git.postgresql.org Git - postgresql.git/log

Make left-join removal safe under -DREALLOCATE_BITMAPSETS.

The initial building of RestrictInfos and SpecialJoinInfos tends to
create structures that share relid sets (such as syn_lefthand and
outer_relids).  There's nothing wrong with that in itself, but when
we modify those relid sets during join removal, we have to be sure
not to corrupt the values that other structures are pointing at.
remove_rel_from_query() was careless about this.  It accidentally
worked anyway because (1) we'd never be reducing the sets to empty,
so they wouldn't get pfree'd; and (2) the in-place modification is the
same one that we did or will apply to the other struct's relid set,
so that there wasn't visible corruption at the end of the process.

While there's no live bug in a standard build, of course this is way
too fragile to accept going forward.  (Maybe we should back-patch
this change too for safety, but I've refrained for now.)

This bug was exposed by the recent invention of REALLOCATE_BITMAPSETS.
Commit e0477837c had installed a fix, but that went away with the
reversion of SJE, so now we need to fix it again.

David Rowley and Tom Lane

Discussion: https://postgr.es/m/CACJufxFVQmr4=JWHAOSLuKA5Zy9H26nY6tVrRFBOekHoALyCkQ@mail.gmail.com

psql: Add missing punctuation in help output

doc: Use better placeholder in COPY synopsis

Fix inconsistencies in error messages

Reported by Kyotaro Horiguchi

Also some comments mentioning wrong version numbers, spotted by Justin
Pryzby.

Discussion: https://postgr.es/m/20240507.171724.750916195320223609 [email protected]
Discussion: https://postgr.es/m/Zh0aAH7tbZb-9HbC@pryzbyj2023

doc: first draft of Postgres 17 release notes

Backpatch-through: master

Fix overread in JSON parsing errors for incomplete byte sequences

json_lex_string() relies on pg_encoding_mblen_bounded() to point to the
end of a JSON string when generating an error message, and the input it
uses is not guaranteed to be null-terminated.

It was possible to walk off the end of the input buffer by a few bytes
when the last bytes consist of an incomplete multi-byte sequence, as
token_terminator would point to a location defined by
pg_encoding_mblen_bounded() rather than the end of the input.  This
commit switches token_terminator so as the error uses data up to the
end of the JSON input.

More work should be done so as this code could rely on an equivalent of
report_invalid_encoding() so as incorrect byte sequences can show in
error messages in a readable form.  This requires work for at least two
cases in the JSON parsing API: an incomplete token and an invalid escape
sequence.  A more complete solution may be too invasive for a backpatch,
so this is left as a future improvement, taking care of the overread
first.

A test is added on HEAD as test_json_parser makes this issue
straight-forward to check.

Note that pg_encoding_mblen_bounded() no longer has any callers.  This
will be removed on HEAD with a separate commit, as this is proving to
encourage unsafe coding.

Author: Jacob Champion
Discussion: https://postgr.es/m/CAOYmi+ncM7pwLS3AnKCSmoqqtpjvA8wmCdoBtKA3ZrB2hZG6zA@mail.gmail.com
Backpatch-through: 13

Doc: document that triggers can break referential integrity.

User-written triggers can modify or block the effects of SQL update
and delete operations.  That includes operations that are executed
to implement foreign keys' referential integrity actions (such as
ON UPDATE SET NULL or ON DELETE CASCADE).  Therefore it's possible
for a misdesigned trigger to result in a database state that violates
the foreign key constraint.

While this isn't great, the alternatives seem worse: in particular,
refusing to fire triggers for such updates would break many valuable
use-cases.  We could also try to recheck the constraint after the
action, but that'd roughly double the already-high cost of FK
constraint enforcement, for no benefit in normal cases.  So we've
always considered that it's on the trigger programmer's head to
avoid breaking RI actions.  This was never documented anywhere,
though.  Add a para to the Triggers chapter to explain it.

Laurenz Albe, David Johnston, Tom Lane

Discussion: https://postgr.es/m/b81fe38fcc25a81be6e2e5b3fc1ff624130762fa [email protected]

Add test for REPLICA IDENTITY with a temporal key

You can only use REPLICA IDENTITY USING INDEX with a unique B-tree
index. This commit just adds a test showing that you cannot use it
with a WITHOUT OVERLAPS index (which is GiST).

Author: Paul A. Jungwirth <[email protected]>
Discussion: https://www.postgresql.org/message-id/3775839b-3f0f-4c8a-ac03-a253222e6a4b%40illuminatedcomputing.com

doc: Improve order of options on pg_upgrade reference page

Put the new long-only options in a location that is consistent with
the existing long-only options and also the --help output.

Fix typo in src/backend/utils/resowner/README.

Fix incorrect format placeholder

Ensure that "pg_restore -l" reports dependent TOC entries correctly.

If -l was specified together with selective-restore options such as -n
or -N, dependent TOC entries such as comments would be omitted from
the listing, even when an actual restore would have selected them.
This happened because PrintTOCSummary neglected to update the te->reqs
marking of the entry they depended on.

Per report from Justin Pryzby. This has been wrong since 0d4e6ed30
taught _tocEntryRequired to sometimes look at the "reqs" marking of
other TOC entries, so back-patch to all supported branches.

Discussion: https://postgr.es/m/ZjoeirG7yxODdC4P@pryzbyj2023

Don't corrupt plpython's "TD" dictionary in a recursive trigger call.

If a plpython-language trigger caused another one to be invoked,
the "TD" dictionary created for the inner one would overwrite the
outer one's "TD" dictionary.  This is more or less the same problem
that 1d2fe56e4 fixed for ordinary functions in plpython, so fix it
the same way, by saving and restoring "TD" during a recursive
invocation.

This fix makes an ABI-incompatible change in struct PLySavedArgs.
I'm not too worried about that because it seems highly unlikely that
any extension is messing with those structs.  We could imagine doing
something weird to preserve nominal ABI compatibility in the back
branches, like keeping the saved TD object in an extra element of
namedargs[].  However, that would only be very nominal compatibility:
if anything *is* touching PLySavedArgs, it would likely do the wrong
thing due to not knowing about the additional value.  So I judge it
not worth the ugliness to do something different there.

(I also changed struct PLyProcedure, but its added field fits
into formerly-padding space, so that should be safe.)

Per bug #18456 from Jacques Combrink.  This bug is very ancient,
so back-patch to all supported branches.

Discussion: https://postgr.es/m/3008982.1714853799@sss.pgh.pa.us

Fix assorted bugs related to identity column in partitioned tables

When changing the data type of a column of a partitioned table, craft
the ALTER SEQUENCE command only once. Partitions do not have identity
sequences of their own and thus do not need a ALTER SEQUENCE command
for each partition.

Fix getIdentitySequence() to fetch the identity sequence associated
with the top-level partitioned table when a Relation of a partition is
passed to it. While doing so, translate the attribute number of the
partition into the attribute number of the partitioned table.

Author: Ashutosh Bapat <[email protected]>
Reported-by: Alexander Lakhin <[email protected]>
Reviewed-by: Dmitry Dolgov <[email protected]>
Discussion: https://www.postgresql.org/message-id/3b8a9dc1-bbc7-0ef5-6863-c432afac7d59@gmail.com

Remove obsolete comment.

Per suggestion from Peter, the comment was not helpful, so remove it
rather than fixing it.

Reported-by: Peter Eisentraut
Discussion: https://postgr.es/m/d9421b21-e759-4b74-a039-c487b469c1f3@eisentraut.org

Prevent RLS filters on ctid from breaking WHERE CURRENT OF <cursor>.

The executor only supports CurrentOfExpr as the sole tidqual of a
TidScan plan node.  tidpath.c failed to take any particular care about
that, but would just take the first ctid equality qual it could find
in the target relation's baserestrictinfo list.  Originally that was
fine because the grammar prevents any other WHERE conditions from
being combined with CURRENT OF <cursor>.  However, if the relation has
RLS visibility policies then those would get included in the list.
Should such a policy include a condition on ctid, we'd typically grab
the wrong qual and produce a malfunctioning plan.

To fix, introduce a simplistic priority ordering scheme for which ctid
equality qual to prefer.  Real-world cases involving more than one
such qual are so rare that it doesn't seem worth going to any great
trouble to choose one over another, so I didn't work very hard; but
this code could be extended in future if someone thinks differently.

It's extremely difficult to think of a reasonable use-case for an RLS
restriction involving ctid, and certainly we've heard no field reports
of this failure.  So this doesn't seem worthy of back-patching, but
in the name of cleanliness let's fix it going forward.

Patch by me, per report from Robert Haas.

Discussion: https://postgr.es/m/3914881.1715038270@sss.pgh.pa.us

doc: Improve order of options on pgbench reference page

Both the pgbench --help output and the reference page have sections
for initialization options, benchmarking options, and common options.
But the --debug option ended up in the wrong place on the reference
page. Fix that by making the documentation match the --help output.

postgresql.conf: align variable comments, mostly new ones

Backpatch-through: master

Finish incomplete revert of ec63622c0.

The code change this made might well be fine to keep, but the
comment justifying it by reference to self-join removal isn't.
Let's just go back to the status quo ante, pending a more thorough
review/redesign of SJE.

(I found this by grepping to see if any references to self-join
removal remained in the tree.)

Fix privilege checks in pg_stats_ext and pg_stats_ext_exprs.

The catalog view pg_stats_ext fails to consider privileges for
expression statistics.  The catalog view pg_stats_ext_exprs fails
to consider privileges and row-level security policies.  To fix,
restrict the data in these views to table owners or roles that
inherit privileges of the table owner.  It may be possible to apply
less restrictive privilege checks in some cases, but that is left
as a future exercise.  Furthermore, for pg_stats_ext_exprs, do not
return data for tables with row-level security enabled, as is
already done for pg_stats_ext.

On the back-branches, a fix-CVE-2024-4317.sql script is provided
that will install into the "share" directory.  This file can be
used to apply the fix to existing clusters.

Bumps catversion on 'master' branch only.

Reported-by: Lukas Fittl
Reviewed-by: Noah Misch, Tomas Vondra, Tom Lane
Security: CVE-2024-4317
Backpatch-through: 14

Revert: Remove useless self-joins

This commit reverts d3d55ce5713 and subsequent fixes 2b26a694554, 93c85db3b5b,
b44a1708abe, b7f315c9d7d, 8a8ed916f73, b5fb6736ed3, 0a93f803f45, e0477837ce4,
a7928a57b9f, 5ef34a8fc38, 30b4955a466, 8c441c08279, 028b15405b4, fe093994db4,
489072ab7a9, and 466979ef031.

We are quite late in the release cycle and new bugs continue to appear. Even
though we have fixes for all known bugs, there is a risk of throwing many
bugs to end users.

The plan for self-join elimination would be to do more review and testing,
then re-commit in the early v18 cycle.

Reported-by: Tom Lane
Discussion: https://postgr.es/m/2422119.1714691974%40sss.pgh.pa.us

Remove mention of nchar

This datatype is purposefully not documented.

Erik Wienhold <[email protected]>
Discussion: https://postgr.es/m/om3g7p7u3ztlrdp4tfswgulavljgn2fe6u2agk34mrr65dffuu@cpzlzuv6flko

Translation updates

Source-Git-URL: https://git.postgresql.org/git/pgtranslation/messages.git
Source-Git-Hash: be182cc55e6f72c66215fd9b38851969e3ce5480

doc: Improve order of options on initdb reference page

Both the initdb --help output and the reference page have a section
for options and a section for less commonly used options. But some
recently added options were sprinkled around inconsistently. Fix that
by making the documentation match the --help output.

injection_points: Fix incorrect spinlock acquisition

Injection points created under injection_points_set_local() are cleaned
up by a shmem_exit() callback.  The spinlock used by the module would
be hold while calling InjectionPointDetach(), which is incorrect as
spinlocks should avoid external calls while hold.

This commit changes the shmem_exit() callback to detach the points in
three steps with the spinlock acquired twice, knowing that the
injection points should be around with the conditions related to them:
- Scans for the points to detach in a first loop, while holding the
spinlock.
- Detach them.
- Remove the registered conditions.

It is still possible for other processes to detach local points
concurrently of the callback.  I have wanted to restrict the detach, but
Noah has mentioned that he has in mind some cases that may require this
capability.  No tests in the tree based on injection points need that
currently.

Thinko in f587338dec87.

Reported-by: Noah Misch
Reviewed-by: Noah Misch
Discussion: https://postgr.es/m/20240501231214 [email protected]

Silence Coverity complaint about possible null-pointer dereference.

If pg_init_privs were to contain a NULL ACL field, this code would
pass old_acl == NULL to merge_acl_with_grant, which would crash.
The case shouldn't happen, but it just takes a couple more lines
of code to guard against it, so do so.

Oversight in 534287403; no back-patch needed.

Fix comment regarding LibreSSL availability

SSL_AD_NO_APPLICATION_PROTOCOL is indeed available in LibreSSL, but only
in 3.4.3 and later (shipped in OpenBSD 7.0).

Discussion: https://postgr.es/m/[email protected]

Fix query pullup issue with WindowClause runCondition

94985c210 added code to detect when WindowFuncs were monotonic and
allowed additional quals to be "pushed down" into the subquery to be
used as WindowClause runConditions in order to short-circuit execution
in nodeWindowAgg.c.

The Node representation of runConditions wasn't well selected and
because we do qual pushdown before planning the subquery, the planning
of the subquery could perform subquery pull-up of nested subqueries.
For WindowFuncs with args, the arguments could be changed after pushing
the qual down to the subquery.

This was made more difficult by the fact that the code duplicated the
WindowFunc inside an OpExpr to include in the WindowClauses runCondition
field.  This could result in duplication of subqueries and a pull-up of
such a subquery could result in another initplan parameter being issued
for the 2nd version of the subplan.  This could result in errors such as:

ERROR:  WindowFunc not found in subplan target lists

To fix this, we change the node representation of these run conditions
and instead of storing an OpExpr containing the WindowFunc in a list
inside WindowClause, we now store a new node type named
WindowFuncRunCondition within a new field in the WindowFunc.  These get
transformed into OpExprs later in planning once subquery pull-up has been
performed.

This problem did exist in v15 and v16, but that was fixed by 9d36b883b
and e5d20bbd.

Cat version bump due to new node type and modifying WindowFunc struct.

Bug: #18305
Reported-by: Zuming Jiang
Discussion: https://postgr.es/m/18305-33c49b4c830b37b3%40postgresql.org

Allow selecting the git revision to be packaged by "make dist".

Commit 619bc23a1 changed "make dist" to invoke "git archive",
but hard-wired the call to specify that the HEAD revision should
be packaged.  Our tarball building process needs to be able to
specify which git commit to package (notably, for packaging
back branches).  While we could make that work with some hackery
to operate in detached-HEAD state, it's a lot nicer just to expose
git archive's ability to specify what to package.  Hence, invent
a new make variable PG_GIT_REVISION.  This is undocumented, but
so is "make dist".

Also make corresponding changes in the meson scripts.  We have no
near-term intention of using that for package building, but it
will likely happen eventually, so stay prepared.

Discussion: https://postgr.es/m/3552543.1713909947@sss.pgh.pa.us

Fix an assortment of typos

Author: Alexander Lakhin
Discussion: https://postgr.es/m/ae9f2fcb-4b24-5bb0-4240-efbbbd944ca1@gmail.com

Fix expected test output

For builds without lz4, for 8f0a97dfff.

Fix segmentation fault in MergeInheritedAttribute()

While converting a pg_attribute tuple into a ColumnDef,
ColumnDef::compression remains NULL if there is no compression method
set fot the attribute. Calling strcmp() with NULL
ColumnDef::compression, when comparing compression methods of parents,
causes segmentation fault in MergeInheritedAttribute(). Skip
comparing compression methods if either of them is NULL.

Author: Ashutosh Bapat <[email protected]>
Reported-by: Alexander Lakhin <[email protected]>
Discussion: https://www.postgresql.org/message-id/b22a6834-aacb-7b18-0424-a3f5fe889667%40gmail.com

Throw a more on-point error for publications depending on columns.

Same as 42b041243, except that the trouble case is a publication
WHERE clause that depends on a column.

Again reported by Alexander Lakhin. Back-patch to v15 where
we added publication WHERE clauses.

Discussion: https://postgr.es/m/548a47bc-87ae-b3df-c6a2-60b9966f808b@gmail.com

Disallow direct change of NO INHERIT of not-null constraints

We support changing NO INHERIT constraint to INHERIT for constraints in
child relations when adding a constraint to some ancestor relation, and
also during pg_upgrade's schema restore; but other than those special
cases, command ALTER TABLE ADD CONSTRAINT should not be allowed to
change an existing constraint from NO INHERIT to INHERIT, as that would
require to process child relations so that they also acquire an
appropriate constraint, which we may not be in a position to do. (It'd
also be surprising behavior.)

It is conceivable that we want to allow ALTER TABLE SET NOT NULL to make
such a change; but in that case some more code is needed to implement it
correctly, so for now I've made that throw the same error message.

Also, during the prep phase of ALTER TABLE ADD CONSTRAINT, acquire locks
on all descendant tables; otherwise we might operate on child tables on
which no locks are held, particularly in the mode where a primary key
causes not-null constraints to be created on children.

Reported-by: Alexander Lakhin <[email protected]>
Discussion: https://postgr.es/m/7d923a66-55f0-3395-cd40-81c142b5448b@gmail.com

Rename libpq trace internal functions

libpq's pqTraceOutputMessage() used to look like this:

    case 'Z':               /* Ready For Query */
        pqTraceOutputZ(conn->Pfdebug, message, &logCursor);
        break;

Commit f4b54e1ed98 introduced macros for protocol characters, so now
it looks like this:

    case PqMsg_ReadyForQuery:
        pqTraceOutputZ(conn->Pfdebug, message, &logCursor);
        break;

But this introduced a disconnect between the symbol in the switch case
and the function name to be called, so this made the manageability of
this file a bit worse.

This patch changes the function names to match, so now it looks like
this:

    case PqMsg_ReadyForQuery:
        pqTraceOutput_ReadyForQuery(conn->Pfdebug, message, &logCursor);
        break;

(This also improves the readability of the file in general, since some
function names like "pqTraceOutputt" were a little hard to read
accurately.)

Some protocol characters have different meanings to and from the
server.  The old code structure had a common function for both, for
example, pqTraceOutputD().  The new structure splits this up into
separate ones to match the protocol message name, like
pqTraceOutput_Describe() and pqTraceOutput_DataRow().

Reviewed-by: Yugo NAGATA <[email protected]>
Discussion: https://www.postgresql.org/message-id/flat/575e4f9d-acfe-45e3-b7f1-7e32c579090e%40eisentraut.org

Disallow NO INHERIT not-null constraints on partitioned tables

Such constraints are semantically useless and only bring weird cases
along, so reject them.

As a side effect, we can no longer have "throwaway" constraints in
pg_dump for primary keys in partitioned tables, but since they don't
serve any useful purpose, we can just omit them.

Maybe this should be done for all types of constraints, but it's just
not-null ones that acquired this "ability" in the 17 timeframe, so for
the moment I'm not changing anything else.

Per note by Alexander Lakhin.
Discussion: https://postgr.es/m/7d923a66-55f0-3395-cd40-81c142b5448b@gmail.com

doc: Fix incorrectly spelled structname

Commit 61461a300c1 accidentally misspelled the PGcancelConn struct
using the PQ prefix (which admittedly is a very easy typo to make).
Reported off-list.

Reported-by: Alexander Lakhin <[email protected]>

doc: Fix description of deterministic flag of CREATE COLLATION

The documentation said that you need to pick a suitable LC_COLLATE
setting in addition to setting the DETERMINISTIC flag. This would
have been correct if the libc provider supported nondeterministic
collations, but since it doesn't, you actually need to set the LOCALE
option.

Reviewed-by: Kashif Zeeshan <[email protected]>
Discussion: https://www.postgresql.org/message-id/flat/a71023c2-0ae0-45ad-9688-cf3b93d0d65b%40eisentraut.org

doc: Fix description of configure --with-icu option

It was claiming that the ICU locale provider is used by default, which
is not correct. (From commit fcb21b3acdc; it was once contemplated to
make it the default, but it wouldn't have been part of that patch in
any case.)

Reviewed-by: Kashif Zeeshan <[email protected]>
Discussion: https://www.postgresql.org/message-id/flat/a71023c2-0ae0-45ad-9688-cf3b93d0d65b%40eisentraut.org

Skip invalid database pg_upgrade test on obsolete servers

When testing pg_upgrade against an old server, ignore failures on the
check to upgrade invalid databases. This is necessary because old
servers don't know to raise the appropriate error of the database being
invalid.

This change causes no reduction in coverage, because such old versions
don't know to mark databases invalid when a drop is interrupted; but
testing against such old servers is useful in some circumstances.

Backpatch to 16, where it cherry-picks with minimal conflicts.

On 16, perltidy 20230309 chooses to change an unrelated line. I let it
do that because that's the version we document as preferred for that
branch, even though it would make other changes to many other files in
the tree.

Discussion: https://postgr.es/m/202404181539 [email protected]

Fix typos and incorrect type in read_stream.c

max_ios should be int rather than int16, otherwise there's not much
point in doing:

max_ios = Min(max_ios, PG_INT16_MAX);

Discussion: https://postgr.es/m/CAApHDvr9Un-XpDr_+AFdOGM38O2K8SpfoHimqZ838gguTGYBiQ@mail.gmail.com

Fix parallel vacuum buffer usage reporting.

A parallel worker's buffer usage is accumulated to its pgBufferUsage
and then is accumulated into the leader's one at the end of the
parallel vacuum. However, since the leader process used to use
dedicated VacuumPage{Hit, Miss, Dirty} globals for the buffer usage
reporting, the worker's buffer usage was not included, leading to an
incorrect buffer usage report.

To fix the problem, this commit makes vacuum use pgBufferUsage
instruments for buffer usage reporting instead of VacuumPage{Hit,
Miss, Dirty} globals. These global variables are still used by ANALYZE
command and autoanalyze.

This also fixes the buffer usage report of vacuuming on temporary
tables, since the buffers dirtied by MarkLocalBufferDirty() were not
tracked by the VacuumPageDirty variable.

Parallel vacuum was introduced in 13, but the buffer usage reporting
for VACUUM command with the VERBOSE option was implemented in
15. So backpatch to 15.

Reported-by: Anthonin Bonnefoy
Author: Anthonin Bonnefoy
Reviewed-by: Alena Rybakina, Masahiko Sawada
Discussion: https://postgr.es/m/CAO6_XqrQk+QZQcYs_C6nk0cMfHuUWk85vT9CrcA1NffFbAVE2A@mail.gmail.com
Backpatch-through: 15

Add tab completion for EXPLAIN (MEMORY|SERIALIZE)

SERIALIZE has been added in 06286709ee06, and MEMORY in 5de890e3610d.

Author: Jian He
Discussion: https://postgr.es/m/CACJufxH5UbhbCg-oMt7pHOmvNABF2x48Jfefu24FexSqVgzA3g@mail.gmail.com

Ensure we allocate NAMEDATALEN bytes for names in Index Only Scans

As an optimization, we store "name" columns as cstrings in btree
indexes.

Here we modify it so that Index Only Scans convert these cstrings back
to names with NAMEDATALEN bytes rather than storing the cstring in the
tuple slot, as was happening previously.

Bug: #17855
Reported-by: Alexander Lakhin
Reviewed-by: Alexander Lakhin, Tom Lane
Discussion: https://postgr.es/m/17855-5f523e0f9769a566@postgresql.org
Backpatch-through: 12, all supported versions

Fix locale options checking in CREATE DATABASE.

Discussion: https://postgr.es/m/4ea13583-7305-40b0-8525-58381533e2b1@eisentraut.org
Reported-by: Peter Eisentraut

Fix one more portability shortcoming in new test_pg_dump test.

If the bootstrap superuser's name requires quoting, regroleout
will supply double quotes ... but the result of CURRENT_USER
is just the literal name. Apply quote_ident() to ensure a match.

Per Andrew Dunstan's off-list investigation of buildfarm member
prion's failures.

doc: Remove one example related to pg_input_error_info()

This slightly bloated the contents of the function table for this entry,
without really bringing extra value.

Per discussion with Jian He and David G. Johnston.

Discussion: https://postgr.es/m/CACJufxGdyoBJQMSxwdxNK=k8M5WUth5FDFd4Wq_K4f7+1J2xuQ@mail.gmail.com

Stabilize regression tests introduced by 259c96fa8f

Add the ORDER BY clause to new queries to avoid ordering ambiguity.

Per buildfarm member rorqual.

Inherit parent's AM for partition MERGE/SPLIT operations

This commit makes new partitions created by ALTER TABLE ... SPLIT PARTITION
and ALTER TABLE ... MERGE PARTITIONS commands inherit the paret table access
method.

Reported-by: Alexander Lakhin
Discussion: https://postgr.es/m/84ada05b-be5c-473e-6d1c-ebe5dd21b190%40gmail.com
Reviewed-by: Pavel Borisov

Add tab completion for partition MERGE/SPLIT operations

This commit implements psql tab completion for ALTER TABLE ... SPLIT PARTITION
and ALTER TABLE ... MERGE PARTITIONS commands.

Reported-by: Alexander Lakhin
Discussion: https://postgr.es/m/5dee3937-8e9f-cca4-11fb-737709a92b37%40gmail.com
Author: Dagfinn Ilmari Mannsåker, Pavel Borisov

Rename tables in tests of partition MERGE/SPLIT operations

Replace "salesman" with "salesperson", "salesmen" with "salespeople". The
names are both gramatically correct and gender-neutral.

Reported-by: Alexander Lakhin
Discussion: https://postgr.es/m/fdaa003e-919c-cbc9-4f0c-e4546e96bd65%40gmail.com
Reviewed-by: Robert Haas, Pavel Borisov

Fix error message in check_partition_bounds_for_split_range()

Currently, the error message is produced by a system of complex substitutions
making it quite untranslatable and hard to read. This commit splits this into
4 plain error messages suitable for translation.

Reported-by: Kyotaro Horiguchi
Discussion: https://postgr.es/m/20240408.152402.1485994009160660141.horikyota.ntt%40gmail.com
Reviewed-by: Pavel Borisov

Make new partitions with parent's persistence during MERGE/SPLIT

The createPartitionTable() function is responsible for creating new partitions
for ALTER TABLE ... MERGE PARTITIONS, and ALTER TABLE ... SPLIT PARTITION
commands.  It emulates the behaviour of CREATE TABLE ... (LIKE ...), where
new table persistence should be specified by the user.  In the table
partitioning persistent of the partition and its parent must match.  So, this
commit makes createPartitionTable() copy the persistence of the parent
partition.

Also, this commit makes createPartitionTable() recheck the persistence after
the new table creation.  This is needed because persistence might be affected
by pg_temp in search_path.

This commit also changes the signature of createPartitionTable() making it
take the parent's Relation itself instead of the name of the parent relation,
and return the Relation of new partition.  That doesn't lead to
complications, because both callers have the parent table open and need to
open the new partition.

Reported-by: Alexander Lakhin
Discussion: https://postgr.es/m/dbc8b96c-3cf0-d1ee-860d-0e491da20485%40gmail.com
Author: Dmitry Koval
Reviewed-by: Alexander Korotkov, Robert Haas, Justin Pryzby, Pavel Borisov

Document the way partition MERGE/SPLIT operations create new partitions

Reported-by: Justin Pryzby
Discussion: https://postgr.es/m/ZilrByTp-pbz6Mvf%40pryzbyj2023
Reviewed-by: Justin Pryzby

Change the way ATExecMergePartitions() handles the name collision

The name collision happens when the name of the new partition is the same as
the name of one of the merging partitions.  Currently, ATExecMergePartitions()
first gives the new partition a temporary name and then renames it when old
partitions are deleted.  That negatively influences the naming of related
objects like indexes and constrains, which could inherit a temporary name.

This commit changes the implementation in the following way.  A merging
partition gets renamed first, then the new partition is created with the
right name immediately.  This resolves the issue of the naming of related
objects.

Reported-by: Alexander Lakhin
Discussion: https://postgr.es/m/edfbd846-dcc1-42d1-ac26-715691b687d3%40postgrespro.ru
Author: Dmitry Koval, Alexander Korotkov
Reviewed-by: Robert Haas, Justin Pryzby, Pavel Borisov

Fix compilation on OpenSSL 1.0.2 and LibreSSL

SSL_AD_NO_APPLICATION_PROTOCOL was introduced in OpenSSL 1.1.0.

While we're at it, add a link to the related OpenSSL github issue to
the comment.

Per buildfarm and Tom Lane.

Discussion: https://www.postgresql.org/message-id/1452995.1714433552@sss.pgh.pa.us

Force COLLATE "C" to stabilize ordering, redux.

David Rowley correctly pointed out that I'd collat-ified only
one of the two troublesome queries. Definitely not my day.

Discussion: https://postgr.es/m/CAApHDvo8pMk5WWFAqwGzuQ-Xh+957W61io_OsCP0oUzqCCODTg@mail.gmail.com

Force COLLATE "C" to stabilize ordering in new test_pg_dump queries.

Should have thought of the need for this.

(Local testing suggests that we may still not be out of the
woods, but certainly this much is needed.)

Per buildfarm and David Rowley.

Discussion: https://postgr.es/m/CAApHDvo8pMk5WWFAqwGzuQ-Xh+957W61io_OsCP0oUzqCCODTg@mail.gmail.com

Fix test case from b0c5b215d.

I'd not checked that this iteration of the test actually worked
with a bootstrap superuser not named 'postgres'. It didn't,
because the coercion rules for CASE caused us to try to cast
the 'postgres' literal to regrole. Mea culpa.

Per buildfarm (via Alexander Korotkov)

Discussion: https://postgr.es/m/CAPpHfdsV=iTvH6B858hnH1bLgewYH6cdTnO_eOOw9EOa8kehkA@mail.gmail.com

Allow meson builds to run test_pg_dump test in installcheck mode.

This had been disabled because the test "doesn't delete its user".
It doesn't seem like a great idea for the meson tests to act
differently from the makefile tests, though, and the makefiles
had no such exception (which is how come only copperhead noticed
the problem just fixed in 534287403). In any case, the premise
is false since 936e3fa37, so let's remove the restriction.

Discussion: https://postgr.es/m/2857513.1713733688@sss.pgh.pa.us

Fix failure to track role dependencies of pg_init_privs entries.

If an ACL recorded in pg_init_privs mentions a non-pinned role,
that reference must also be noted in pg_shdepend so that we know
that the role can't go away without removing the ACL reference.
Otherwise, DROP ROLE could succeed and leave dangling entries
behind, which is what's causing the recent upgrade-check failures
on buildfarm member copperhead.

This has been wrong since pg_init_privs was introduced, but it's
escaped notice because typical pg_init_privs entries would only
mention the bootstrap superuser (pinned) or at worst the owner
of the extension (who can't go away before the extension does).

We lack even a representation of such a role reference for
pg_shdepend.  My first thought for a solution was entries listing
pg_init_privs in classid, but that doesn't work because then there's
noplace to put the granted-on object's classid.  Rather than adding
a new column to pg_shdepend, let's add a new deptype code
SHARED_DEPENDENCY_INITACL.  Much of the associated boilerplate
code can be cribbed from code for SHARED_DEPENDENCY_ACL.

A lot of the bulk of this patch just stems from the new need to pass
the object's owner ID to recordExtensionInitPriv, so that we can
consult it while updating pg_shdepend.  While many callers have that
at hand already, a few places now need to fetch the owner ID of an
arbitrary privilege-bearing object.  For that, we assume that there
is a catcache on the relevant catalog's OID column, which is an
assumption already made in ExecGrant_common so it seems okay here.

We do need an entirely new routine RemoveRoleFromInitPriv to perform
cleanup of pg_init_privs ACLs during DROP OWNED BY.  It's analogous
to RemoveRoleFromObjectACL, but we can't share logic because that
function operates by building a command parsetree and invoking
existing GRANT/REVOKE infrastructure.  There is of course no SQL
command that would update pg_init_privs entries when we're not in
process of creating their extension, so we need a routine that can
do the updates directly.

catversion bump because this changes the expected contents of
pg_shdepend.  For the same reason, there's no hope of back-patching
this, even though it fixes a longstanding bug.  Fortunately, the
case where it's a problem seems to be near nonexistent in the field.
If it weren't for the buildfarm breakage, I'd have been content to
leave this for v18.

Patch by me; thanks to Daniel Gustafsson for review and discussion.

Discussion: https://postgr.es/m/1745535.1712358659@sss.pgh.pa.us

Avoid repeating loads of frozen ID values.

Repeating loads of inplace-updated fields tends to cause bugs like the
one from the previous commit. While there's no bug to fix in these code
sites, adopt the load-once style. This improves the chance of future
copy/paste finding the safe style.

Discussion: https://postgr.es/m/20240423003956 [email protected]

Close race condition between datfrozen and relfrozen updates.

vac_update_datfrozenxid() did multiple loads of relfrozenxid and
relminmxid from buffer memory, and it assumed each would get the same
value.  Not so if a concurrent vac_update_relstats() did an inplace
update.  Commit 2d2e40e3befd8b9e0d2757554537345b15fa6ea2 fixed the same
kind of bug in vac_truncate_clog().  Today's bug could cause the
rel-level field and XIDs in the rel's rows to precede the db-level
field.  A cluster having such values should VACUUM affected tables.
Back-patch to v12 (all supported versions).

Discussion: https://postgr.es/m/20240423003956 [email protected]

Reject SSL connection if ALPN is used but there's no common protocol

If the client supports ALPN but tries to use some other protocol, like
HTTPS, reject the connection in the server. That is surely a confusion
of some sort. Furthermore, the ALPN RFC 7301 says:

> In the event that the server supports no protocols that the client
> advertises, then the server SHALL respond with a fatal
> "no_application_protocol" alert.

This commit makes the server follow that advice.

In the client, specifically check for the OpenSSL error code for the
"no_application_protocol" alert. Otherwise you got a cryptic "SSL
error: SSL error code 167773280" error if you tried to connect to a
non-PostgreSQL server that rejects the connection with
"no_application_protocol". ERR_reason_error_string() returns NULL for
that code, which frankly seems like an OpenSSL bug to me, but we can
easily print a better message ourselves.

Reported-by: Jacob Champion
Discussion: https://www.postgresql.org/message-id/6aedcaa5-60f3-49af-a857-2c76ba55a1f3@iki.fi

libpq: Enforce ALPN in direct SSL connections

ALPN is mandatory with direct SSL connections. That is documented, and
the server checks it, but libpq was missing the check.

Reported-by: Jacob Champion
Reviewed-by: Michael Paquier
Discussion: https://www.postgresql.org/message-id/CAOYmi+=sj+1uydS0NR4nYzw-LRWp3Q-s5speBug5UCLSPMbvGA@mail.gmail.com

libpq: Fix error messages when server rejects SSL or GSS

These messages were lost in commit 05fd30c0e7. Put them back.

This makes one change in the error message behavior compared to v16,
in the case that the server responds to GSSRequest with an error
instead of rejecting it with 'N'. Previously, libpq would hide the
error that the server sent, assuming that you got the error because
the server is an old pre-v12 version that doesn't understand the
GSSRequest message. A v11 server sends a "FATAL: unsupported frontend
protocol 1234.5680: server supports 2.0 to 3.0" error if you try to
connect to it with GSS. That was a reasonable assumption when the
feature was introduced, but v12 was released a long time ago and I
don't think it's the most probable cause anymore. The attached patch
changes things so that libpq prints the error message that the server
sent in that case, making the "server responds with error to
GSSRequest" case behave the same as the "server responds with error to
SSLRequest" case.

Reported-by: Peter Eisentraut
Discussion: https://www.postgresql.org/message-id/bb3b94da-afc7-438d-8940-cb946e553d9d@eisentraut.org

Make two-phase tests of ECPG and main suite more concurrent-proof

The ECPG and main 2PC tests have been using rather-generic names for the
prepared transactions they generate. This commit switches the 2PC
transactions to use more complex GIDs, reducing the risk of naming
conflicts.

The main 2PC tests also include scans of pg_prepared_xacts that do not
apply filters on the GID of the prepared transactions, making it
possible to fail the test when any 2PC transaction runs concurrently.
The CI has been able to see such failures with an installcheck
running the ECPG and the main regression test suites in parallel. The
queries on pg_prepared_xacts gain quals to only look after the GIDs
generated locally.

The race is very hard to reproduce, so no backbatch is done for now.

Reported-by: Richard Guo
Discussion: https://postgr.es/m/CAMbWs4-mWCGbbE_bne5=AfqjYGDaUZmjCw2+soLjrdNA0xUDFw@mail.gmail.com

libpq: If ALPN is not used, make PQsslAttribute(conn, "alpn") == ""

The documentation says that PQsslAttribute(conn, "alpn") returns an
empty string if ALPN is not used, but the code actually returned
NULL. Fix the code to match the documentation.

Reported-by: Michael Paquier
Discussion: https://www.postgresql.org/message-id/[email protected]

Revert "Add GUC backtrace_on_internal_error"

This reverts commit a740b213d4b4d3360ad0cac696e47e5ec0eb8864.

Subsequent discussion showed that there was interest in a more general
facility to configure when server log events would produce backtraces,
and this existing limited way couldn't be extended in a compatible
way. So the consensus was to revert this for PostgreSQL 17 and
reconsider this topic for PostgreSQL 18.

Discussion: https://www.postgresql.org/message-id/flat/CAGECzQTChkvn5Xj772LB3%3Dxo2x_LcaO5O0HQvXqobm1xVp6%2B4w%40mail.gmail.com#764bcdbb73e162787e1ad984935e51e3

Fix documentation and comments on what happens after GSS rejection

The paragraph in the docs and the comment applied to
sslnegotiaton=direct, but not sslnegotiation=requiredirect. In
'requiredirect' mode, negotiated SSL is never used. Move the paragraph
in the docs under the description of 'direct' mode, and rephrase it.

Also the comment's reference to reusing a plaintext connection was
bogus. Authentication failure in plaintext mode only happens after
sending the startup packet, so the connection cannot be reused.

Reported-by: Jacob Champion
Discussion: https://www.postgresql.org/message-id/CAOYmi+=sj+1uydS0NR4nYzw-LRWp3Q-s5speBug5UCLSPMbvGA@mail.gmail.com

Throw a more on-point error for functions depending on columns.

ALTER COLUMN TYPE wasn't expecting to find any pg_proc objects
depending on the column whose type is to be altered.  That indeed
wasn't possible when this code was written, but it is possible
since we introduced new-style SQL function bodies.

It's about as difficult to fix this case as it is to fix dependent
views, and we've been punting on those for years, so I don't feel
too awful about punting for functions too.  (I sure wouldn't risk
back-patching such code.)  So just throw a more user-facing error.
Also, adjust some of the existing comments to reflect that these
are all pretty much the same issue.

(This patch also fixes it so we will tolerate finding such a
dependency during ALTER COLUMN SET EXPRESSION; in that, we need
not do anything to the function, so no error is wanted.  That
problem is new in HEAD.)

Per bug #18449 from Alexander Lakhin.  Back-patch to v14 where
we added new-style SQL functions.

Discussion: https://postgr.es/m/18449-f8248467aaa294d5@postgresql.org

Detect more overflows in timestamp[tz]_pl_interval.

In commit 25cd2d640 I (tgl) opined that "The additions of the months
and microseconds fields could also overflow, of course.  However,
I believe we need no additional checks there; the existing range
checks should catch such cases".  This is demonstrably wrong however
for the microseconds field, and given that discovery it seems prudent
to be paranoid about the months addition as well.

Report and patch by Joseph Koshakow.  As before, back-patch to all
supported branches.  (However, the test case doesn't work before
v15 because we didn't allow wider-than-int32 numbers in interval
literals.  A variant test could probably be built that fits within
that restriction, but it didn't seem worth the trouble.)

Discussion: https://postgr.es/m/CAAvxfHf77sRHKoEzUw9_cMYSpbpNS2C+J_+8Dq4+0oi8iKopeA@mail.gmail.com

Fix duplicated consecutive words in comments

Also, fix a comment incorrectly referencing the "streaming read API".
This was renamed to "read stream" shortly before being committed.

Discussion: https://postgr.es/m/CAApHDvq-2Zdqytm_Hf3RmVf0qg5PS9jTFAJ5QTc9xH9pwvwDTA@mail.gmail.com

Remove redundant JSON parser typedefs

JsonNonTerminal and JsonParserSem were added in commit 3311ea86ed

These names of these two enums are not actually used, so there is no
need for typedefs. Instead use plain enums to declare the constants.

Noticed by Alvaro Herera.

Small cosmetic fixes in radix tree template

- Bring memory context names in line with other naming
- Fix typos, reported off-list by Alexander Lakhin
- Remove copy-paste errors from comments
- Remove duplicate #undef

Minor fixes to pg_combinebackup and its documentation.

The --tablespace-mapping option was specified with required_argument
rather than no_argument, which is wrong. Since the actual argument
string passed to getopt_long() included "T:", the single-character
form of the option still worked, but the long form did not. Repair.

The call to getopt_long() erroneously included "P", which doesn't
correspond to any supported option. Remove.

The help message used "do not" in one place and "don't" in another.
Standardize on "do not".

The documentation erroneously stated that the tablespace mappings
would be applied relative to the pathnames in the first backup
specified on the command line, rather than the final one. Fix.

Thanks to Tomas Vondra and Daniel Gustafsson for alerting me to
these mistakes.

Discussion: http://postgr.es/m/CA+TgmoYFznwwaZhHSF1Ze7JeyBv-1yOoSrucKMw37WpF=7RP8g@mail.gmail.com

pg_combinebackup: Detect checksum mismatches and document limitation.

If not all backups have the same checksum status, but the final backup
has checksums enabled, then the output directory may include pages
with invalid checksums. Document this limitation and explain how to
work around it.

In a future release, we may want to teach pg_combinebackup to
recompute page checksums when required, but as feature freeze has come
and gone, it seems a bit too late to do that for this release.

Patch by me, reviewed by Daniel Gustafsson

Discussion: http://postgr.es/m/CA+TgmoZugzOSmgkx97u3pc0M7U8LycWvugqoyWBv6j15a4hE5g@mail.gmail.com

Avoid unnecessary "touch meson.build" in vpath builds

In e6927270cd1 I added a 'touch meson.build' to configure.ac, to ensure
conflicts between in-tree configure based builds and meson builds are
automatically detected. Unfortunately I omitted spaces around the condition
restricting this to in-tree builds, leading to touch meson.build to also be
executed in vpath builds. While the only consequence of this buglet is an
unnecessary empty file in build directories, it seems worth backpatching.

Reported-by: Christoph Berg <[email protected]>
Discussion: https://postgr.es/m/20240417230002 [email protected]
Backpatch: 16-, where the meson based build was added

radixtree: Fix SIGSEGV at update of embeddable value to non-embeddable.

Also, fix a memory leak when updating from non-embeddable to
embeddable. Both were unreachable without adding C code.

Reported-by: Noah Misch
Author: Noah Misch
Reviewed-by: Masahiko Sawada, John Naylor
Discussion: https://postgr.es/m/20240424210319.4c.nmisch%40google.com

doc: Add link to table

Formal tables should generally have an xref in the text that points to
them. Add them here.

Post-commit review fixes for slot synchronization.

Allow pg_sync_replication_slots() to error out during promotion of standby.
This makes the behavior of the SQL function consistent with the slot sync
worker. We also ensured that pg_sync_replication_slots() cannot be
executed if sync_replication_slots is enabled and the slotsync worker is
already running to perform the synchronization of slots. Previously, it
would have succeeded in cases when the worker is idle and failed when it
is performing sync which could confuse users.

This patch fixes another issue in the slot sync worker where
SignalHandlerForShutdownRequest() needs to be registered *before* setting
SlotSyncCtx->pid, otherwise, the slotsync worker could miss handling
SIGINT sent by the startup process(ShutDownSlotSync) if it is sent before
worker could register SignalHandlerForShutdownRequest(). To be consistent,
all signal handlers' registration is moved to a prior location before we
set the worker's pid.

Ensure that we clean up synced temp slots at the end of
pg_sync_replication_slots() to avoid such slots being left over after
promotion.

Ensure that ShutDownSlotSync() captures SlotSyncCtx->pid under spinlock to
avoid accessing invalid value as it can be reset by concurrent slot sync
exit due to an error.

Author: Shveta Malik
Reviewed-by: Hou Zhijie, Bertrand Drouvot, Amit Kapila, Masahiko Sawada
Discussion: https://postgr.es/m/CAJpy0uBefXUS_TSz=oxmYKHdg-fhxUT0qfjASW3nmqnzVC3p6A@mail.gmail.com

Remove unnecessary code from be_lo_put()

A permission check is performed in be_lo_put() just after returning
from inv_open(), but the permission is already checked in inv_open(),
so we can remove the second check.

This check was added in 8d9881911f0, but then the refactoring in
ae20b23a9e7 should have removed it.

Author: Yugo NAGATA <[email protected]>
Discussion: https://www.postgresql.org/message-id/flat/20240424185932.9789628b99a49ec81b020425%40sraoss.co.jp

Fix the missing table sync due to improper invalidation handling.

We missed performing table sync if the invalidation happened while the
non-ready tables list was being prepared. This occurs because the sync
state was set to valid at the end of non-ready table list preparation
irrespective of the invalidations processed while the list is being
prepared.

Fix it by changing the boolean variable to a tri-state enum and by setting
table state to valid only if no invalidations have occurred while the list
is being prepared.

Reprted-by: Alexander Lakhin
Diagnosed-by: Alexander Lakhin
Author: Vignesh C
Reviewed-by: Hou Zhijie, Alexander Lakhin, Ajin Cherian, Amit Kapila
Backpatch-through: 15
Discussion: https://postgr.es/m/711a6afe-edb7-1211-cc27-1bef8239eec7@gmail.com

Improve comment of DeallocateStmt->isall

This field is not used directly in the code, but it is important for
query jumbling to be able to make a difference between a named
DEALLOCATE and DEALLOCATE ALL (see bb45156f342c). This behavior is
tracked in the regression tests of pg_stat_statements, but the reason
why this field is important can be easily missed, as a recent discussion
has proved, so let's improve its comment to document the reason why it
needs to be around.

Wording has been suggested by Tom Lane

Discussion: https://postgr.es/m/[email protected]

Doc: fix minor oversight in ALTER DEFAULT PRIVILEGES ref page.

Since schemas have more than one kind of privilege, we should
use the synopsis form that shows the privilege being possibly
repeated.

Yugo Nagata

Discussion: https://postgr.es/m/20240424155052.7ac0d0773e4ae27ab723faea@sraoss.co.jp

Add pg_logging_init() calls missing in commit ba3e6e2bca

As noticed by Michael Paquier.

Doc: fix prompt in psql crosstabview example

The prompt in the crosstabview example was incorrectly indicating
an open parenthesis where there is none in the example query. Fix
by changing to the normal multi-line prompt.

Reported-by: [email protected]
Discussion: https://postgr.es/m/171369707837.684.8207966689229976474@wrigleys.postgresql.org

doc: Fix up spacing around verbatim DocBook elements

pg_combinebackup: Add --version to --help output

(It was already on the man page.)

doc: Correct jsonpath string literal escapes description

The paragraph describing the JavaScript string literals allowed in
jsonpath expressions unnecessarily mentions JSON by erroneously
listing \v as allowed by JSON and mentioning the \xNN and \u{N...}
backslash escapes as deviations from JSON when in fact both are
accepted by ECMAScript/JavaScript. Fix this by only referring to
JavaScript.

Author: Erik Wienhold <[email protected]>
Discussion: https://www.postgresql.org/message-id/flat/1EB17DF9-2636-484B-9DD0-3CAB19C4F5C4@justatheory.com

pg_combinebackup: Put newer options in consistent order in --help and man page

Support SSL_R_VERSION_TOO_LOW when using LibreSSL

The SSL_R_VERSION_TOO_LOW error reason is supported in LibreSSL since
LibreSSL 3.6.3, shipped in OpenBSD 7.2. SSL_R_VERSION_TOO_HIGH is on
the other hand not supported in any version of LibreSSL. Previously
we only checked for SSL_R_VERSION_TOO_HIGH and then applied both under
that guard since OpenSSL has only ever supported both at the same time.
This breaks the check into one per reason to allow SSL_R_VERSION_TOO_LOW
to work when using LibreSSL.

Reviewed-by: Peter Eisentraut <[email protected]>
Reviewed-by: Michael Paquier <[email protected]>
Discussion: https://postgr.es/m/eac70d46-e61c-4d71-a1e1-78e2bfa19485@eisentraut.org

Support disallowing SSL renegotiation when using LibreSSL

LibreSSL doesn't support the SSL_OP_NO_RENEGOTIATION macro which is
used by OpenSSL, instead it has invented a similar one for client-
side renegotiation: SSL_OP_NO_CLIENT_RENEGOTIATION. This has been
supported since LibreSSL 2.5.1 which by now can be considered well
below the minimum requirement.

Reviewed-by: Peter Eisentraut <[email protected]>
Reviewed-by: Michael Paquier <[email protected]>
Discussion: https://postgr.es/m/eac70d46-e61c-4d71-a1e1-78e2bfa19485@eisentraut.org

Doc: Use past tense for things which happened in the past

The paragraph on SSL compression is largely describing events which
took place many years ago, so reword with past tense.

Reviewed-by: Peter Eisentraut <[email protected]>
Reviewed-by: Michael Paquier <[email protected]>
Discussion: https://postgr.es/m/eac70d46-e61c-4d71-a1e1-78e2bfa19485@eisentraut.org

pg_dump: Put new options in consistent order in --help and man page

doc: Fix order of options on pg_createsubscriber man page

Some options were listed in an order that was inconsistent with the
--help output and everything else.

pg_walsummary: Document --version option

It was working, but it was not shown in the --help output or on the
man page.

Remove obsolete symbol from ecpg_config.h.in

HAVE_LONG_LONG_INT was not added to ecpg_config.h.in by the meson
build system, but rather than add it there, we decided to remove it
from the makefile build system, to make both consistent that way.

There is no documentation or examples that suggest that the presence
of this symbol was publicly advertised, and of course the feature is
required by C99 (but we don't necessarily require C99 for ecpg user
code). ecpg core code and ecpg tests use the symbol
HAVE_LONG_LONG_INT_64 instead, which is still there.

Discussion: https://www.postgresql.org/message-id/flat/bf35d032-02fc-4173-9f4f-840999cc3ef3%40eisentraut.org

Try again to add test coverage for pg_combinebackup w/tablespaces.

My previous attempt to add this had to be reverted in commit
82023d47de9e262730b1f9b4ea77fae201a89d0a. I've revised the problematic
code a bit; hopefully it is OK now.

Discussion: http://postgr.es/m/CA+Tgmobiv1QJR5PEJoDKeZDrJHZFRmi4XmWOqufN49DJj-3e2g@mail.gmail.com

Post review fixes for test_json_parser test module

. Add missing copytight notices
. improve code coverage
. put work files in a temp directory in the standard location
. improve error checking in C code
. indent perl files with perltidy
. add some comments

per comments from Michael Paquier

Discussion: https://postgr.es/m/[email protected]