schema.triggers view.  It seems the SQL committee renamed
them somewhere between SQL:99 and SQL:2003.

Dean Rasheed, reviewed by Bernd Helmle; some additional hacking by me.
2010-10-10 13:45:07 -04:00
Bruce Momjian
f7dbddac69 Single-word clarification in postgresql.conf log_truncate_on_rotation
comment.
2010-10-08 19:10:21 +00:00
Tom Lane
caaf2e8469 Fix sloppy usage of TRIGGER_FIRED_BEFORE/TRIGGER_FIRED_AFTER.
Various places were testing TRIGGER_FIRED_BEFORE() where what they really
meant was !TRIGGER_FIRED_AFTER(), or vice versa.  This needs to be cleaned
up because there are about to be more than two possible states.

We might want to note this in the 9.1 release notes as something for
trigger authors to double-check.

For consistency's sake I also changed some places that assumed that
TRIGGER_FIRED_FOR_ROW and TRIGGER_FIRED_FOR_STATEMENT are necessarily
mutually exclusive; that's not in immediate danger of breaking, but
it's still sloppier than it should be.

Extracted from Dean Rasheed's patch for triggers on views.  I'm committing
this separately since it's an identifiable separate issue, and is the
only reason for the patch to touch most of these particular files.
2010-10-08 13:27:31 -04:00
Tom Lane
26a7b48e10 Eliminate some repetitive coding in tuplesort.c.
Use a macro LogicalTapeReadExact() to encapsulate the error check when
we want to read an exact number of bytes from a "tape".  Per a suggestion
of Takahiro Itagaki.
2010-10-07 20:32:21 -04:00
Tom Lane
3ba11d3df2 Teach CLUSTER to use seqscan-and-sort when it's faster than indexscan.
... or at least, when the planner's cost estimates say it will be faster.

Leonardo Francalanci, reviewed by Itagaki Takahiro and Tom Lane
2010-10-07 20:00:28 -04:00
Robert Haas
2ce003973d Add "(change requires restart)" note to some postgresql.conf parameters.
Devrim GÜNDÜZ
2010-09-27 09:14:14 -04:00
Tom Lane
9aae81527f Re-allow input of Julian dates prior to 0001-01-01 AD.
This was unintentionally broken in 8.4 while tightening up checking of
ordinary non-Julian date inputs to forbid references to "year zero".
Per bug #5672 from Benjamin Gigot.
2010-09-22 23:48:07 -04:00
Magnus Hagander
fe9b36fd59 Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
Magnus Hagander
9f2e211386 Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
Tom Lane
f679cfe97b Replace last remaining $Id$ with $PostgreSQL$. 2010-09-19 16:27:17 +00:00
Heikki Linnakangas
418039d3af Process options from the startup packed in walsender. Only few options
make sense for walsender, but for example application_name and client_encoding
do. We still don't apply per-role settings from pg_db_role_setting, because
that would require connecting to a database to read the table.

Fujii Masao
2010-09-13 09:00:30 +00:00
Joe Conway
5eb15c9942 SERIALIZABLE transactions are actually implemented beneath the covers with
transaction snapshots, i.e. a snapshot registered at the beginning of
a transaction. Change variable naming and comments to reflect this reality
in preparation for a future, truly serializable mode, e.g.
Serializable Snapshot Isolation (SSI).

For the moment transaction snapshots are still used to implement
SERIALIZABLE, but hopefully not for too much longer. Patch by Kevin
Grittner and Dan Ports with review and some minor wording changes by me.
2010-09-11 18:38:58 +00:00
Tom Lane
8d8d5cb612 Pad the ps_status display with nulls, not blanks, on Darwin.
A long time ago, this didn't work nicely, but it seems to work on all recent
versions of OS X.  The blank-pad method is less desirable since it results
in lots of extra space in ps' output.  Per Alexey Klyukin.
2010-09-04 17:45:56 +00:00
Tom Lane
303696c3b4 Install a data-type-based solution for protecting pg_get_expr().
Since the code underlying pg_get_expr() is not secure against malformed
input, and can't practically be made so, we need to prevent miscreants
from feeding arbitrary data to it.  We can do this securely by declaring
pg_get_expr() to take a new datatype "pg_node_tree" and declaring the
system catalog columns that hold nodeToString output to be of that type.
There is no way at SQL level to create a non-null value of type pg_node_tree.
Since the backend-internal operations that fill those catalog columns
operate below the SQL level, they are oblivious to the datatype relabeling
and don't need any changes.
2010-09-03 01:34:55 +00:00
Tom Lane
9513918c6c Fix up flushing of composite-type typcache entries to be driven directly by
SI invalidation events, rather than indirectly through the relcache.

In the previous coding, we had to flush a composite-type typcache entry
whenever we discarded the corresponding relcache entry.  This caused problems
at least when testing with RELCACHE_FORCE_RELEASE, as shown in recent report
from Jeff Davis, and might result in real-world problems given the kind of
unexpected relcache flush that that test mechanism is intended to model.

The new coding decouples relcache and typcache management, which is a good
thing anyway from a structural perspective.  The cost is that we have to
search the typcache linearly to find entries that need to be flushed.  There
are a couple of ways we could avoid that, but at the moment it's not clear
it's worth any extra trouble, because the typcache contains very few entries
in typical operation.

Back-patch to 8.2, the same as some other recent fixes in this general area.
The patch could be carried back to 8.0 with some additional work, but given
that it's only hypothetical whether we're fixing any problem observable in
the field, it doesn't seem worth the work now.
2010-09-02 03:16:46 +00:00
Itagaki Takahiro
49b27ab551 Add string functions: concat(), concat_ws(), left(), right(), and reverse().
Pavel Stehule, reviewed by me.
2010-08-24 06:30:44 +00:00
Tom Lane
95cacd1345 Use a non-locale-dependent definition of isspace() in array_in/array_out.
array_in discards unquoted leading and trailing whitespace in array values,
while array_out is careful to quote array elements that contain whitespace.
This is problematic when the definition of "whitespace" varies between
locales: array_in could drop characters that were meant to be part of the
value.  To avoid that, lock down "whitespace" to mean only the traditional
six ASCII space characters.

This change also works around a bug in OS X and some older BSD systems, in
which isspace() could return true for character fragments in UTF8 locales.
(There may be other places in PG where that bug could cause problems, but
this is the only one complained of so far; see recent report from Steven
Schlansker.)

Back-patch to 9.0, but not further.  Given the lack of previous reports
of trouble, changing this behavior in stable branches seems to offer
more risk of breaking applications than reward of avoiding problems.
2010-08-21 16:55:51 +00:00
Magnus Hagander
946045f04d Add vacuum and analyze counters to pg_stat_*_tables views. 2010-08-21 10:59:17 +00:00
Tom Lane
79dc97a401 Bring some sanity to the trace_recovery_messages code and docs.
Per gripe from Fujii Masao, though this is not exactly his proposed patch.
Categorize as DEVELOPER_OPTIONS and set context PGC_SIGHUP, as per Fujii,
but set the default to LOG because higher values aren't really sensible
(see the code for trace_recovery()).  Fix the documentation to agree with
the code and to try to explain what the variable actually does.  Get rid
of no-op calls trace_recovery(LOG), which accomplish nothing except to
demonstrate that this option confuses even its author.
2010-08-19 22:55:01 +00:00
Peter Eisentraut
3f11971916 Remove extra newlines at end and beginning of files, add missing newlines
at end of files.
2010-08-19 05:57:36 +00:00
Tom Lane
2d8314bd43 Rename utf2ucs() to utf8_to_unicode(), and export it so it can be used
elsewhere.

Similarly rename the version in mbprint.c, not because this affects anything
but just to keep the two copies in exact sync.  There was some discussion of
having only one copy in src/port/ instead, but this function is so small
and unlikely to change that that seems like overkill.

Slightly editorialized version of a patch by Joseph Adams.  (The bug-fix
aspect of his patch was applied separately, and back-patched.)
2010-08-18 19:54:01 +00:00
Tom Lane
ee0e525bfc Arrange to fsync the contents of lockfiles (both postmaster.pid and the
socket lockfile) when writing them.  The lack of an fsync here may well
explain two different reports we've seen of corrupted lockfile contents,
which doesn't particularly bother the running server but can prevent a
new server from starting if the old one crashes.  Per suggestion from
Alvaro.

Back-patch to all supported versions.
2010-08-16 17:32:46 +00:00
Tom Lane
41b810fe32 Fix \ef and \sf to not fail on functions with nonnull probin.
Update comment about them in pg_get_functiondef.
2010-08-14 14:20:35 +00:00
Robert Haas
27f145a40e Further dtrace adjustments for the backend-IDs-in-relpath patch.
Update the documentation, and back out a few ill-considered changes
whose folly I failed to realize for failure to read the documentation.
2010-08-14 02:22:10 +00:00
Robert Haas
105d4c5ffe Fix assorted dtrace breakage caused by patch to include backend IDs
in temp relpaths.

Per buildfarm.
2010-08-13 22:54:17 +00:00
Robert Haas
debcec7dc3 Include the backend ID in the relpath of temporary relations.
This allows us to reliably remove all leftover temporary relation
files on cluster startup without reference to system catalogs or WAL;
therefore, we no longer include temporary relations in XLOG_XACT_COMMIT
and XLOG_XACT_ABORT WAL records.

Since these changes require including a backend ID in each
SharedInvalSmgrMsg, the size of the SharedInvalidationMessage.id
field has been reduced from two bytes to one, and the maximum number
of connections has been reduced from INT_MAX / 4 to 2^23-1.  It would
be possible to remove these restrictions by increasing the size of
SharedInvalidationMessage by 4 bytes, but right now that doesn't seem
like a good trade-off.

Review by Jaime Casanova and Tom Lane.
2010-08-13 20:10:54 +00:00
Tom Lane
a0b7b717a4 Add xml_is_well_formed, xml_is_well_formed_document, xml_is_well_formed_content
functions to the core XML code.  Per discussion, the former depends on
XMLOPTION while the others do not.  These supersede a version previously
offered by contrib/xml2.

Mike Fowler, reviewed by Pavel Stehule
2010-08-13 18:36:26 +00:00
Tom Lane
2a7349f030 Fix Assert failure in PushOverrideSearchPath when trying to restore a search
path that specifies useTemp, but there is no active temp schema in the
current session.  (This can happen if the path was saved during a transaction
that created a temp schema and was later rolled back.)  For existing callers
it's sufficient to ignore the useTemp flag in this case, though we might
later want to offer an option to create a fresh temp schema.  So far as I can
tell this is just an Assert failure: in a non-assert build, the code would
push a zero onto the new search path, which is useless but not very harmful.
Per bug report from Heikki.

Back-patch to 8.3; prior versions don't have this code.
2010-08-13 16:27:11 +00:00
Tom Lane
568e709372 Extend psql's \e and \ef commands so that a line number can be specified,
and the editor's cursor will be initially placed on that line.  In \e the
lines are counted with respect to the query buffer, while in \ef they are
counted with line 1 = first line of function body.  These choices are useful
for positioning the cursor on the line of a previously-reported error.

To avoid assumptions about what switch the user's editor takes for this
purpose, invent a new psql variable EDITOR_LINENUMBER_SWITCH with (at
present) no default value.

One incompatibility from previous behavior is that "\e 1234" will now
take "1234" as a line number not a file name.  There are at least two
ways to select a numerically-named file if you really want to.

Pavel Stehule, reviewed by Jan Urbanski, with further editing by Robert Haas
and Tom Lane
2010-08-12 00:40:59 +00:00
Heikki Linnakangas
c9ae257e23 The sanity check added to array_recv() wa a bit too tight; we must
continue to accept an empty array with dimension information. array_send()
can output such arrays.

Per report from Vladimir Shakhov.
2010-08-11 19:12:27 +00:00
Tom Lane
33f43725fb Add three-parameter forms of array_to_string and string_to_array, to allow
better handling of NULL elements within the arrays.  The third parameter
is a string that should be used to represent a NULL element, or should
be translated into a NULL element, respectively.  If the third parameter
is NULL it behaves the same as the two-parameter form.

There are two incompatible changes in the behavior of the two-parameter form
of string_to_array.  First, it will return an empty (zero-element) array
rather than NULL when the input string is of zero length.  Second, if the
field separator is NULL, the function splits the string into individual
characters, rather than returning NULL as before.  These two changes make
this form fully compatible with the behavior of the new three-parameter form.

Pavel Stehule, reviewed by Brendan Jurd
2010-08-10 21:51:00 +00:00
Tom Lane
4dfc457854 Add an xpath_exists() function. This is equivalent to XMLEXISTS except that
it offers support for namespace mapping.

Mike Fowler, reviewed by David Fetter
2010-08-08 19:15:27 +00:00
Tom Lane
46aa77c7bd Add stats functions and views to provide access to a transaction's own
statistics counts.  These numbers are being accumulated but haven't yet been
transmitted to the collector (and won't be, until the transaction ends).
For some purposes, though, it's handy to be able to look at them.

Joel Jacobson, reviewed by Itagaki Takahiro
2010-08-08 16:27:06 +00:00
Tom Lane
f73b765182 Add a comment about the initial default value of max_stack_depth. 2010-08-06 14:51:33 +00:00
Robert Haas
901c0ea2f1 Fix incorrect pathname in comment. 2010-08-06 03:46:23 +00:00
Tom Lane
b0c451e145 Remove the single-argument form of string_agg(). It added nothing much in
functionality, while creating an ambiguity in usage with ORDER BY that at
least two people have already gotten seriously confused by.  Also, add an
opr_sanity test to check that we don't in future violate the newly minted
policy of not having built-in aggregates with the same name and different
numbers of parameters.  Per discussion of a complaint from Thom Brown.
2010-08-05 18:21:19 +00:00
Robert Haas
fd1843ff89 Standardize get_whatever_oid functions for other object types.
- Rename TSParserGetPrsid to get_ts_parser_oid.
- Rename TSDictionaryGetDictid to get_ts_dict_oid.
- Rename TSTemplateGetTmplid to get_ts_template_oid.
- Rename TSConfigGetCfgid to get_ts_config_oid.
- Rename FindConversionByName to get_conversion_oid.
- Rename GetConstraintName to get_constraint_oid.
- Add new functions get_opclass_oid, get_opfamily_oid, get_rewrite_oid,
  get_rewrite_oid_without_relid, get_trigger_oid, and get_cast_oid.

The name of each function matches the corresponding catalog.

Thanks to KaiGai Kohei for the review.
2010-08-05 15:25:36 +00:00
Robert Haas
2a6ef3445c Standardize get_whatever_oid functions for object types with
unqualified names.

- Add a missing_ok parameter to get_tablespace_oid.
- Avoid duplicating get_tablespace_od guts in objectNamesToOids.
- Add a missing_ok parameter to get_database_oid.
- Replace get_roleid and get_role_checked with get_role_oid.
- Add get_namespace_oid, get_language_oid, get_am_oid.
- Refactor existing code to use new interfaces.

Thanks to KaiGai Kohei for the review.
2010-08-05 14:45:09 +00:00
Peter Eisentraut
641459f269 Add xmlexists function
by Mike Fowler, reviewed by Peter Eisentraut
2010-08-05 04:21:54 +00:00
Robert Haas
97f38001ac Fix numeric_maximum_size() calculation.
The old computation can sometimes underestimate the necessary space
by 2 bytes; however we're not back-patching this, because this result
isn't used for anything critical.  Per discussion with Tom Lane,
make the typmod test in this function match the ones in numeric()
and apply_typmod() exactly.
2010-08-04 17:33:09 +00:00
Robert Haas
145343534c Allow numeric to use a more compact, 2-byte header in many cases.
Review by Brendan Jurd and Tom Lane.
2010-08-03 23:09:29 +00:00
Tom Lane
db04f2b322 Replace the naive HYPOT() macro with a standards-conformant hypotenuse
function.  This avoids unnecessary overflows and probably gives a more
accurate result as well.

Paul Matthews, reviewed by Andrew Geery
2010-08-03 21:21:03 +00:00
Tom Lane
3491520986 Code review for --quote-all-identifiers patch: add missing --help documentation
for new pg_dump/pg_dumpall parameters, make a couple of trivial stylistic
adjustments to make the code follow usual project style.
2010-08-03 19:24:05 +00:00
Tom Lane
72405b066b Add some comments to tinterval_cmp_internal pointing out its severe
implementation deficiencies.  Per discussion of bug #5592, we're not
going to change it, but these things should be documented so that if
anyone ever reimplements type tinterval, they will be more careful.
2010-08-03 16:31:02 +00:00
Tom Lane
532a4c3531 Be a little more careful with the shift computations in QT2QTN and
makeTSQuerySign.  The first of these is a live bug, on some platforms,
as per bug #5590 from John Regehr.  However the consequences seem limited
because of the relatively narrow scope of use of QTNode.sign.  The shift in
makeTSQuerySign is actually safe because TSQS_SIGLEN is unsigned, but it
seems like a good idea to insert an explicit cast rather than depend on that.
2010-08-03 01:50:27 +00:00
Tom Lane
57641a165f Fix core dump in QTNodeCompare when tsquery_cmp() is applied to two empty
tsqueries.  CompareTSQ has to have a guard for the case rather than blindly
applying QTNodeCompare to random data past the end of the datums.  Also,
change QTNodeCompare to be a little less trusting: use an actual test rather
than just Assert'ing that the input is sane.  Problem encountered while
investigating another issue (I saw a core dump in autoanalyze on a table
containing multiple empty tsquery values).

Back-patch to all branches with tsquery support.

In HEAD, also fix some bizarre (though not outright wrong) coding in
tsq_mcontains().
2010-08-03 00:10:39 +00:00
Tom Lane
fbcf2cfb53 Fix an ancient typo that prevented the detection of conflicting fields when
interval input "invalid" was specified together with other fields.  Spotted
by Neil Conway with the help of a clang warning.  Although this has been
wrong since the interval code was written more than 10 years ago, it doesn't
affect anything beyond which error message you get for a wrong input, so not
worth back-patching very far.
2010-08-02 01:24:54 +00:00
Tom Lane
0454f13161 Rewrite the rbtree routines so that an RBNode is the first field of the
struct representing a tree entry, rather than being a separately allocated
piece of storage.  This API is at least as clean as the old one (if not
more so --- there were some bizarre choices in there) and it permits a
very substantial memory savings, on the order of 2X in ginbulk.c's usage.

Also, fix minor memory leaks in code called by ginEntryInsert, in
particular in ginInsertValue and entryFillRoot, as well as ginEntryInsert
itself.  These leaks resulted in the GIN index build context continuing
to bloat even after we'd filled it to maintenance_work_mem and started
to dump data out to the index.

In combination these fixes restore the GIN index build code to honoring
the maintenance_work_mem limit about as well as it did in 8.4.  Speed
seems on par with 8.4 too, maybe even a bit faster, for a non-pathological
case in which HEAD was formerly slower.

Back-patch to 9.0 so we don't have a performance regression from 8.4.
2010-08-01 02:12:42 +00:00
Robert Haas
8a4dc94ca0 Make details of the Numeric representation private to numeric.c.
Review by Tom Lane.
2010-07-30 04:30:23 +00:00
Simon Riggs
2dbbda02e7 Reduce lock levels of CREATE TRIGGER and some ALTER TABLE, CREATE RULE actions.
Avoid hard-coding lockmode used for many altering DDL commands, allowing easier
future changes of lock levels. Implementation of initial analysis on DDL
sub-commands, so that many lock levels are now at ShareUpdateExclusiveLock or
ShareRowExclusiveLock, allowing certain DDL not to block reads/writes.
First of number of planned changes in this area; additional docs required
when full project complete.
2010-07-28 05:22:24 +00:00
Robert Haas
e0226a9bf2 In postgresql.conf.sample, use on/off rather than true/false.
We used to be consistent about this, but my recent patch to add a
restart_after_crash GUC failed to follow the existing convention.

Report and patch from Fujii Masao.
2010-07-27 16:06:53 +00:00
Robert Haas
ce68df468a Add options to force quoting of all identifiers.
I've added a quote_all_identifiers GUC which affects the behavior
of the backend, and a --quote-all-identifiers argument to pg_dump
and pg_dumpall which sets the GUC and also affects the quoting done
internally by those applications.

Design by Tom Lane; review by Alex Hunsaker; in response to bug #5488
filed by Hartmut Goebel.
2010-07-22 01:22:35 +00:00
Robert Haas
b8c6c71d1c Centralize DML permissions-checking logic.
Remove bespoke code in DoCopy and RI_Initial_Check, which now instead
fabricate call ExecCheckRTPerms with a manufactured RangeTblEntry.
This is intended to make it feasible for an enhanced security provider
to actually make use of ExecutorCheckPerms_hook, but also has the
advantage that RI_Initial_Check can allow use of the fast-path when
column-level but not table-level permissions are present.

KaiGai Kohei.  Reviewed (in an earlier version) by Stephen Frost, and by me.
Some further changes to the comments by me.
2010-07-22 00:47:59 +00:00
Robert Haas
5ffaa9005c Add restart_after_crash GUC.
Normally, we automatically restart after a backend crash, but in some
cases when PostgreSQL is invoked by clusterware it may be desirable to
suppress this behavior, so we provide an option which does this.
Since no existing GUC group quite fits, create a new group called
"error handling options" for this and the previously undocumented GUC
exit_on_error, which is now documented.

Review by Fujii Masao.
2010-07-20 00:47:53 +00:00
Robert Haas
0839f312e9 Change the default value of standard_conforming_strings to on.
This change should be publicized to driver maintainers at once and
release-noted as an incompatibility with previous releases.
2010-07-20 00:34:44 +00:00
Tom Lane
cf5305f406 Remove unnecessary "Not safe to send CSV data" complaint from elog.c's fallback
path when CSV logging is configured but not yet operational.  It's sufficient
to send the message to stderr, as we were already doing, and the "Not safe"
gripe has already confused at least two core members ...

Backpatch to 9.0, but not further --- doesn't seem appropriate to change
this behavior in stable branches.
2010-07-18 23:43:32 +00:00
Tom Lane
3ec694e17b Add a log_file_mode GUC that allows control of the file permissions set on
log files created by the syslogger process.

In passing, make unix_file_permissions display its value in octal, same
as log_file_mode now does.

Martin Pihlak
2010-07-16 22:25:51 +00:00
Tom Lane
7590ddb3eb Add support for dividing money by money (yielding a float8 result) and for
casting between money and numeric.

Andy Balholm, reviewed by Kevin Grittner
2010-07-16 02:15:56 +00:00
Tom Lane
1cc29fe7c6 Teach EXPLAIN to print PARAM_EXEC Params as the referenced expressions,
rather than just $N.  This brings the display of nestloop-inner-indexscan
plans back to where it's been, and incidentally improves the display of
SubPlan parameters as well.  In passing, simplify the EXPLAIN code by
having it deal primarily in the PlanState tree rather than separately
searching Plan and PlanState trees.  This is noticeably cleaner for
subplans, and about a wash elsewhere.

One small difference from previous behavior is that EXPLAIN will no longer
qualify local variable references in inner-indexscan plan nodes, since it
no longer sees such nodes as possibly referencing multiple tables.  Vars
referenced through PARAM_EXEC Params are still forcibly qualified, though,
so I don't think the display is any more confusing than before.  Adjust a
couple of examples in the documentation to match this behavior.
2010-07-13 20:57:19 +00:00
Heikki Linnakangas
2751a249cb Oops, in the previous fix to prevent a cursor that's being used in a FOR
loop from being dropped, I missed subtransaction cleanup. Pinned portals
must be dropped at subtransaction cleanup just as they are at main
transaction cleanup.

Per bug #5556 by Robert Walker. Backpatch to 8.0, 7.4 didn't have
subtransactions.
2010-07-13 09:02:30 +00:00
Tom Lane
5ce63f480b Avoid an Assert failure in deconstruct_array() by making get_attstatsslot()
use the actual element type of the array it's disassembling, rather than
trusting the type OID passed in by its caller.  This is needed because
sometimes the planner passes in a type OID that's only binary-compatible
with the target column's type, rather than being an exact match.  Per an
example from Bernd Helmle.

Possibly we should refactor get_attstatsslot/free_attstatsslot to not expect
the caller to supply type ID data at all, but for now I'll just do the
minimum-change fix.

Back-patch to 7.4.  Bernd's test case only crashes back to 8.0, but since
these subroutines are the same in 7.4, I suspect there may be variant
cases that would crash 7.4 as well.
2010-07-09 22:57:39 +00:00
Tom Lane
2b8a624596 Fix ruleutils' get_variable() to print something useful for Vars referencing
resjunk outputs of subquery tlists, instead of throwing an error.  Per bug
#5548 from Daniel Grace.

We might at some point find we ought to back-patch this further than 9.0,
but I think that such Vars can only occur as resjunk members of upper-level
tlists, in which case the problem can't arise because prior versions didn't
print resjunk tlist items in EXPLAIN VERBOSE.
2010-07-09 21:11:47 +00:00
Tom Lane
5b1b3ef742 Adjust mbutils.c so it won't get broken by future pgindent runs.
To do that, replace L'\0' by (WCHAR) 0.  Perhaps someday we should teach
pgindent about wide-character literals, but so long as this is the only
use-case in the entire Postgres sources, a workaround seems easier.
2010-07-07 15:13:21 +00:00
Robert Haas
20be0d480a Make log_temp_files based on kB, and revert docs & comments to match.
Per extensive discussion on pgsql-hackers.  We are deliberately not
back-patching this even though the behavior of 8.3 and 8.4 is
unquestionably broken, for fear of breaking existing users of this
parameter.  This incompatibility should be release-noted.
2010-07-06 22:55:26 +00:00
Tom Lane
3f12653b73 Undo pgindent breakage (again). Per buildfarm. 2010-07-06 21:09:00 +00:00
Bruce Momjian
239d769e7e pgindent run for 9.0, second run 2010-07-06 19:19:02 +00:00
Heikki Linnakangas
eb81b6509f The previous fix in CVS HEAD and 8.4 for handling the case where a cursor
being used in a PL/pgSQL FOR loop is closed was inadequate, as Tom Lane
pointed out. The bug affects FOR statement variants too, because you can
close an implicitly created cursor too by guessing the "<unnamed portal X>"
name created for it.

To fix that, "pin" the portal to prevent it from being dropped while it's
being used in a PL/pgSQL FOR loop. Backpatch all the way to 7.4 which is
the oldest supported version.
2010-07-05 09:27:18 +00:00
Tom Lane
aceedd88f6 Make vacuum_defer_cleanup_age be PGC_SIGHUP level, since it's not sensible
to have different values in different processes of the primary server.
Also put it into the "Streaming Replication" GUC category; it doesn't belong
in "Standby Servers" because you use it on the master not the standby.
In passing also correct guc.c's idea of wal_keep_segments' category.
2010-07-03 21:23:58 +00:00
Tom Lane
e76c1a0f4d Replace max_standby_delay with two parameters, max_standby_archive_delay and
max_standby_streaming_delay, and revise the implementation to avoid assuming
that timestamps found in WAL records can meaningfully be compared to clock
time on the standby server.  Instead, the delay limits are compared to the
elapsed time since we last obtained a new WAL segment from archive or since
we were last "caught up" to WAL data arriving via streaming replication.
This avoids problems with clock skew between primary and standby, as well
as other corner cases that the original coding would misbehave in, such
as the primary server having significant idle time between transactions.
Per my complaint some time ago and considerable ensuing discussion.

Do some desultory editing on the hot standby documentation, too.
2010-07-03 20:43:58 +00:00
Simon Riggs
3bdd23932b Fix log_temp_files docs and comments to say bytes not kilobytes.
stat(2) field st_size returns bytes not kilobytes.
Bug found during recent performance tuning for PostgreSQL user.
2010-06-25 13:11:25 +00:00
Tom Lane
78e8f0025e Clean up some randomness associated with trace_recovery_messages: don't
put the variable declaration in the middle of a bunch of externs,
and do use extern where it should be used.
2010-06-17 17:44:40 +00:00
Itagaki Takahiro
41f302b52a Add new GUC categories corresponding to sections in docs, and move
description for vacuum_defer_cleanup_age to the correct category.
Sections in postgresql.conf are also sorted in the same order with docs.

Per gripe by Fujii Masao, suggestion by Heikki Linnakangas, and patch by me.
2010-06-15 07:52:11 +00:00
Robert Haas
26b7abfa32 Fix ALTER LARGE OBJECT and GRANT ... ON LARGE OBJECT for large OIDs.
The previous coding failed for OIDs too large to be represented by
a signed integer.
2010-06-13 17:43:13 +00:00
Tom Lane
b12b7a9038 Change the notation for calling functions with named parameters from
"val AS name" to "name := val", as per recent discussion.

This patch catches everything in the original named-parameters patch,
but I'm not certain that no other dependencies snuck in later (grepping
the source tree for all uses of AS soon proved unworkable).

In passing I note that we've dropped the ball at least once on keeping
ecpg's lexer (as opposed to parser) in sync with the backend.  It would
be a good idea to go through all of pgc.l and see if it's in sync now.
I didn't attempt that at the moment.
2010-05-30 18:10:41 +00:00
Tom Lane
ece869b11e Fix oversight in the previous patch that made LIKE throw error for \ at the
end of the pattern: the code path that handles \ just after % should throw
error too.  As in the previous patch, not back-patching for fear of breaking
apps that worked before.
2010-05-28 18:18:19 +00:00
Tom Lane
dbde97cdde Rewrite LIKE's %-followed-by-_ optimization so it really works (this time
for sure ;-)).  It now also optimizes more cases, such as %_%_.  Improve
comments too.  Per bug #5478.

In passing, also rename the TCHAR macro to GETCHAR, because pgindent is
messing with the formatting of the former (apparently it now thinks TCHAR
is a typedef name).

Back-patch to 8.3, where the bug was introduced.
2010-05-28 17:35:23 +00:00
Tom Lane
ede5072676 Change ps_status.c to explicitly track the current logical length of ps_buffer.
This saves cycles in get_ps_display() on many popular platforms, and more
importantly ensures that get_ps_display() will correctly return an empty
string if init_ps_display() hasn't been called yet.  Per trouble report
from Ray Stell, in which log_line_prefix %i produced junk early in backend
startup.

Back-patch to 8.0.  7.4 doesn't have %i and its version of get_ps_display()
makes no pretense of avoiding pad junk anyhow.
2010-05-27 19:19:38 +00:00
Tom Lane
ed437e2b27 Adjust comments about avoiding use of printf's %.*s.
My initial impression that glibc was measuring the precision in characters
(which is what the Linux man page says it does) was incorrect.  It does take
the precision to be in bytes, but it also tries to truncate the string at a
character boundary.  The bottom line remains the same: it will mess up
if the string is not in the encoding it expects, so we need to avoid %.*s
anytime there's a significant risk of that.  Previous code changes are still
good, but adjust the comments to reflect this knowledge.  Per research by
Hernan Gonzalez.
2010-05-09 02:16:00 +00:00
Tom Lane
54cd4f0457 Work around a subtle portability problem in use of printf %s format.
Depending on which spec you read, field widths and precisions in %s may be
counted either in bytes or characters.  Our code was assuming bytes, which
is wrong at least for glibc's implementation, and in any case libc might
have a different idea of the prevailing encoding than we do.  Hence, for
portable results we must avoid using anything more complex than just "%s"
unless the string to be printed is known to be all-ASCII.

This patch fixes the cases I could find, including the psql formatting
failure reported by Hernan Gonzalez.  In HEAD only, I also added comments
to some places where it appears safe to continue using "%.*s".
2010-05-08 16:39:53 +00:00
Tom Lane
f9ed327f76 Clean up some awkward, inaccurate, and inefficient processing around
MaxStandbyDelay.  Use the GUC units mechanism for the value, and choose more
appropriate timestamp functions for performing tests with it.  Make the
ps_activity manipulation in ResolveRecoveryConflictWithVirtualXIDs have
behavior similar to ps_activity code elsewhere, notably not updating the
display when update_process_title is off and not truncating the display
contents at an arbitrarily-chosen length.  Improve the docs to be explicit
about what MaxStandbyDelay actually measures, viz the difference between
primary and standby servers' clocks, and the possible hazards if their clocks
aren't in sync.
2010-05-02 02:10:33 +00:00
Tom Lane
f0488bd57c Rename the parameter recovery_connections to hot_standby, to reduce possible
confusion with streaming-replication settings.  Also, change its default
value to "off", because of concern about executing new and poorly-tested
code during ordinary non-replicating operation.  Per discussion.

In passing do some minor editing of related documentation.
2010-04-29 21:36:19 +00:00
Heikki Linnakangas
9b8a73326e Introduce wal_level GUC to explicitly control if information needed for
archival or hot standby should be WAL-logged, instead of deducing that from
other options like archive_mode. This replaces recovery_connections GUC in
the primary, where it now has no effect, but it's still used in the standby
to enable/disable hot standby.

Remove the WAL-logging of "unlogged operations", like creating an index
without WAL-logging and fsyncing it at the end. Instead, we keep a copy of
the wal_mode setting and the settings that affect how much shared memory a
hot standby server needs to track master transactions (max_connections,
max_prepared_xacts, max_locks_per_xact) in pg_control. Whenever the settings
change, at server restart, write a WAL record noting the new settings and
update pg_control. This allows us to notice the change in those settings in
the standby at the right moment, they used to be included in checkpoint
records, but that meant that a changed value was not reflected in the
standby until the first checkpoint after the change.

Bump PG_CONTROL_VERSION and XLOG_PAGE_MAGIC. Whack XLOG_PAGE_MAGIC back to
the sequence it used to follow, before hot standby and subsequent patches
changed it to 0x9003.
2010-04-28 16:10:43 +00:00
Bruce Momjian
7eb6e6b48a Add comments about why we set LC_CTYPE in WIN32 for time when we don't
actually access it, per information from Hiroshi.
2010-04-26 14:17:52 +00:00
Robert Haas
ab93cd9b05 When we're restricting who can connect, don't allow new walsenders.
Normal superuser processes are allowed to connect even when the database
system is shutting down, or when fewer than superuser_reserved_connection
slots remain.  This is intended to make sure an administrator can log in
and troubleshoot, so don't extend these same courtesies to users connecting
for replication.
2010-04-26 10:52:00 +00:00
Bruce Momjian
22da73198f Add C comments for recent to_char('L') fix for Win32. 2010-04-24 22:54:56 +00:00
Simon Riggs
90e04bab39 Patch revoked because of objections. 2010-04-24 16:20:32 +00:00
Simon Riggs
473af39737 Add missing optimizer hooks for function cost and number of rows.
Closely follow design of other optimizer hooks: if hook exists
retrieve value from plugin; if still not set then get from cache.
2010-04-23 22:23:39 +00:00
Peter Eisentraut
89a9db2940 Fix message punctuation 2010-04-22 19:40:03 +00:00
Itagaki Takahiro
95a777c612 Fix encoding issue when lc_monetary or lc_numeric are different encoding
from lc_ctype, that could happen on Windows. We need to change lc_ctype
together with lc_monetary or lc_numeric, and convert strings in lconv
from lc_ctype encoding to the database encoding.

The bug reported by Mikko, original patch by Hiroshi Inoue,
with changes by Bruce and me.
2010-04-22 01:55:52 +00:00
Tom Lane
a6dcd19a2a Enforce superuser permissions checks during ALTER ROLE/DATABASE SET, rather
than during define_custom_variable().  This entails rejecting an ALTER
command if the target variable doesn't have a known (non-placeholder)
definition, unless the calling user is superuser.  When the variable *is*
known, we can correctly apply the rule that only superusers can issue ALTER
for SUSET parameters.  This allows define_custom_variable to apply ALTER's
values for SUSET parameters at module load time, secure in the knowledge
that only a superuser could have set the ALTER value.  This change fixes a
longstanding gotcha in the usage of SUSET-level custom parameters; which
is a good thing to fix now that plpgsql defines such a parameter.
2010-04-21 20:54:19 +00:00
Tom Lane
a3c6d10575 Move the check for whether walreceiver has authenticated as a superuser
from walsender.c, where it didn't really belong, to postinit.c where it does
belong (and is essentially free, too).
2010-04-21 00:51:57 +00:00
Tom Lane
ea46000a40 Arrange for client authentication to occur before we select a specific
database to connect to. This is necessary for the walsender code to work
properly (it was previously using an untenable assumption that template1 would
always be available to connect to).  This also gets rid of a small security
shortcoming that was introduced in the original patch to eliminate the flat
authentication files: before, you could find out whether or not the requested
database existed even if you couldn't pass the authentication checks.

The changes needed to support this are mainly just to treat pg_authid and
pg_auth_members as nailed relations, so that we can read them without having
to be able to locate real pg_class entries for them.  This mechanism was
already debugged for pg_database, but we hadn't recognized the value of
applying it to those catalogs too.

Since the current code doesn't have support for accessing toast tables before
we've brought up all of the relcache, remove pg_authid's toast table to ensure
that no one can store an out-of-line toasted value of rolpassword.  The case
seems quite unlikely to occur in practice, and was effectively unsupported
anyway in the old "flatfiles" implementation.

Update genbki.pl to actually implement the same rules as bootstrap.c does for
not-nullability of catalog columns.  The previous coding was a bit cheesy but
worked all right for the previous set of bootstrap catalogs.  It does not work
for pg_authid, where rolvaliduntil needs to be nullable.

Initdb forced due to minor catalog changes (mainly the toast table removal).
2010-04-20 23:48:47 +00:00
Robert Haas
481cb5d9b5 Rename standby_keep_segments to wal_keep_segments.
Also, make the name of the GUC and the name of the backing variable match.
Alnong the way, clean up a couple of slight typographical errors in the
related docs.
2010-04-20 11:15:06 +00:00
Tom Lane
c670410e7f Move the responsibility for calling StartupXLOG into InitPostgres, for
those process types that go through InitPostgres; in particular, bootstrap
and standalone-backend cases.  This ensures that we have set up a PGPROC
and done some other basic initialization steps (corresponding to the
if (IsUnderPostmaster) block in AuxiliaryProcessMain) before we attempt to
run WAL recovery in a standalone backend.  As was discovered last September,
this is necessary for some corner-case code paths during WAL recovery,
particularly end-of-WAL cleanup.

Moving the bootstrap case here too is not necessary for correctness, but it
seems like a good idea since it reduces the number of distinct code paths.
2010-04-20 01:38:52 +00:00
Robert Haas
5b89ef384c Add an 'enable_material' GUC.
The logic for determining whether to materialize has been significantly
overhauled for 9.0.  In case there should be any doubt about whether
materialization is a win in any particular case, this should provide a
convenient way of seeing what happens without it; but even with enable_material
turned off, we still materialize in cases where it is required for
correctness.

Thanks to Tom Lane for the review.
2010-04-19 00:55:26 +00:00
Tom Lane
73981cb451 Fix a problem introduced by my patch of 2010-01-12 that revised the way
relcache reload works.  In the patched code, a relcache entry in process of
being rebuilt doesn't get unhooked from the relcache hash table; which means
that if a cache flush occurs due to sinval queue overrun while we're
rebuilding it, the entry could get blown away by RelationCacheInvalidate,
resulting in crash or misbehavior.  Fix by ensuring that an entry being
rebuilt has positive refcount, so it won't be seen as a target for removal
if a cache flush occurs.  (This will mean that the entry gets rebuilt twice
in such a scenario, but that's okay.)  It appears that the problem can only
arise within a transaction that has previously reassigned the relfilenode of
a pre-existing table, via TRUNCATE or a similar operation.  Per bug #5412
from Rusty Conover.

Back-patch to 8.2, same as the patch that introduced the problem.
I think that the failure can't actually occur in 8.2, since it lacks the
rd_newRelfilenodeSubid optimization, but let's make it work like the later
branches anyway.

Patch by Heikki, slightly editorialized on by me.
2010-04-14 21:31:11 +00:00
Heikki Linnakangas
e57cd7f0a1 Change the logic to decide when to delete old WAL segments, so that it
doesn't take into account how far the WAL senders are. This way a hung
WAL sender doesn't prevent old WAL segments from being recycled/removed
in the primary, ultimately causing the disk to fill up. Instead add
standby_keep_segments setting to control how many old WAL segments are
kept in the primary. This also makes it more reliable to use streaming
replication without WAL archiving, assuming that you set
standby_keep_segments high enough.
2010-04-12 09:52:29 +00:00
Tom Lane
2c0870ff7a Fix to_char YYY, YY, Y format codes so that FM zero-suppression really works,
rather than only sort-of working as the previous attempt had left it.
Clean up some unnecessary differences between the way these were coded and
the way the YYYY case was coded.  Update the regression test cases that
proved that it wasn't working.
2010-04-07 21:41:53 +00:00
Robert Haas
54943734f8 Refer to max_wal_senders in a more consistent fashion.
The error message now makes explicit reference to the GUC that must be changed
to fix the problem, using wording suggested by Tom Lane.  Along the way,
rename the GUC from MaxWalSenders to max_wal_senders for consistency and
grep-ability.
2010-04-01 00:43:29 +00:00
Bruce Momjian
a358423d8f Add comma missing from postgresql.conf comment. 2010-03-30 00:11:45 +00:00
Simon Riggs
65cd829232 Modify some new and pre-existing messages for translatability. 2010-03-25 20:40:17 +00:00
Alvaro Herrera
be8cebc717 Prevent ALTER USER f RESET ALL from removing the settings that were put there
by a superuser -- "ALTER USER f RESET setting" already disallows removing such a
setting.

Apply the same treatment to ALTER DATABASE d RESET ALL when run by a database
owner that's not superuser.
2010-03-25 14:44:34 +00:00
Simon Riggs
e6867eebd4 Change replication connection log format to allow for a database
called replication. Add host and port details, following format
of messages in BackendInitialize().
2010-03-24 21:25:50 +00:00
Bruce Momjian
96189dbe66 Document in postgresql.conf that the max_standby_delay default is 30
'seconds'.
2010-03-24 03:13:45 +00:00
Peter Eisentraut
c248d17120 Message tuning 2010-03-21 00:17:59 +00:00
Simon Riggs
6a771d1d36 Add connection messages for streaming replication. log_connections
was broken for a replication connection and no messages were
displayed on either standby or primary, at any debug level.
Connection messages needed to diagnose session drop/reconnect
events. Use LOG mode for now, discuss lowering in later releases.
2010-03-19 19:19:38 +00:00
Simon Riggs
6407fa996a Add vacuum_defer_cleanup_age to postgresql.conf.sample. 2010-03-18 07:01:01 +00:00
Bruce Momjian
ea066f87c3 Document that "Q" is ignored by to_date and to_timestamp. Add C comment
about the behavior.

Document that quotes in to_date, to_timestamp, to_number skip input
characters.
2010-03-03 22:28:42 +00:00
Tom Lane
8bf14182cf Export xml.c's libxml-error-handling support so that contrib/xml2 can use it
too, instead of duplicating the functionality (badly).

I renamed xml_init to pg_xml_init, because the former seemed just a bit too
generic to be safe as a global symbol.  I considered likewise renaming
xml_ereport to pg_xml_ereport, but felt that the reference to ereport probably
made it sufficiently PG-centric already.
2010-03-03 17:29:45 +00:00
Tom Lane
4d17a2146c Insert a hack into get_float8_nan (both core and ecpg copies) to deal with
the fact that NetBSD/mips is currently broken, as per buildfarm member pika.

Also add regression tests to ensure that get_float8_nan and get_float4_nan
are exercised even on platforms where they are not needed by
float8in/float4in.

Zoltán Böszörményi and Tom Lane
2010-02-27 21:53:21 +00:00
Bruce Momjian
bf379837dc Back out unintended change to pg_locale.c. 2010-02-27 20:20:44 +00:00
Bruce Momjian
9295eea839 Document ATAPI FLUSH CACHE EXT. 2010-02-27 20:16:17 +00:00
Tom Lane
5667a53b78 Undo some more pgindent breakage. Per buildfarm. 2010-02-27 03:55:52 +00:00
Bruce Momjian
65e806cba1 pgindent run for 9.0 2010-02-26 02:01:40 +00:00
Bruce Momjian
89ce2bfc13 Add C comment that do_to_timestamp() lacks error checking. 2010-02-25 18:36:14 +00:00
Magnus Hagander
413d34be4e Add configuration parameter ssl_renegotiation_limit to control
how often we do SSL session key renegotiation. Can be set to
0 to disable renegotiation completely, which is required if
a broken SSL library is used (broken patches to CVE-2009-3555
a known cause) or when using a client library that can't do
renegotiation.
2010-02-25 13:26:16 +00:00
Bruce Momjian
a54803149a Revert recent change of to_char('HH12') handling for intervals; instead
improve documentation, and add C comment.
2010-02-23 16:14:26 +00:00
Bruce Momjian
4f56dc3fb4 Secondary patch to fix interval to_char() for "HH" where hours >= 12. 2010-02-23 06:29:01 +00:00
Bruce Momjian
7cdadc62ea Supress convertion of zero hours to '12' for intervals when using
to_char with HH, e.g.

	to_char(interval '0d 0h 12m 44s', 'DD HH24 MI SS');

now returns:

	 00 00 12 44

not:

	 00 12 12 44
2010-02-23 01:42:19 +00:00