1. 01 Jul, 2017 3 commits
    • Tom Lane's avatar
      Reduce delay for last logicalrep feedback message when master goes idle. · f32678c0
      Tom Lane authored
      The regression tests contain numerous cases where we do some activity on a
      master server and then wait till the slave has ack'd flushing its copy of
      that transaction.  Because WAL flush on the slave is asynchronous to the
      logicalrep worker process, the worker cannot send such a feedback message
      during the LogicalRepApplyLoop iteration where it processes the last data
      from the master.  In the previous coding, the feedback message would come
      out only when the loop's WaitLatchOrSocket call returned WL_TIMEOUT.  That
      requires one full second of delay (NAPTIME_PER_CYCLE); and to add insult
      to injury, it could take more than that if the WaitLatchOrSocket was
      interrupted a few times by latch-setting events.
      
      In reality we can expect the slave's walwriter process to have flushed the
      WAL data after, more or less, WalWriterDelay (typically 200ms).  Hence,
      if there are unacked transactions pending, make the wait delay only that
      long rather than the full NAPTIME_PER_CYCLE.  Also, move one of the
      send_feedback() calls into the loop main line, so that we'll check for the
      need to send feedback even if we were woken by a latch event and not either
      socket data or timeout.
      
      It's not clear how much this matters for production purposes, but
      it's definitely helpful for testing.
      
      Discussion: https://postgr.es/m/30864.1498861103@sss.pgh.pa.us
      f32678c0
    • Tom Lane's avatar
      Shorten timeouts while waiting for logicalrep worker slot attach/detach. · 799f8bc7
      Tom Lane authored
      When waiting for a logical replication worker process to start or stop,
      we have to busy-wait until we see it add or remove itself from the
      LogicalRepWorker slot in shared memory.  Those loops were using a
      one-second delay between checks, but on any reasonably modern machine, it
      doesn't take more than a couple of msec for a worker to spawn or shut down.
      Reduce the loop delays to 10ms to avoid wasting quite so much time in the
      related regression tests.
      
      In principle, a better solution would be to fix things so that the waiting
      process can be awakened via its latch at the right time.  But that seems
      considerably more invasive, which is undesirable for a post-beta fix.
      Worker start/stop performance likely isn't of huge interest anyway for
      production purposes, so we might not ever get around to it.
      
      In passing, rearrange the second wait loop in logicalrep_worker_stop()
      so that the lock is held at the top of the loop, thus saving one lock
      acquisition/release per call, and making it look more like the other loop.
      
      Discussion: https://postgr.es/m/30864.1498861103@sss.pgh.pa.us
      799f8bc7
    • Peter Eisentraut's avatar
      Fix UPDATE of GENERATED ALWAYS identity columns · ef74e03e
      Peter Eisentraut authored
      The bug would previously prevent the update of any column in a table
      with identity columns, rather than just the actual identity column.
      
      Reported-by: zam6ak@gmail.com
      Bug: #14718
      ef74e03e
  2. 30 Jun, 2017 13 commits
    • Alvaro Herrera's avatar
      Fix locking in WAL receiver/sender shmem state structs · 572d6ee6
      Alvaro Herrera authored
      In WAL receiver and WAL server, some accesses to their corresponding
      shared memory control structs were done without holding any kind of
      lock, which could lead to inconsistent and possibly insecure results.
      
      In walsender, fix by clarifying the locking rules and following them
      correctly, as documented in the new comment in walsender_private.h;
      namely that some members can be read in walsender itself without a lock,
      because the only writes occur in the same process.  The rest of the
      struct requires spinlock for accesses, as usual.
      
      In walreceiver, fix by always holding spinlock while accessing the
      struct.
      
      While there is potentially a problem in all branches, it is minor in
      stable ones.  This only became a real problem in pg10 because of quorum
      commit in synchronous replication (commit 3901fd70), and a potential
      security problem in walreceiver because a superuser() check was removed
      by default monitoring roles (commit 25fff407).  Thus, no backpatch.
      
      In passing, clean up some leftover braces which were used to create
      unconditional blocks.  Once upon a time these were used for
      volatile-izing accesses to those shmem structs, which is no longer
      required.  Many other occurrences of this pattern remain.
      
      Author: Michaël Paquier
      Reported-by: Michaël Paquier
      Reviewed-by: Masahiko Sawada, Kyotaro Horiguchi, Thomas Munro,
      	Robert Haas
      Discussion: https://postgr.es/m/CAB7nPqTWYqtzD=LN_oDaf9r-hAjUEPAy0B9yRkhcsLdRN8fzrw@mail.gmail.com
      572d6ee6
    • Peter Eisentraut's avatar
      PL/Python: Fix hint about returning composite type from Python · 898d24ae
      Peter Eisentraut authored
      ('foo') is not a Python tuple: it is a string wrapped in parentheses.  A
      valid 1-element Python tuple is ('foo',).
      
      Author: Daniele Varrazzo <daniele.varrazzo@gmail.com>
      898d24ae
    • Peter Eisentraut's avatar
      Fix typo in comment · b295cc3b
      Peter Eisentraut authored
      Author: Masahiko Sawada <sawada.mshk@gmail.com>
      b295cc3b
    • Tom Lane's avatar
      Fix race conditions and missed wakeups in syncrep worker signaling. · 1f201a81
      Tom Lane authored
      When a sync worker is waiting for the associated apply worker to notice
      that it's in SYNCWAIT state, wait_for_worker_state_change() would just
      patiently wait for that to happen.  This generally required waiting for
      the 1-second timeout in LogicalRepApplyLoop to elapse.  Kicking the worker
      via its latch makes things significantly snappier.
      
      While at it, fix race conditions that could potentially result in crashes:
      we can *not* call logicalrep_worker_wakeup_ptr() once we've released the
      LogicalRepWorkerLock, because worker->proc might've been reset to NULL
      after we do that (indeed, there's no really solid reason to believe that
      the LogicalRepWorker slot even belongs to the same worker anymore).
      In logicalrep_worker_wakeup(), we can just move the wakeup inside the
      lock scope.  In process_syncing_tables_for_apply(), a bit more code
      rearrangement is needed.
      
      Also improve some nearby comments.
      1f201a81
    • Peter Eisentraut's avatar
      Fix typo in comment · 1db49c3b
      Peter Eisentraut authored
      Author: Albe Laurenz <laurenz.albe@wien.gv.at>
      1db49c3b
    • Peter Eisentraut's avatar
      Fix typo in comment · da8f26ec
      Peter Eisentraut authored
      Author: Amit Langote <Langote_Amit_f8@lab.ntt.co.jp>
      da8f26ec
    • Peter Eisentraut's avatar
      Remove outdated comment · 1acc04e4
      Peter Eisentraut authored
      Author: Thomas Munro <thomas.munro@enterprisedb.com>
      1acc04e4
    • Peter Eisentraut's avatar
      Update code comments for pg_xlog -> pg_wal · 4260c05c
      Peter Eisentraut authored
      Author: Michael Paquier <michael.paquier@gmail.com>
      4260c05c
    • Tom Lane's avatar
      Check for error during PQendcopy. · 609fa63d
      Tom Lane authored
      Oversight in commit 78c8c814; noted while nosing around the
      walreceiver startup/shutdown code.
      609fa63d
    • Tom Lane's avatar
      Fix walsender to exit promptly if client requests shutdown. · fca85f8e
      Tom Lane authored
      It's possible for WalSndWaitForWal to be asked to wait for WAL that doesn't
      exist yet.  That's fine, in fact it's the normal situation if we're caught
      up; but when the client requests shutdown we should not keep waiting.
      The previous coding could wait indefinitely if the source server was idle.
      
      In passing, improve the rather weak comments in this area, and slightly
      rearrange some related code for better readability.
      
      Back-patch to 9.4 where this code was introduced.
      
      Discussion: https://postgr.es/m/14154.1498781234@sss.pgh.pa.us
      fca85f8e
    • Peter Eisentraut's avatar
      Prohibit creating ICU collation with different ctype · 13a57710
      Peter Eisentraut authored
      ICU does not support "collate" and "ctype" being different, so the
      collctype catalog column is ignored.  But for catalog neatness, ensure
      that they are the same.
      13a57710
    • Robert Haas's avatar
    • Peter Eisentraut's avatar
      Copy collencoding in CREATE COLLATION / FROM · 54baa481
      Peter Eisentraut authored
      This command used to compute the collencoding entry like when a
      completely new collation is created.  But for example when copying the
      "C" collation, this would then result in a collation that has a
      collencoding entry for the current database encoding rather than -1,
      thus not making an exact copy.  This has probably no practical impact,
      but making this change keeps the catalog contents neat.
      Reported-by: default avatarTom Lane <tgl@sss.pgh.pa.us>
      54baa481
  3. 29 Jun, 2017 1 commit
    • Tom Lane's avatar
      Eat XIDs more efficiently in recovery TAP test. · 08aed660
      Tom Lane authored
      The point of this loop is to insert 1000 rows into the test table
      and consume 1000 XIDs.  I can't see any good reason why it's useful
      to launch 1000 psqls and 1000 backend processes to accomplish that.
      Pushing the looping into a plpgsql DO block shaves about 10 seconds
      off the runtime of the src/test/recovery TAP tests on my machine;
      that's over 10% of the runtime of that test suite.
      
      It is, in fact, sufficiently more efficient that we now demonstrably
      need wait_slot_xmins() afterwards, or the slaves' xmins may not have
      moved yet.
      08aed660
  4. 28 Jun, 2017 7 commits
    • Tom Lane's avatar
      Ooops, WIN32 code in pg_ctl.c still needs PQExpBuffer. · 1ae85365
      Tom Lane authored
      Per buildfarm.
      1ae85365
    • Tom Lane's avatar
      Change pg_ctl to detect server-ready by watching status in postmaster.pid. · f13ea95f
      Tom Lane authored
      Traditionally, "pg_ctl start -w" has waited for the server to become
      ready to accept connections by attempting a connection once per second.
      That has the major problem that connection issues (for instance, a
      kernel packet filter blocking traffic) can't be reliably told apart
      from server startup issues, and the minor problem that if server startup
      isn't quick, we accumulate "the database system is starting up" spam
      in the server log.  We've hacked around many of the possible connection
      issues, but it resulted in ugly and complicated code in pg_ctl.c.
      
      In commit c61559ec, I changed the probe rate to every tenth of a second.
      That prompted Jeff Janes to complain that the log-spam problem had become
      much worse.  In the ensuing discussion, Andres Freund pointed out that
      we could dispense with connection attempts altogether if the postmaster
      were changed to report its status in postmaster.pid, which "pg_ctl start"
      already relies on being able to read.  This patch implements that, teaching
      postmaster.c to report a status string into the pidfile at the same
      state-change points already identified as being of interest for systemd
      status reporting (cf commit 7d17e683).  pg_ctl no longer needs to link
      with libpq at all; all its functions now depend on reading server files.
      
      In support of this, teach AddToDataDirLockFile() to allow addition of
      postmaster.pid lines in not-necessarily-sequential order.  This is needed
      on Windows where the SHMEM_KEY line will never be written at all.  We still
      have the restriction that we don't want to truncate the pidfile; document
      the reasons for that a bit better.
      
      Also, fix the pg_ctl TAP tests so they'll notice if "start -w" mode
      is broken --- before, they'd just wait out the sixty seconds until
      the loop gives up, and then report success anyway.  (Yes, I found that
      out the hard way.)
      
      While at it, arrange for pg_ctl to not need to #include miscadmin.h;
      as a rather low-level backend header, requiring that to be compilable
      client-side is pretty dubious.  This requires moving the #define's
      associated with the pidfile into a new header file, and moving
      PG_BACKEND_VERSIONSTR someplace else.  For lack of a clearly better
      "someplace else", I put it into port.h, beside the declaration of
      find_other_exec(), since most users of that macro are passing the value to
      find_other_exec().  (initdb still depends on miscadmin.h, but at least
      pg_ctl and pg_upgrade no longer do.)
      
      In passing, fix main.c so that PG_BACKEND_VERSIONSTR actually defines the
      output of "postgres -V", which remarkably it had never done before.
      
      Discussion: https://postgr.es/m/CAMkU=1xJW8e+CTotojOMBd-yzUvD0e_JZu2xHo=MnuZ4__m7Pg@mail.gmail.com
      f13ea95f
    • Andrew Gierth's avatar
      Fix transition tables for ON CONFLICT. · 8c55244a
      Andrew Gierth authored
      We now disallow having triggers with both transition tables and ON
      INSERT OR UPDATE (which was a PG extension to the spec anyway),
      because in this case it's not at all clear how the transition tables
      should work for an INSERT ... ON CONFLICT query.  Separate ON INSERT
      and ON UPDATE triggers with transition tables are allowed, and the
      transition tables for these reflect only the inserted and only the
      updated tuples respectively.
      
      Patch by Thomas Munro
      
      Discussion: https://postgr.es/m/CAEepm%3D11KHQ0JmETJQihSvhZB5mUZL2xrqHeXbCeLhDiqQ39%3Dw%40mail.gmail.com
      8c55244a
    • Andrew Gierth's avatar
      Fix transition tables for wCTEs. · c46c0e52
      Andrew Gierth authored
      The original coding didn't handle this case properly; each separate
      DML substatement needs its own set of transitions.
      
      Patch by Thomas Munro
      
      Discussion: https://postgr.es/m/CAL9smLCDQ%3D2o024rBgtD4WihzX8B3C6u_oSQ2K3%2BR5grJrV0bg%40mail.gmail.com
      c46c0e52
    • Andrew Gierth's avatar
      Fix transition tables for partition/inheritance. · 501ed02c
      Andrew Gierth authored
      We disallow row-level triggers with transition tables on child tables.
      Transition tables for triggers on the parent table contain only those
      columns present in the parent.  (We can't mix tuple formats in a
      single transition table.)
      
      Patch by Thomas Munro
      
      Discussion: https://postgr.es/m/CA%2BTgmoZzTBBAsEUh4MazAN7ga%3D8SsMC-Knp-6cetts9yNZUCcg%40mail.gmail.com
      501ed02c
    • Tom Lane's avatar
      Second try at fixing tcp_keepalives_idle option on Solaris. · 99255d73
      Tom Lane authored
      Buildfarm evidence shows that TCP_KEEPALIVE_THRESHOLD doesn't exist
      after all on Solaris < 11.  This means we need to take positive action to
      prevent the TCP_KEEPALIVE code path from being taken on that platform.
      I've chosen to limit it with "&& defined(__darwin__)", since it's unclear
      that anyone else would follow Apple's precedent of spelling the symbol
      that way.
      
      Also, follow a suggestion from Michael Paquier of eliminating code
      duplication by defining a couple of intermediate symbols for the
      socket option.
      
      In passing, make some effort to reduce the number of translatable messages
      by replacing "setsockopt(foo) failed" with "setsockopt(%s) failed", etc,
      throughout the affected files.  And update relevant documentation so
      that it doesn't claim to provide an exhaustive list of the possible
      socket option names.
      
      Like the previous commit (f0256c77), back-patch to all supported branches.
      
      Discussion: https://postgr.es/m/20170627163757.25161.528@wrigleys.postgresql.org
      99255d73
    • Stephen Frost's avatar
      Do not require 'public' to exist for pg_dump -c · 4500edc7
      Stephen Frost authored
      Commit 330b84d8 didn't contemplate the case where the public schema
      has been dropped and introduced a query which fails when there is no
      public schema into pg_dump (when used with -c).
      
      Adjust the query used by pg_dump to handle the case where the public
      schema doesn't exist and add tests to check that such a case no longer
      fails.
      
      Back-patch the specific fix to 9.6, as the prior commit was.
      
      Adding tests for this case involved adding support to the pg_dump
      TAP tests to work with multiple databases, which, while not a large
      change, is a bit much to back-patch, so that's only done in master.
      
      Addresses bug #14650
      Discussion: https://www.postgresql.org/message-id/20170512181801.1795.47483%40wrigleys.postgresql.org
      4500edc7
  5. 27 Jun, 2017 2 commits
    • Tom Lane's avatar
      Support tcp_keepalives_idle option on Solaris. · f0256c77
      Tom Lane authored
      Turns out that the socket option for this is named TCP_KEEPALIVE_THRESHOLD,
      at least according to the tcp(7P) man page for Solaris 11.  (But since that
      text refers to "SunOS", it's likely pretty ancient.)  It appears that the
      symbol TCP_KEEPALIVE does get defined on that platform, but it doesn't
      seem to represent a valid protocol-level socket option.  This leads to
      bleats in the postmaster log, and no tcp_keepalives_idle functionality.
      
      Per bug #14720 from Andrey Lizenko, as well as an earlier report from
      Dhiraj Chawla that nobody had followed up on.  The issue's been there
      since we added the TCP_KEEPALIVE code path in commit 5acd417c, so
      back-patch to all supported branches.
      
      Discussion: https://postgr.es/m/20170627163757.25161.528@wrigleys.postgresql.org
      f0256c77
    • Tom Lane's avatar
      Re-allow SRFs and window functions within sub-selects within aggregates. · 9c7dc892
      Tom Lane authored
      check_agg_arguments_walker threw an error upon seeing a SRF or window
      function, but that is too aggressive: if the function is within a
      sub-select then it's perfectly fine.  I broke the SRF case in commit
      0436f6bd by copying the logic for window functions ... but that was
      broken too, and had been since commit eaccfded.
      
      Repair both cases in HEAD, and the window function case back to 9.3.
      9.2 gets this right.
      9c7dc892
  6. 26 Jun, 2017 8 commits
    • Tom Lane's avatar
      Reduce wal_retrieve_retry_interval in applicable TAP tests. · 2710ccd7
      Tom Lane authored
      By default, wal_retrieve_retry_interval is five seconds, which is far
      more than is needed in any of our TAP tests, leaving the test cases
      just twiddling their thumbs for significant stretches.  Moreover,
      because it's so large, we get basically no testing of the retry-before-
      master-is-ready code path.  Hence, make PostgresNode::init set up
      wal_retrieve_retry_interval = '500ms' as part of its customization of
      test clusters' postgresql.conf.  This shaves quite a few seconds off
      the runtime of the recovery TAP tests.
      
      Back-patch into 9.6.  We have wal_retrieve_retry_interval in 9.5,
      but the test infrastructure isn't there.
      
      Discussion: https://postgr.es/m/31624.1498500416@sss.pgh.pa.us
      2710ccd7
    • Tom Lane's avatar
      Don't lose walreceiver start requests due to race condition in postmaster. · e5d494d7
      Tom Lane authored
      When a walreceiver dies, the startup process will notice that and send
      a PMSIGNAL_START_WALRECEIVER signal to the postmaster, asking for a new
      walreceiver to be launched.  There's a race condition, which at least
      in HEAD is very easy to hit, whereby the postmaster might see that
      signal before it processes the SIGCHLD from the walreceiver process.
      In that situation, sigusr1_handler() just dropped the start request
      on the floor, reasoning that it must be redundant.  Eventually, after
      10 seconds (WALRCV_STARTUP_TIMEOUT), the startup process would make a
      fresh request --- but that's a long time if the connection could have
      been re-established almost immediately.
      
      Fix it by setting a state flag inside the postmaster that we won't
      clear until we do launch a walreceiver.  In cases where that results
      in an extra walreceiver launch, it's up to the walreceiver to realize
      it's unwanted and go away --- but we have, and need, that logic anyway
      for the opposite race case.
      
      I came across this through investigating unexpected delays in the
      src/test/recovery TAP tests: it manifests there in test cases where
      a master server is stopped and restarted while leaving streaming
      slaves active.
      
      This logic has been broken all along, so back-patch to all supported
      branches.
      
      Discussion: https://postgr.es/m/21344.1498494720@sss.pgh.pa.us
      e5d494d7
    • Tom Lane's avatar
      Ignore old stats file timestamps when starting the stats collector. · ad1b5c84
      Tom Lane authored
      The stats collector disregards inquiry messages that bear a cutoff_time
      before when it last wrote the relevant stats file.  That's fine, but at
      startup when it reads the "permanent" stats files, it absorbed their
      timestamps as if they were the times at which the corresponding temporary
      stats files had been written.  In reality, of course, there's no data
      out there at all.  This led to disregarding inquiry messages soon after
      startup if the postmaster had been shut down and restarted within less
      than PGSTAT_STAT_INTERVAL; which is a pretty common scenario, both for
      testing and in the field.  Requesting backends would hang for 10 seconds
      and then report failure to read statistics, unless they got bailed out
      by some other backend coming along and making a newer request within
      that interval.
      
      I came across this through investigating unexpected delays in the
      src/test/recovery TAP tests: it manifests there because the autovacuum
      launcher hangs for 10 seconds when it can't get statistics at startup,
      thus preventing a second shutdown from occurring promptly.  We might
      want to do some things in the autovac code to make it less prone to
      getting stuck that way, but this change is a good bug fix regardless.
      
      In passing, also fix pgstat_read_statsfiles() to ensure that it
      re-zeroes its global stats variables if they are corrupted by a
      short read from the stats file.  (Other reads in that function
      go into temp variables, so that the issue doesn't arise.)
      
      This has been broken since we created the separation between permanent
      and temporary stats files in 8.4, so back-patch to all supported branches.
      
      Discussion: https://postgr.es/m/16860.1498442626@sss.pgh.pa.us
      ad1b5c84
    • Tom Lane's avatar
      Reduce pg_ctl's reaction time when waiting for postmaster start/stop. · c61559ec
      Tom Lane authored
      pg_ctl has traditionally waited one second between probes for whether
      the start or stop request has completed.  That behavior was embodied
      in the original shell script written in 1999 (commit 5b912b08) and
      I doubt anyone's questioned it since.  Nowadays, machines are a lot
      faster, and the shell script is long since replaced by C code, so it's
      fair to reconsider how long we ought to wait.
      
      This patch adjusts the coding so that the wait time can be any even
      divisor of 1 second, and sets the actual probe rate to 10 per second.
      That's based on experimentation with the src/test/recovery TAP tests,
      which include a lot of postmaster starts and stops.  This patch alone
      reduces the (non-parallelized) runtime of those tests from ~4m30s to
      ~3m5s on my machine.  Increasing the probe rate further doesn't help
      much, so this seems like a good number.
      
      In the real world this probably won't have much impact, since people
      don't start/stop production postmasters often, and the shutdown checkpoint
      usually takes nontrivial time too.  But it makes development work and
      testing noticeably snappier, and that's good enough reason for me.
      
      Also, by reducing the dead time in postmaster restart sequences, this
      change has made it easier to reproduce some bugs that have been lurking
      for awhile.  Patches for those will follow.
      
      Discussion: https://postgr.es/m/18444.1498428798@sss.pgh.pa.us
      c61559ec
    • Tom Lane's avatar
      Improve wait logic in TAP tests for streaming replication. · 5c77690f
      Tom Lane authored
      Remove hard-wired sleep(2) delays in 001_stream_rep.pl in favor of using
      poll_query_until to check for the desired state to appear.  In addition,
      add such a wait before the last test in the script, as it's possible
      to demonstrate failures there after upcoming improvements in pg_ctl.
      
      (We might end up adding polling before each of the get_slot_xmins calls in
      this script, but I feel no great need to do that until shown necessary.)
      
      In passing, clarify the description strings for some of the test cases.
      
      Michael Paquier and Craig Ringer, pursuant to a complaint from me
      
      Discussion: https://postgr.es/m/8962.1498425057@sss.pgh.pa.us
      5c77690f
    • Tom Lane's avatar
      Avoid useless "x = ANY(ARRAY[])" test for empty partition list. · 5efccc1c
      Tom Lane authored
      This arises in practice if the partition only admits NULL values.
      
      Jeevan Ladhe
      
      Discussion: https://postgr.es/m/CAOgcT0OChrN--uuqH6wG6Z8+nxnCWJ+2Q-uhnK4KOANdRRxuAw@mail.gmail.com
      5efccc1c
    • Tom Lane's avatar
      Minor code review for parse_phrase_operator(). · 00c5e511
      Tom Lane authored
      Fix its header comment, which described the old behavior of the <N>
      phrase distance operator; we missed updating that in commit 028350f6.
      Also, reset errno before strtol() call, to defend against the possibility
      that it was already ERANGE at entry.  (The lack of complaints says that
      it generally isn't, but this is at least a latent bug.)  Very minor
      stylistic improvements as well.
      
      Victor Drobny noted the obsolete comment, I noted the errno issue.
      Back-patch to 9.6 where this code was added, just in case the errno
      issue is a live bug in some cases.
      
      Discussion: https://postgr.es/m/2b5382fdff9b1f79d5eb2c99c4d2cbe2@postgrespro.ru
      00c5e511
    • Magnus Hagander's avatar
  7. 25 Jun, 2017 1 commit
  8. 24 Jun, 2017 3 commits
    • Tom Lane's avatar
      Further hacking on ICU collation creation and usage. · ddb5fdc0
      Tom Lane authored
      pg_import_system_collations() refused to create any ICU collations if
      the current database's encoding didn't support ICU.  This is wrongheaded:
      initdb must initialize pg_collation in an encoding-independent way
      since it might be used in other databases with different encodings.
      The reason for the restriction seems to be that get_icu_locale_comment()
      used icu_from_uchar() to convert the UChar-format display name, and that
      unsurprisingly doesn't know what to do in unsupported encodings.
      But by the same token that the initial catalog contents must be
      encoding-independent, we can't allow non-ASCII characters in the comment
      strings.  So we don't really need icu_from_uchar() here: just check for
      Unicode codes outside the ASCII range, and if there are none, the format
      conversion is trivial.  If there are some, we can simply not install the
      comment.  (In my testing, this affects only Norwegian Bokmål, which has
      given us trouble before.)
      
      For paranoia's sake, also check for non-ASCII characters in ICU locale
      names, and skip such locales, as we do for libc locales.  I don't
      currently have a reason to believe that this will ever reject anything,
      but then again the libc maintainers should have known better too.
      
      With just the import changes, ICU collations can be found in pg_collation
      in databases with unsupported encodings.  This resulted in more or less
      clean failures at runtime, but that's not how things act for unsupported
      encodings with libc collations.  Make it work the same as our traditional
      behavior for libc collations by having collation lookup take into account
      whether is_encoding_supported_by_icu().
      
      Adjust documentation to match.  Also, expand Table 23.1 to show which
      encodings are supported by ICU.
      
      catversion bump because of likely change in pg_collation/pg_description
      initial contents in ICU-enabled builds.
      
      Discussion: https://postgr.es/m/20c74bc3-d6ca-243d-1bbc-12f17fa4fe9a@gmail.com
      ddb5fdc0
    • Simon Riggs's avatar
      Fix typo in comment in SerializeSnapshot · a15b47df
      Simon Riggs authored
      Author: Masahiko Sawada
      a15b47df
    • Simon Riggs's avatar
      Revert 1f30295e · 829f12e2
      Simon Riggs authored
      Reported-by: Tom Lane
      829f12e2
  9. 23 Jun, 2017 2 commits
    • Tom Lane's avatar
      Fix incorrect buffer-length argument to uloc_getDisplayName(). · d1fcc622
      Tom Lane authored
      The maxResultSize argument of uloc_getDisplayName is the number of
      UChars in the output buffer, not the number of bytes.  In principle
      this could result in a stack smash, although at least in my Fedora 25
      install there are no ICU locales with display names long enough to
      overrun the buffer.  But it's easily proven to be wrong by reducing
      the length of displayname to around 20, whereupon a stack smash
      does happen.
      
      (This is a rather scary bug, because the same mistake could easily
      have been made in other places; but in a quick code search looking
      at uses of UChar I could not find any other instances.)
      d1fcc622
    • Peter Eisentraut's avatar
      Fix replication with replica identity full · 08859bb5
      Peter Eisentraut authored
      The comparison with the target rows on the subscriber side was done with
      datumIsEqual(), which can have false negatives.  For instance, it didn't
      work reliably for text columns.  So use the equality operator provided
      by the type cache instead.
      
      Also add more user documentation about replica identity requirements.
      Reported-by: default avatarTatsuo Ishii <ishii@sraoss.co.jp>
      08859bb5