Bruce Momjian [Fri, 1 Jul 2005 17:05:58 +0000 (17:05 +0000)]
Update for roles:
< * Prevent default re-use of sysids for dropped users and groups
> * Prevent default re-use of sysids for dropped users and roles 450c450
< * Add COMMENT ON for all cluster global objects (users, groups, databases
> * Add COMMENT ON for all cluster global objects (users, roles, databases 609c609
< users and groups with separate DROP commands
> users and roles with separate DROP commands
Fixes from Janko Richter <jankorichter@yahoo.de>
- Fix wrong index results on text, char, varchar for multibyte strings
- Fix some SIGFPE signals
- Add support for infinite timestamps
- Because of locale settings, btree_gist can not be a prefix index anymore (for text).
Each node holds now just the lower and upper boundary.
Neil Conway [Fri, 1 Jul 2005 05:13:58 +0000 (05:13 +0000)]
Adds some missing error handling to PGTYPESnumeric_div() in ecpg's
pgtypeslib: (1) we need to check the return value of sub_abs() (2) we
need to check the return value of 4 calls to digitbuf_alloc().
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Fri, 1 Jul 2005 05:12:06 +0000 (05:12 +0000)]
Fix some minor infelicities in ecpg's pgtypeslib: (1) `pstr' must be
non-NULL in this function, so there is no need to check for it (2) we
should check the return value of pgtypes_strdup(). Patch from Eric
Astor at EnterpriseDB, with slight cleanup by myself, per a report
from the Coverity tool.
Teodor Sigaev [Thu, 30 Jun 2005 17:52:14 +0000 (17:52 +0000)]
Bug fixes for GiST crash recovery.
- add forgotten check of lsn for insert completion
- remove level of pages: hard to check in recovery
- some cleanups
Neil Conway [Thu, 30 Jun 2005 07:27:31 +0000 (07:27 +0000)]
Minor ecpg tweak: the return value of calloc() is guaranteed to be NULL
or zero-filled; therefore zero-filling it via memset() is pointless.
(I think setting `errno' is probably a waste of cycles as well, but I
haven't changed that.)
Neil Conway [Thu, 30 Jun 2005 07:08:59 +0000 (07:08 +0000)]
Warning cleanups for ecpg tests. Avoid doing pointer arithmetic on void *,
remove old-style function declarations, and mark a function "static".
There are some remaining warnings, but this fixes most of them, anyway.
Neil Conway [Thu, 30 Jun 2005 01:59:20 +0000 (01:59 +0000)]
Fix a theoretical memory leak in pg_password_sendauth(). If the first
malloc() succeeded but the second failed, the buffer allocated by the
first malloc() would be leaked. Fix this by allocating both buffers
via a single malloc(), as suggested by Tom.
Per Coverity static analysis performed by EnterpriseDB.
Tom Lane [Thu, 30 Jun 2005 00:00:52 +0000 (00:00 +0000)]
Improve the checkpoint signaling mechanism so that the bgwriter can tell
the difference between checkpoints forced due to WAL segment consumption
and checkpoints forced for other reasons (such as CREATE DATABASE). Avoid
generating 'checkpoints are occurring too frequently' messages when the
checkpoint wasn't caused by WAL segment consumption. Per gripe from
Chris K-L.
Tom Lane [Wed, 29 Jun 2005 22:51:57 +0000 (22:51 +0000)]
Clean up the rather historically encumbered interface to now() and
current time: provide a GetCurrentTimestamp() function that returns
current time in the form of a TimestampTz, instead of separate time_t
and microseconds fields. This is what all the callers really want
anyway, and it eliminates low-level dependencies on AbsoluteTime,
which is a deprecated datatype that will have to disappear eventually.
Tom Lane [Wed, 29 Jun 2005 20:34:15 +0000 (20:34 +0000)]
More cleanup on roles patch. Allow admin option to be inherited through
role memberships; make superuser/createrole distinction do something
useful; fix some locking and CommandCounterIncrement issues; prevent
creation of loops in the membership graph.
Tom Lane [Tue, 28 Jun 2005 22:16:45 +0000 (22:16 +0000)]
Fix up problems in write_auth_file and parsing of the auth file.
In particular, make hba.c cope with zero-length tokens, which it
never did properly before. Also, enforce rolcanlogin.
Tom Lane [Tue, 28 Jun 2005 19:51:26 +0000 (19:51 +0000)]
Bring syntax of role-related commands into SQL compliance. To avoid
syntactic conflicts, both privilege and role GRANT/REVOKE commands have
to use the same production for scanning the list of tokens that might
eventually turn out to be privileges or role names. So, change the
existing GRANT/REVOKE code to expect a list of strings not pre-reduced
AclMode values. Fix a couple other minor issues while at it, such as
InitializeAcl function name conflicting with a Windows system function.
Tom Lane [Tue, 28 Jun 2005 05:09:14 +0000 (05:09 +0000)]
Replace pg_shadow and pg_group by new role-capable catalogs pg_authid
and pg_auth_members. There are still many loose ends to finish in this
patch (no documentation, no regression tests, no pg_dump support for
instance). But I'm going to commit it now anyway so that Alvaro can
make some progress on shared dependencies. The catalog changes should
be pretty much done.
Teodor Sigaev [Mon, 27 Jun 2005 12:45:23 +0000 (12:45 +0000)]
Concurrency for GiST
- full concurrency for insert/update/select/vacuum:
- select and vacuum never locks more than one page simultaneously
- select (gettuple) hasn't any lock across it's calls
- insert never locks more than two page simultaneously:
- during search of leaf to insert it locks only one page
simultaneously
- while walk upward to the root it locked only parent (may be
non-direct parent) and child. One of them X-lock, another may
be S- or X-lock
- 'vacuum full' locks index
- improve gistgetmulti
- simplify XLOG records
Fix bug in index_beginscan_internal: LockRelation may clean
rd_aminfo structure, so move GET_REL_PROCEDURE after LockRelation
Tom Lane [Mon, 27 Jun 2005 02:17:47 +0000 (02:17 +0000)]
Modify pg_dump to assume that a check constraint is inherited if its
name matches the name of any parent-table constraint, without looking
at the constraint text. This is a not-very-bulletproof workaround for
the problem exhibited by Berend Tober last month. We really ought to
record constraint inheritance status in pg_constraint, but it's looking
like that may not get done for 8.1 --- and even if it does, we will
need this kluge for dumping from older servers.
Neil Conway [Mon, 27 Jun 2005 02:04:26 +0000 (02:04 +0000)]
Remove support for Kerberos V4. It seems no one is using this, it has
some security issues, and upstream has declared it "dead". Patch from
Magnus Hagander, minor editorialization from Neil Conway.
Tom Lane [Mon, 27 Jun 2005 00:48:07 +0000 (00:48 +0000)]
Adjust contrib/seg &< and &> operators so that r-tree indexing logic
works properly for 1-D comparisons. Fix some other errors such as
bogus commutator specifications.
Tom Lane [Sun, 26 Jun 2005 23:32:34 +0000 (23:32 +0000)]
Tweak dynahash.c to not allocate so many entries at once when dealing
with a table that has a small predicted size. Avoids wasting several
hundred K on the timezone hash table, which is likely to have only one
or a few entries, but the entries use up 10Kb apiece ...
Tom Lane [Sun, 26 Jun 2005 19:16:07 +0000 (19:16 +0000)]
Code review for escape-strings patch. Sync psql and plpgsql lexers
with main, avoid using a SQL-defined SQLSTATE for what is most definitely
not a SQL-compatible error condition, fix documentation omissions,
adhere to message style guidelines, don't use two GUC_REPORT variables
when one is sufficient. Nothing done about pg_dump issues.
Tom Lane [Sat, 25 Jun 2005 22:47:29 +0000 (22:47 +0000)]
Force a checkpoint before committing a CREATE DATABASE command. This
should fix the recent reports of "index is not a btree" failures,
as well as preventing a more obscure race condition involving changes
to a template database just after copying it with CREATE DATABASE.
Tom Lane [Sat, 25 Jun 2005 16:53:49 +0000 (16:53 +0000)]
Fix ancient memory leak in index_create(): RelationInitIndexAccessInfo
was being called twice in normal operation, leading to a leak of one set
of relcache subsidiary info. Per report from Jeff Gold.
Bruce Momjian [Sat, 25 Jun 2005 01:32:02 +0000 (01:32 +0000)]
Add item:
> * Add NUMERIC division operator that doesn't round?
>
> Currently NUMERIC _rounds_ the result to the specified precision.
> This means division can return a result that multiplied by the
> divisor is greater than the dividend, e.g. this returns a value > 10:
>
> SELECT (10::numeric(2,0) / 6::numeric(2,0))::numeric(2,0) * 6;
>
> The positive modulus result returned by NUMERICs might be considered
> inaccurate, in one sense.
>
Tom Lane [Fri, 24 Jun 2005 20:53:34 +0000 (20:53 +0000)]
Extend r-tree operator classes to handle Y-direction tests equivalent
to the existing X-direction tests. An rtree class now includes 4 actual
2-D tests, 4 1-D X-direction tests, and 4 1-D Y-direction tests.
This involved adding four new Y-direction test operators for each of
box and polygon; I followed the PostGIS project's lead as to the names
of these operators.
NON BACKWARDS COMPATIBLE CHANGE: the poly_overleft (&<) and poly_overright
(&>) operators now have semantics comparable to box_overleft and box_overright.
This is necessary to make r-tree indexes work correctly on polygons.
Also, I changed circle_left and circle_right to agree with box_left and
box_right --- formerly they allowed the boundaries to touch. This isn't
actually essential given the lack of any r-tree opclass for circles, but
it seems best to sync all the definitions while we are at it.
Tom Lane [Fri, 24 Jun 2005 14:28:06 +0000 (14:28 +0000)]
Remove overspecification of precision of CURRENT_TIMESTAMP, LOCALTIMESTAMP,
CURRENT_TIME, and LOCALTIME: now they just produce "timestamptz" not
"timestamptz(6)", etc. This makes the behavior more consistent with our
choice to not assign a specific default precision to column datatypes.
It should also save a few cycles at runtime due to not having to invoke
the round-to-given-precision functions.
I also took the opportunity to translate CURRENT_TIMESTAMP into "now()"
instead of an invocation of the timestamptz input converter --- this should
save a few cycles too.
Tom Lane [Fri, 24 Jun 2005 00:18:52 +0000 (00:18 +0000)]
Fix rtree and contrib/rtree_gist search behavior for the 1-D box and
polygon operators (<<, &<, >>, &>). Per ideas originally put forward
by andrew@supernews and later rediscovered by moi. This patch just
fixes the existing opclasses, and does not add any new behavior as I
proposed earlier; that can be sorted out later. In principle this
could be back-patched, since it changes only search behavior and not
system catalog entries nor rtree index contents. I'm not currently
planning to do that, though, since I think it could use more testing.
Bruce Momjian [Thu, 23 Jun 2005 21:28:10 +0000 (21:28 +0000)]
Update text of terminate:
< * Allow administrators to safely terminate individual sessions
<
< Right now, SIGTERM will terminate a session, but it is treated as
< though the postmaster has paniced and shared memory might not be
< cleaned up properly. A new signal is needed for safe termination
< because backends must first do a query cancel, then exit once they
< have run the query cancel cleanup routine.
<
> * Allow administrators to safely terminate individual sessions either
> via an SQL function or SIGTERM
Tom Lane [Thu, 23 Jun 2005 02:33:28 +0000 (02:33 +0000)]
Move findoidjoins out of contrib and into src/tools, which is a more
logical place for it since it is of no use to users. Per recent
discussions on cleaning up contrib.
Tom Lane [Thu, 23 Jun 2005 00:06:37 +0000 (00:06 +0000)]
Cleanup the contrib/lo module: there is no need anymore to implement
a physically separate type. Defining 'lo' as a domain over OID works
just fine and is more efficient. Improve documentation and fix up the
test script. (Would like to turn test script into a proper regression
test, but right now its output is not constant because of numeric OIDs;
plus it makes Unix-specific assumptions about files it can import.)
Tom Lane [Wed, 22 Jun 2005 21:14:31 +0000 (21:14 +0000)]
Make REINDEX DATABASE do what one would expect, namely reindex all indexes
in the database. The old behavior (reindex system catalogs only) is now
available as REINDEX SYSTEM. I did not add the complementary REINDEX USER
case since there did not seem to be consensus for this, but it would be
trivial to add later. Per recent discussions.
Tom Lane [Wed, 22 Jun 2005 17:45:46 +0000 (17:45 +0000)]
Fix the mechanism for reporting the original table OID and column number
of columns of a query result so that it can "see through" cursors and
prepared statements. Per gripe a couple months back from John DeSoi.
Tom Lane [Wed, 22 Jun 2005 15:19:43 +0000 (15:19 +0000)]
Add a hack requested by the JDBC driver writers: when a function's
argument list contains parameter symbols ($n) declared as type VOID,
discard these arguments. This allows the driver to avoid renumbering
mixed IN and OUT argument placeholders (the JDBC syntax involves writing
? for both IN and OUT parameters, but on the server side we don't think
that OUT parameters are arguments). This doesn't break any currently-
useful cases since VOID is not used as an input argument type.
Neil Conway [Wed, 22 Jun 2005 07:28:47 +0000 (07:28 +0000)]
Fix bug in CONTINUE statement for PL/pgSQL: when we continue a loop,
we need to be careful to reset rc to PLPGSQL_RC_OK, depending on how
the loop's logic is structured. If we continue a loop but it then
exits without executing the loop's body again, we want to return
PLPGSQL_RC_OK to our caller. Enhance the regression tests to catch
this problem. Per report from Michael Fuhr.
Neil Conway [Wed, 22 Jun 2005 02:00:47 +0000 (02:00 +0000)]
Correct some code in pg_restore when reading the header of a tar archive:
(1) The code doesn't initialize `sum', so the initial "does the checksum
match?" test is wrong.
(2) The loop that is intended to check for a "null block" just checks
the first byte of the tar block 512 times, rather than each of the
512 bytes one time (!), which I'm guessing was the intent.
It was only through sheer luck that this worked in the first place.
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Wed, 22 Jun 2005 01:43:05 +0000 (01:43 +0000)]
More trivial dead code removal: in int_to_roman(), checking for "num == -1"
is redundant after a check has already been made for "num < 0". The "set"
variable can also be removed, as it is now no longer used. Per checking
with Karel, this is the right fix.
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Wed, 22 Jun 2005 01:35:03 +0000 (01:35 +0000)]
Add a CONTINUE statement to PL/PgSQL, which can be used to begin the
next iteration of a loop. Update documentation and add regression tests.
Patch from Pavel Stehule, reviewed by Neil Conway.
Tom Lane [Tue, 21 Jun 2005 20:45:44 +0000 (20:45 +0000)]
pg_dump can now dump large objects even in plain-text output mode, by
using the recently added lo_create() function. The restore logic in
pg_restore is greatly simplified as well, since there's no need anymore
to try to adjust database references to match a new set of blob OIDs.
Tom Lane [Tue, 21 Jun 2005 15:22:18 +0000 (15:22 +0000)]
Fix pg_dumpall to do the right thing with "postgres" database, per
Dave Page. Also, cause it to emit rather than ignore any ACL and
datconfig options that may be set for these two databases.
Tom Lane [Tue, 21 Jun 2005 04:02:34 +0000 (04:02 +0000)]
Cause initdb to create a third standard database "postgres", which
unlike template0 and template1 does not have any special status in
terms of backend functionality. However, all external utilities such
as createuser and createdb now connect to "postgres" instead of
template1, and the documentation is changed to encourage people to use
"postgres" instead of template1 as a play area. This should fix some
longstanding gotchas involving unexpected propagation of database
objects by createdb (when you used template1 without understanding
the implications), as well as ameliorating the problem that CREATE
DATABASE is unhappy if anyone else is connected to template1.
Patch by Dave Page, minor editing by Tom Lane. All per recent
pghackers discussions.
Neil Conway [Tue, 21 Jun 2005 01:20:09 +0000 (01:20 +0000)]
Fix a potential backend crash during authentication when parsing a
malformed ident map file. This was introduced by the linked list
rewrite in 8.0 -- mea maxima culpa.
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Tue, 21 Jun 2005 00:58:15 +0000 (00:58 +0000)]
Trivial dead code removal: in CreateSchemaCommand(), 'owner_name' is
only used in one branch of an if statement, so we can move its
declaration to that block. This also avoids an unnecessary syscache
lookup.
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Tue, 21 Jun 2005 00:48:33 +0000 (00:48 +0000)]
Trivial dead code removal: in _complete_from_query(), 'text' cannot be
NULL (e.g. due to the preceding strlen()). Therefore we needn't recheck
this before initializing 'e_text'.
Per Coverity static analysis performed by EnterpriseDB.
Neil Conway [Tue, 21 Jun 2005 00:35:05 +0000 (00:35 +0000)]
Trivial dead code removal: in makeObjectName(), name1 must be non-NULL
(due to the preceding strlen(), for example), so we needn't recheck this
before invoking pg_mbcliplen().
Per Coverity static analysis performed by EnterpriseDB.
Tom Lane [Mon, 20 Jun 2005 22:51:29 +0000 (22:51 +0000)]
exec_eval_datum leaks memory when dealing with ROW or REC values.
It never leaked memory before PG 8.0, so none of the callers are
expecting this. Cleanest fix seems to be to make it allocate the needed
memory in estate->eval_econtext, where it will be cleaned up by
the next exec_eval_cleanup. Per report from Bill Rugolsky.
Tom Lane [Mon, 20 Jun 2005 21:14:01 +0000 (21:14 +0000)]
Remove read_file/write_file tests. These were originally intended to
*fail*, to test that plpython didn't allow untrusted operations.
When we changed plpython to plpythonu because python didn't actually have
a secure sandbox mode, someone (probably me :-() misinterpreted the tests
as checking whether Python's file I/O works. Which is a stupid thing for
us to be testing. Remove it so we don't clutter the filesystem with
random temporary files.
Tom Lane [Mon, 20 Jun 2005 20:44:44 +0000 (20:44 +0000)]
plpgsql's exec_assign_value() freed the old value of a variable before
copying/converting the new value, which meant that it failed badly on
"var := var" if var is of pass-by-reference type. Fix this and a similar
hazard in exec_move_row(); not sure that the latter can manifest before
8.0, but patch it all the way back anyway. Per report from Dave Chapeskie.
Tom Lane [Mon, 20 Jun 2005 18:37:02 +0000 (18:37 +0000)]
Avoid WAL-logging individual tuple insertions during CREATE TABLE AS
(a/k/a SELECT INTO). Instead, flush and fsync the whole relation before
committing. We do still need the WAL log when PITR is active, however.
Simon Riggs and Tom Lane.
Teodor Sigaev [Mon, 20 Jun 2005 10:29:37 +0000 (10:29 +0000)]
1. full functional WAL for GiST
2. improve vacuum for gist
- use FSM
- full vacuum:
- reforms parent tuple if it's needed
( tuples was deleted on child page or parent tuple remains invalid
after crash recovery )
- truncate index file if possible
3. fixes bugs and mistakes
Tom Lane [Sun, 19 Jun 2005 22:41:00 +0000 (22:41 +0000)]
Avoid unnecessary palloc overhead in _bt_first(). The temporary
scankeys arrays that it needs can never have more than INDEX_MAX_KEYS
entries, so it's reasonable to just allocate them as fixed-size local
arrays, and save the cost of palloc/pfree. Not a huge savings, but
a cycle saved is a cycle earned ...
Tom Lane [Sun, 19 Jun 2005 21:34:03 +0000 (21:34 +0000)]
Simplify uses of readdir() by creating a function ReadDir() that
includes error checking and an appropriate ereport(ERROR) message.
This gets rid of rather tedious and error-prone manipulation of errno,
as well as a Windows-specific bug workaround, at more than a dozen
call sites. After an idea in a recent patch by Heikki Linnakangas.
Tom Lane [Sun, 19 Jun 2005 20:00:39 +0000 (20:00 +0000)]
Arrange to fsync two-phase-commit state files only during checkpoints;
given reasonably short lifespans for prepared transactions, this should
mean that only a small minority of state files ever need to be fsynced
at all. Per discussion with Heikki Linnakangas.