| blob | 7f5eada9d45299cffdf002dffa688dd485901fa9 |
1 /*-------------------------------------------------------------------------
2 *
3 * postgres.c
4 * POSTGRES C Backend Interface
5 *
6 * Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
8 *
9 *
10 * IDENTIFICATION
11 * src/backend/tcop/postgres.c
12 *
13 * NOTES
14 * this is the "main" module of the postgres backend and
15 * hence the main module of the "traffic cop".
16 *
17 *-------------------------------------------------------------------------
18 */
22 #include <fcntl.h>
23 #include <limits.h>
24 #include <signal.h>
25 #include <unistd.h>
26 #include <sys/resource.h>
27 #include <sys/socket.h>
28 #include <sys/time.h>
30 #ifdef USE_VALGRIND
31 #include <valgrind/valgrind.h>
32 #endif
84 /* ----------------
85 * global variables
86 * ----------------
87 */
90 /* Note: whereToSendOutput is initialized for the bootstrap/standalone case */
93 /* flag for logging end of session */
98 /* GUC variable for maximum stack depth (measured in kilobytes) */
101 /* wait N seconds to allow attach from a debugger */
104 /* Time between checks that the client is still connected. */
107 /* flags for non-system relation kinds to restrict use */
110 /* ----------------
111 * private typedefs etc
112 * ----------------
113 */
115 /* type of argument for bind_param_error_callback */
117 {
123 /* ----------------
124 * private variables
125 * ----------------
126 */
128 /* max_stack_depth converted to bytes for speed of checking */
131 /*
132 * Stack base pointer -- initialized by PostmasterMain and inherited by
133 * subprocesses (but see also InitPostmasterChild).
134 */
137 /*
138 * Flag to keep track of whether we have started a transaction.
139 * For extended query protocol this has to be remembered across messages.
140 */
143 /*
144 * Flag to indicate that we are doing the outer loop's read-from-client,
145 * as opposed to any random read from client that might happen within
146 * commands like COPY FROM STDIN.
147 */
150 /*
151 * Flags to implement skip-till-Sync-after-error behavior for messages of
152 * the extended query protocol.
153 */
157 /*
158 * If an unnamed prepared statement exists, it's stored here.
159 * We keep it separate from the hashtable kept by commands/prepare.c
160 * in order to reduce overhead for short-lived queries.
161 */
164 /* assorted command-line switches */
169 /* whether or not, and why, we were canceled by conflict with recovery */
173 /* reused buffer to pass to SendRowDescriptionMessage() */
177 /* ----------------------------------------------------------------
178 * decls for routines only used in this file
179 * ----------------------------------------------------------------
180 */
202 /* ----------------------------------------------------------------
203 * infrastructure for valgrind debugging
204 * ----------------------------------------------------------------
205 */
206 #ifdef USE_VALGRIND
207 /* This variable should be set at the top of the main loop. */
210 /*
211 * If Valgrind detected any errors since old_valgrind_error_count was updated,
212 * report the current query as the cause. This should be called at the end
213 * of message processing.
214 */
215 static void
217 {
224 query);
225 }
228 #define valgrind_report_error_query(query) ((void) 0)
232 /* ----------------------------------------------------------------
233 * routines to obtain user input
234 * ----------------------------------------------------------------
235 */
237 /* ----------------
238 * InteractiveBackend() is called for user interactive connections
239 *
240 * the string entered by the user is placed in its parameter inBuf,
241 * and we act like a Q message was received.
242 *
243 * EOF is returned if end-of-file input is seen; time to shut down.
244 * ----------------
245 */
247 static int
249 {
252 /*
253 * display a prompt and obtain input from the user
254 */
260 /*
261 * Read characters until EOF or the appropriate delimiter is seen.
262 */
264 {
266 {
268 {
269 /*
270 * In -j mode, semicolon followed by two newlines ends the
271 * command; otherwise treat newline as regular character.
272 */
276 {
277 /* might as well drop the second newline */
279 }
280 }
281 else
282 {
283 /*
284 * In plain mode, newline ends the command unless preceded by
285 * backslash.
286 */
289 {
290 /* discard backslash from inBuf */
292 /* discard newline too */
294 }
295 else
296 {
297 /* keep the newline character, but end the command */
300 }
301 }
302 }
304 /* Not newline, or newline treated as regular character */
306 }
308 /* No input before EOF signal means time to quit. */
312 /*
313 * otherwise we have a user query so process it.
314 */
316 /* Add '\0' to make it look the same as message case. */
319 /*
320 * if the query echo flag was given, print the query..
321 */
327 }
329 /*
330 * interactive_getc -- collect one character from stdin
331 *
332 * Even though we are not reading from a "client" process, we still want to
333 * respond to signals, particularly SIGTERM/SIGQUIT.
334 */
335 static int
337 {
340 /*
341 * This will not process catchup interrupts or notifications while
342 * reading. But those can't really be relevant for a standalone backend
343 * anyway. To properly handle SIGTERM there's a hack in die() that
344 * directly processes interrupts at this stage...
345 */
353 }
355 /* ----------------
356 * SocketBackend() Is called for frontend-backend connections
357 *
358 * Returns the message type code, and loads message body data into inBuf.
359 *
360 * EOF is returned if the connection is lost.
361 * ----------------
362 */
363 static int
365 {
369 /*
370 * Get message type code from the frontend.
371 */
377 {
382 else
383 {
384 /*
385 * Can't send DEBUG log messages to client at this point. Since
386 * we're disconnecting right away, we don't need to restore
387 * whereToSendOutput.
388 */
393 }
395 }
397 /*
398 * Validate message type code before trying to read body; if we have lost
399 * sync, better to say "command unknown" than to run out of memory because
400 * we used garbage as a length word. We can also select a type-dependent
401 * limit on what a sane length word could be. (The limit could be chosen
402 * more granularly, but it's not clear it's worth fussing over.)
403 *
404 * This also gives us a place to set the doing_extended_query_message flag
405 * as soon as possible.
406 */
408 {
441 /* stop any active skip-till-Sync */
443 /* mark not-extended, so that a new error doesn't begin skip */
460 /*
461 * Otherwise we got garbage from the frontend. We treat this as
462 * fatal because we have probably lost message boundary sync, and
463 * there's no good way to recover.
464 */
470 }
472 /*
473 * In protocol version 3, all frontend messages have a length word next
474 * after the type code; we can read the message contents independently of
475 * the type.
476 */
482 }
484 /* ----------------
485 * ReadCommand reads a command from either the frontend or
486 * standard input, places it in inBuf, and returns the
487 * message type code (first byte of the message).
488 * EOF is returned if end of file.
489 * ----------------
490 */
491 static int
493 {
498 else
501 }
503 /*
504 * ProcessClientReadInterrupt() - Process interrupts specific to client reads
505 *
506 * This is called just before and after low-level reads.
507 * 'blocked' is true if no data was available to read and we plan to retry,
508 * false if about to read or done reading.
509 *
510 * Must preserve errno!
511 */
512 void
514 {
518 {
519 /* Check for general interrupts that arrived before/while reading */
522 /* Process sinval catchup interrupts, if any */
526 /* Process notify interrupts, if any */
529 }
531 {
532 /*
533 * We're dying. If there is no data available to read, then it's safe
534 * (and sane) to handle that now. If we haven't tried to read yet,
535 * make sure the process latch is set, so that if there is no data
536 * then we'll come back here and die. If we're done reading, also
537 * make sure the process latch is set, as we might've undesirably
538 * cleared it while reading.
539 */
542 else
544 }
547 }
549 /*
550 * ProcessClientWriteInterrupt() - Process interrupts specific to client writes
551 *
552 * This is called just before and after low-level writes.
553 * 'blocked' is true if no data could be written and we plan to retry,
554 * false if about to write or done writing.
555 *
556 * Must preserve errno!
557 */
558 void
560 {
564 {
565 /*
566 * We're dying. If it's not possible to write, then we should handle
567 * that immediately, else a stuck client could indefinitely delay our
568 * response to the signal. If we haven't tried to write yet, make
569 * sure the process latch is set, so that if the write would block
570 * then we'll come back here and die. If we're done writing, also
571 * make sure the process latch is set, as we might've undesirably
572 * cleared it while writing.
573 */
575 {
576 /*
577 * Don't mess with whereToSendOutput if ProcessInterrupts wouldn't
578 * service ProcDiePending.
579 */
581 {
582 /*
583 * We don't want to send the client the error message, as a)
584 * that would possibly block again, and b) it would likely
585 * lead to loss of protocol sync because we may have already
586 * sent a partial protocol message.
587 */
592 }
593 }
594 else
596 }
599 }
601 /*
602 * Do raw parsing (only).
603 *
604 * A list of parsetrees (RawStmt nodes) is returned, since there might be
605 * multiple commands in the given string.
606 *
607 * NOTE: for interactive queries, it is important to keep this routine
608 * separate from the analysis & rewrite stages. Analysis and rewriting
609 * cannot be done in an aborted transaction, since they require access to
610 * database tables. So, we rely on the raw parser to determine whether
611 * we've seen a COMMIT or ABORT command; when we are in abort state, other
612 * commands are not processed any further than the raw parse stage.
613 */
614 List *
616 {
629 #ifdef DEBUG_NODE_TESTS_ENABLED
631 /* Optional debugging check: pass raw parsetrees through copyObject() */
633 {
636 /* This checks both copyObject() and the equal() routines... */
639 else
641 }
643 /*
644 * Optional debugging check: pass raw parsetrees through
645 * outfuncs/readfuncs
646 */
648 {
653 /* This checks both outfuncs/readfuncs and the equal() routines... */
656 else
658 }
665 }
667 /*
668 * Given a raw parsetree (gram.y output), and optionally information about
669 * types of parameter symbols ($n), perform parse analysis and rule rewriting.
670 *
671 * A list of Query nodes is returned, since either the analyzer or the
672 * rewriter might expand one query to several.
673 *
674 * NOTE: for reasons mentioned above, this must be separate from raw parsing.
675 */
676 List *
682 {
688 /*
689 * (1) Perform parse analysis.
690 */
695 queryEnv);
700 /*
701 * (2) Rewrite the queries, as necessary
702 */
708 }
710 /*
711 * Do parse analysis and rewriting. This is the same as
712 * pg_analyze_and_rewrite_fixedparams except that it's okay to deduce
713 * information about $n symbol datatypes from context.
714 */
715 List *
721 {
727 /*
728 * (1) Perform parse analysis.
729 */
734 queryEnv);
736 /*
737 * Check all parameter types got determined.
738 */
740 {
748 }
753 /*
754 * (2) Rewrite the queries, as necessary
755 */
761 }
763 /*
764 * Do parse analysis and rewriting. This is the same as
765 * pg_analyze_and_rewrite_fixedparams except that, instead of a fixed list of
766 * parameter datatypes, a parser callback is supplied that can do
767 * external-parameter resolution and possibly other things.
768 */
769 List *
772 ParserSetupHook parserSetup,
775 {
781 /*
782 * (1) Perform parse analysis.
783 */
788 queryEnv);
793 /*
794 * (2) Rewrite the queries, as necessary
795 */
801 }
803 /*
804 * Perform rewriting of a query produced by parse analysis.
805 *
806 * Note: query must just have come from the parser, because we do not do
807 * AcquireRewriteLocks() on it.
808 */
809 List *
811 {
816 Debug_pretty_print);
822 {
823 /* don't rewrite utilities, just dump 'em into result list */
825 }
826 else
827 {
828 /* rewrite regular queries */
830 }
835 #ifdef DEBUG_NODE_TESTS_ENABLED
837 /* Optional debugging check: pass querytree through copyObject() */
839 {
843 /* This checks both copyObject() and the equal() routines... */
846 else
848 }
850 /* Optional debugging check: pass querytree through outfuncs/readfuncs */
852 {
857 {
862 /*
863 * queryId is not saved in stored rules, but we must preserve it
864 * here to avoid breaking pg_stat_statements.
865 */
870 }
872 /* This checks both outfuncs/readfuncs and the equal() routines... */
875 else
877 }
883 Debug_pretty_print);
886 }
889 /*
890 * Generate a plan for a single already-rewritten query.
891 * This is a thin wrapper around planner() and takes the same parameters.
892 */
893 PlannedStmt *
895 ParamListInfo boundParams)
896 {
899 /* Utility commands have no plans. */
903 /* Planner must have a snapshot in case it calls user-defined functions. */
911 /* call the optimizer */
917 #ifdef DEBUG_NODE_TESTS_ENABLED
919 /* Optional debugging check: pass plan tree through copyObject() */
921 {
924 /*
925 * equal() currently does not have routines to compare Plan nodes, so
926 * don't try to test equality here. Perhaps fix someday?
927 */
928 #ifdef NOT_USED
929 /* This checks both copyObject() and the equal() routines... */
932 else
933 #endif
935 }
937 /* Optional debugging check: pass plan tree through outfuncs/readfuncs */
939 {
947 /*
948 * equal() currently does not have routines to compare Plan nodes, so
949 * don't try to test equality here. Perhaps fix someday?
950 */
951 #ifdef NOT_USED
952 /* This checks both outfuncs/readfuncs and the equal() routines... */
955 else
956 #endif
958 }
962 /*
963 * Print plan if debugging.
964 */
971 }
973 /*
974 * Generate plans for a list of already-rewritten queries.
975 *
976 * For normal optimizable statements, invoke the planner. For utility
977 * statements, just make a wrapper PlannedStmt node.
978 *
979 * The result is a list of PlannedStmt nodes.
980 */
981 List *
983 ParamListInfo boundParams)
984 {
989 {
994 {
995 /* Utility commands require no planning. */
1003 }
1004 else
1005 {
1007 boundParams);
1008 }
1011 }
1014 }
1017 /*
1018 * exec_simple_query
1019 *
1020 * Execute a "simple Query" protocol message.
1021 */
1022 static void
1024 {
1026 MemoryContext oldcontext;
1034 /*
1035 * Report query to various monitoring facilities.
1036 */
1043 /*
1044 * We use save_log_statement_stats so ShowUsage doesn't report incorrect
1045 * results because ResetUsage wasn't called.
1046 */
1050 /*
1051 * Start up a transaction command. All queries generated by the
1052 * query_string will be in this same command block, *unless* we find a
1053 * BEGIN/COMMIT/ABORT statement; we have to force a new xact command after
1054 * one of those, else bad things will happen in xact.c. (Note that this
1055 * will normally change current memory context.)
1056 */
1059 /*
1060 * Zap any pre-existing unnamed statement. (While not strictly necessary,
1061 * it seems best to define simple-Query mode as if it used the unnamed
1062 * statement and portal; this ensures we recover any storage used by prior
1063 * unnamed operations.)
1064 */
1067 /*
1068 * Switch to appropriate context for constructing parsetrees.
1069 */
1072 /*
1073 * Do basic parsing of the query or queries (this should be safe even if
1074 * we are in aborted transaction state!)
1075 */
1078 /* Log immediately if dictated by log_statement */
1080 {
1086 }
1088 /*
1089 * Switch back to transaction context to enter the loop.
1090 */
1093 /*
1094 * For historical reasons, if multiple SQL statements are given in a
1095 * single "simple Query" message, we execute them as a single transaction,
1096 * unless explicit transaction control commands are included to make
1097 * portions of the list be separate transactions. To represent this
1098 * behavior properly in the transaction machinery, we use an "implicit"
1099 * transaction block.
1100 */
1103 /*
1104 * Run through the raw parsetree(s) and process each one.
1105 */
1107 {
1110 CommandTag commandTag;
1111 QueryCompletion qc;
1115 Portal portal;
1117 int16 format;
1123 /*
1124 * Get the command name for use in status display (it also becomes the
1125 * default completion tag, down inside PortalRun). Set ps_status and
1126 * do any special start-of-SQL-command processing needed by the
1127 * destination.
1128 */
1136 /*
1137 * If we are in an aborted transaction, reject all commands except
1138 * COMMIT/ABORT. It is important that this test occur before we try
1139 * to do parse analysis, rewrite, or planning, since all those phases
1140 * try to do database accesses, which may fail in abort state. (It
1141 * might be safe to allow some additional utility commands in this
1142 * state, but not many...)
1143 */
1152 /* Make sure we are in a transaction command */
1155 /*
1156 * If using an implicit transaction block, and we're not already in a
1157 * transaction block, start an implicit block to force this statement
1158 * to be grouped together with any following ones. (We must do this
1159 * each time through the loop; otherwise, a COMMIT/ROLLBACK in the
1160 * list would cause later statements to not be grouped.)
1161 */
1165 /* If we got a cancel signal in parsing or prior command, quit */
1168 /*
1169 * Set up a snapshot if parse analysis/planning will need one.
1170 */
1172 {
1175 }
1177 /*
1178 * OK to analyze, rewrite, and plan this query.
1179 *
1180 * Switch to appropriate context for constructing query and plan trees
1181 * (these can't be in the transaction context, as that will get reset
1182 * when the command is COMMIT/ROLLBACK). If we have multiple
1183 * parsetrees, we use a separate context for each one, so that we can
1184 * free that memory before moving on to the next one. But for the
1185 * last (or only) parsetree, just use MessageContext, which will be
1186 * reset shortly after completion anyway. In event of an error, the
1187 * per_parsetree_context will be deleted when MessageContext is reset.
1188 */
1190 {
1191 per_parsetree_context =
1194 ALLOCSET_DEFAULT_SIZES);
1196 }
1197 else
1206 /*
1207 * Done with the snapshot used for parsing/planning.
1208 *
1209 * While it looks promising to reuse the same snapshot for query
1210 * execution (at least for simple protocol), unfortunately it causes
1211 * execution to use a snapshot that has been acquired before locking
1212 * any of the tables mentioned in the query. This creates user-
1213 * visible anomalies, so refrain. Refer to
1214 * https://postgr.es/m/flat/5075D8DF.6050500@fuzzy.cz for details.
1215 */
1219 /* If we got a cancel signal in analysis or planning, quit */
1222 /*
1223 * Create unnamed portal to run the query or queries in. If there
1224 * already is one, silently drop it.
1225 */
1227 /* Don't display the portal in pg_cursors */
1230 /*
1231 * We don't have to copy anything into the portal, because everything
1232 * we are passing here is in MessageContext or the
1233 * per_parsetree_context, and so will outlive the portal anyway.
1234 */
1236 NULL,
1237 query_string,
1238 commandTag,
1239 plantree_list,
1240 NULL);
1242 /*
1243 * Start the portal. No parameters here.
1244 */
1247 /*
1248 * Select the appropriate output format: text unless we are doing a
1249 * FETCH from a binary cursor. (Pretty grotty to have to do this here
1250 * --- but it avoids grottiness in other places. Ah, the joys of
1251 * backward compatibility...)
1252 */
1255 {
1259 {
1265 }
1266 }
1269 /*
1270 * Now we can create the destination receiver object.
1271 */
1276 /*
1277 * Switch back to transaction context for execution.
1278 */
1281 /*
1282 * Run the portal to completion, and then drop it (and the receiver).
1283 */
1285 FETCH_ALL,
1288 receiver,
1289 receiver,
1297 {
1298 /*
1299 * If this is the last parsetree of the query string, close down
1300 * transaction statement before reporting command-complete. This
1301 * is so that any end-of-transaction errors are reported before
1302 * the command-complete message is issued, to avoid confusing
1303 * clients who will expect either a command-complete message or an
1304 * error, not one and then the other. Also, if we're using an
1305 * implicit transaction block, we must close that out first.
1306 */
1310 }
1312 {
1313 /*
1314 * If this was a transaction control statement, commit it. We will
1315 * start a new xact command for the next command.
1316 */
1318 }
1319 else
1320 {
1321 /*
1322 * We had better not see XACT_FLAGS_NEEDIMMEDIATECOMMIT set if
1323 * we're not calling finish_xact_command(). (The implicit
1324 * transaction block should have prevented it from getting set.)
1325 */
1328 /*
1329 * We need a CommandCounterIncrement after every query, except
1330 * those that start or end a transaction block.
1331 */
1334 /*
1335 * Disable statement timeout between queries of a multi-query
1336 * string, so that the timeout applies separately to each query.
1337 * (Our next loop iteration will start a fresh timeout.)
1338 */
1340 }
1342 /*
1343 * Tell client that we're done with this query. Note we emit exactly
1344 * one EndCommand report for each raw parsetree, thus one for each SQL
1345 * command the client sent, regardless of rewriting. (But a command
1346 * aborted by error will not send an EndCommand report at all.)
1347 */
1350 /* Now we may drop the per-parsetree context, if one was created. */
1355 /*
1356 * Close down transaction statement, if one is open. (This will only do
1357 * something if the parsetree list was empty; otherwise the last loop
1358 * iteration already did it.)
1359 */
1362 /*
1363 * If there were no parsetrees, return EmptyQueryResponse message.
1364 */
1368 /*
1369 * Emit duration logging if appropriate.
1370 */
1372 {
1385 }
1393 }
1395 /*
1396 * exec_parse_message
1397 *
1398 * Execute a "Parse" protocol message.
1399 */
1400 static void
1405 {
1407 MemoryContext oldcontext;
1416 /*
1417 * Report query to various monitoring facilities.
1418 */
1431 query_string)));
1433 /*
1434 * Start up a transaction command so we can run parse analysis etc. (Note
1435 * that this will normally change current memory context.) Nothing happens
1436 * if we are already in one. This also arms the statement timeout if
1437 * necessary.
1438 */
1441 /*
1442 * Switch to appropriate context for constructing parsetrees.
1443 *
1444 * We have two strategies depending on whether the prepared statement is
1445 * named or not. For a named prepared statement, we do parsing in
1446 * MessageContext and copy the finished trees into the prepared
1447 * statement's plancache entry; then the reset of MessageContext releases
1448 * temporary space used by parsing and rewriting. For an unnamed prepared
1449 * statement, we assume the statement isn't going to hang around long, so
1450 * getting rid of temp space quickly is probably not worth the costs of
1451 * copying parse trees. So in this case, we create the plancache entry's
1452 * query_context here, and do all the parsing work therein.
1453 */
1456 {
1457 /* Named prepared statement --- parse in MessageContext */
1459 }
1460 else
1461 {
1462 /* Unnamed prepared statement --- release any prior unnamed stmt */
1464 /* Create context for parsing */
1465 unnamed_stmt_context =
1468 ALLOCSET_DEFAULT_SIZES);
1470 }
1472 /*
1473 * Do basic parsing of the query or queries (this should be safe even if
1474 * we are in aborted transaction state!)
1475 */
1478 /*
1479 * We only allow a single user statement in a prepared statement. This is
1480 * mainly to keep the protocol simple --- otherwise we'd need to worry
1481 * about multiple result tupdescs and things like that.
1482 */
1489 {
1494 /*
1495 * If we are in an aborted transaction, reject all commands except
1496 * COMMIT/ROLLBACK. It is important that this test occur before we
1497 * try to do parse analysis, rewrite, or planning, since all those
1498 * phases try to do database accesses, which may fail in abort state.
1499 * (It might be safe to allow some additional utility commands in this
1500 * state, but not many...)
1501 */
1510 /*
1511 * Create the CachedPlanSource before we do parse analysis, since it
1512 * needs to see the unmodified raw parse tree.
1513 */
1517 /*
1518 * Set up a snapshot if parse analysis will need one.
1519 */
1521 {
1524 }
1526 /*
1527 * Analyze and rewrite the query. Note that the originally specified
1528 * parameter set is not required to be complete, so we have to use
1529 * pg_analyze_and_rewrite_varparams().
1530 */
1532 query_string,
1535 NULL);
1537 /* Done with the snapshot used for parsing */
1540 }
1541 else
1542 {
1543 /* Empty input string. This is legal. */
1546 CMDTAG_UNKNOWN);
1548 }
1550 /*
1551 * CachedPlanSource must be a direct child of MessageContext before we
1552 * reparent unnamed_stmt_context under it, else we have a disconnected
1553 * circular subgraph. Klugy, but less so than flipping contexts even more
1554 * above.
1555 */
1559 /* Finish filling in the CachedPlanSource */
1561 querytree_list,
1562 unnamed_stmt_context,
1563 paramTypes,
1564 numParams,
1565 NULL,
1566 NULL,
1570 /* If we got a cancel signal during analysis, quit */
1574 {
1575 /*
1576 * Store the query as a prepared statement.
1577 */
1579 }
1580 else
1581 {
1582 /*
1583 * We just save the CachedPlanSource into unnamed_stmt_psrc.
1584 */
1587 }
1591 /*
1592 * We do NOT close the open transaction command here; that only happens
1593 * when the client sends Sync. Instead, do CommandCounterIncrement just
1594 * in case something happened during parse/plan.
1595 */
1598 /*
1599 * Send ParseComplete.
1600 */
1604 /*
1605 * Emit duration logging if appropriate.
1606 */
1608 {
1617 msec_str,
1619 query_string),
1622 }
1628 }
1630 /*
1631 * exec_bind_message
1632 *
1633 * Process a "Bind" message to create a portal from a prepared statement
1634 */
1635 static void
1637 {
1647 Portal portal;
1650 ParamListInfo params;
1651 MemoryContext oldContext;
1655 ParamsErrorCbData params_data;
1656 ErrorContextCallback params_errcxt;
1659 /* Get the fixed part of the message */
1668 /* Find prepared statement */
1670 {
1675 }
1676 else
1677 {
1678 /* special-case the unnamed statement */
1684 }
1686 /*
1687 * Report query to various monitoring facilities.
1688 */
1694 {
1698 {
1701 }
1702 }
1709 /*
1710 * Start up a transaction command so we can call functions etc. (Note that
1711 * this will normally change current memory context.) Nothing happens if
1712 * we are already in one. This also arms the statement timeout if
1713 * necessary.
1714 */
1717 /* Switch back to message context */
1720 /* Get the parameter format codes */
1723 {
1727 }
1729 /* Get the parameter value count */
1744 /*
1745 * If we are in aborted transaction state, the only portals we can
1746 * actually run are those containing COMMIT or ROLLBACK commands. We
1747 * disallow binding anything else to avoid problems with infrastructure
1748 * that expects to run inside a valid transaction. We also disallow
1749 * binding any parameters, since we can't risk calling user-defined I/O
1750 * functions.
1751 */
1762 /*
1763 * Create the portal. Allow silent replacement of an existing portal only
1764 * if the unnamed portal is specified.
1765 */
1768 else
1771 /*
1772 * Prepare to copy stuff into the portal's memory context. We do all this
1773 * copying first, because it could possibly fail (out-of-memory) and we
1774 * don't want a failure to occur between GetCachedPlan and
1775 * PortalDefineQuery; that would result in leaking our plancache refcount.
1776 */
1779 /* Copy the plan's query string into the portal */
1782 /* Likewise make a copy of the statement name, unless it's unnamed */
1785 else
1788 /*
1789 * Set a snapshot if we have parameters to fetch (since the input
1790 * functions might need it) or the query isn't a utility command (and
1791 * hence could require redoing parse analysis and planning). We keep the
1792 * snapshot active till we're done, so that plancache.c doesn't have to
1793 * take new ones.
1794 */
1798 {
1801 }
1803 /*
1804 * Fetch parameters, if any, and store in the portal's memory context.
1805 */
1807 {
1809 BindParamCbData one_param_data;
1811 /*
1812 * Set up an error callback so that if there's an error in this phase,
1813 * we can report the specific parameter causing the problem.
1814 */
1826 {
1828 int32 plength;
1829 Datum pval;
1831 StringInfoData pbuf;
1833 int16 pformat;
1842 {
1845 /*
1846 * Rather than copying data around, we just initialize a
1847 * StringInfo pointing to the correct portion of the message
1848 * buffer. We assume we can scribble on the message buffer to
1849 * add a trailing NUL which is required for the input function
1850 * call.
1851 */
1856 }
1857 else
1858 {
1861 }
1867 else
1871 {
1872 Oid typinput;
1873 Oid typioparam;
1878 /*
1879 * We have to do encoding conversion before calling the
1880 * typinput routine.
1881 */
1884 else
1887 /* Now we can log the input string in case of error */
1894 /*
1895 * If we might need to log parameters later, save a copy of
1896 * the converted string in MessageContext; then free the
1897 * result of encoding conversion, if any was done.
1898 */
1900 {
1902 {
1903 MemoryContext oldcxt;
1912 else
1913 {
1914 /*
1915 * We can trim the saved string, knowing that we
1916 * won't print all of it. But we must copy at
1917 * least two more full characters than
1918 * BuildParamLogString wants to use; otherwise it
1919 * might fail to include the trailing ellipsis.
1920 */
1923 log_parameter_max_length_on_error
1925 }
1928 }
1931 }
1932 }
1934 {
1935 Oid typreceive;
1936 Oid typioparam;
1937 StringInfo bufptr;
1939 /*
1940 * Call the parameter type's binary input converter
1941 */
1946 else
1951 /* Trouble if it didn't eat the whole buffer */
1957 }
1958 else
1959 {
1963 pformat)));
1965 }
1967 /* Restore message buffer contents */
1974 /*
1975 * We mark the params as CONST. This ensures that any custom plan
1976 * makes full use of the parameter values.
1977 */
1980 }
1982 /* Pop the per-parameter error callback */
1985 /*
1986 * Once all parameters have been received, prepare for printing them
1987 * in future errors, if configured to do so. (This is saved in the
1988 * portal, so that they'll appear when the query is executed later.)
1989 */
1993 knownTextValues,
1994 log_parameter_max_length_on_error);
1995 }
1996 else
1999 /* Done storing stuff in portal's context */
2002 /*
2003 * Set up another error callback so that all the parameters are logged if
2004 * we get an error during the rest of the BIND processing.
2005 */
2013 /* Get the result format codes */
2016 {
2020 }
2024 /*
2025 * Obtain a plan from the CachedPlanSource. Any cruft from (re)planning
2026 * will be generated in MessageContext. The plan refcount will be
2027 * assigned to the Portal, so it will be released at portal destruction.
2028 */
2031 /*
2032 * Now we can define the portal.
2033 *
2034 * DO NOT put any code that could possibly throw an error between the
2035 * above GetCachedPlan call and here.
2036 */
2038 saved_stmt_name,
2039 query_string,
2042 cplan);
2044 /* Done with the snapshot used for parameter I/O and parsing/planning */
2048 /*
2049 * And we're ready to start portal execution.
2050 */
2053 /*
2054 * Apply the result format requests to the portal.
2055 */
2058 /*
2059 * Done binding; remove the parameters error callback. Entries emitted
2060 * later determine independently whether to log the parameters or not.
2061 */
2064 /*
2065 * Send BindComplete.
2066 */
2070 /*
2071 * Emit duration logging if appropriate.
2072 */
2074 {
2083 msec_str,
2091 }
2099 }
2101 /*
2102 * exec_execute_message
2103 *
2104 * Process an "Execute" message for a portal
2105 */
2106 static void
2108 {
2109 CommandDest dest;
2111 Portal portal;
2113 QueryCompletion qc;
2116 ParamListInfo portalParams;
2122 ParamsErrorCbData params_data;
2123 ErrorContextCallback params_errcxt;
2128 /* Adjust destination to tell printtup.c what to do */
2139 /*
2140 * If the original query was a null string, just return
2141 * EmptyQueryResponse.
2142 */
2144 {
2148 }
2150 /* Does the portal contain a transaction command? */
2153 /*
2154 * We must copy the sourceText and prepStmtName into MessageContext in
2155 * case the portal is destroyed during finish_xact_command. We do not
2156 * make a copy of the portalParams though, preferring to just not print
2157 * them in that case.
2158 */
2162 else
2166 /*
2167 * Report query to various monitoring facilities.
2168 */
2174 {
2178 {
2181 }
2182 }
2193 /*
2194 * Create dest receiver in MessageContext (we don't want it in transaction
2195 * context, because that may get deleted if portal contains VACUUM).
2196 */
2201 /*
2202 * Ensure we are in a transaction command (this should normally be the
2203 * case already due to prior BIND).
2204 */
2207 /*
2208 * If we re-issue an Execute protocol request against an existing portal,
2209 * then we are only fetching more rows rather than completely re-executing
2210 * the query from the start. atStart is never reset for a v3 portal, so we
2211 * are safe to use this check.
2212 */
2215 /* Log immediately if dictated by log_statement */
2217 {
2220 execute_is_fetch ?
2223 prepStmtName,
2226 sourceText),
2230 }
2232 /*
2233 * If we are in aborted transaction state, the only portals we can
2234 * actually run are those containing COMMIT or ROLLBACK commands.
2235 */
2244 /* Check for cancel signal before we start execution */
2247 /*
2248 * Okay to run the portal. Set the error callback so that parameters are
2249 * logged. The parameters must have been saved during the bind phase.
2250 */
2262 max_rows,
2265 receiver,
2266 receiver,
2271 /* Done executing; remove the params error callback */
2275 {
2277 {
2278 /*
2279 * If this was a transaction control statement, commit it. We
2280 * will start a new xact command for the next command (if any).
2281 * Likewise if the statement required immediate commit. Without
2282 * this provision, we wouldn't force commit until Sync is
2283 * received, which creates a hazard if the client tries to
2284 * pipeline immediate-commit statements.
2285 */
2288 /*
2289 * These commands typically don't have any parameters, and even if
2290 * one did we couldn't print them now because the storage went
2291 * away during finish_xact_command. So pretend there were none.
2292 */
2294 }
2295 else
2296 {
2297 /*
2298 * We need a CommandCounterIncrement after every query, except
2299 * those that start or end a transaction block.
2300 */
2303 /*
2304 * Set XACT_FLAGS_PIPELINING whenever we complete an Execute
2305 * message without immediately committing the transaction.
2306 */
2309 /*
2310 * Disable statement timeout whenever we complete an Execute
2311 * message. The next protocol message will start a fresh timeout.
2312 */
2314 }
2316 /* Send appropriate CommandComplete to client */
2318 }
2319 else
2320 {
2321 /* Portal run not complete, so send PortalSuspended */
2325 /*
2326 * Set XACT_FLAGS_PIPELINING whenever we suspend an Execute message,
2327 * too.
2328 */
2330 }
2332 /*
2333 * Emit duration logging if appropriate.
2334 */
2336 {
2345 msec_str,
2346 execute_is_fetch ?
2349 prepStmtName,
2352 sourceText),
2356 }
2364 }
2366 /*
2367 * check_log_statement
2368 * Determine whether command should be logged because of log_statement
2369 *
2370 * stmt_list can be either raw grammar output or a list of planned
2371 * statements
2372 */
2373 static bool
2375 {
2383 /* Else we have to inspect the statement(s) to see whether to log */
2385 {
2390 }
2393 }
2395 /*
2396 * check_log_duration
2397 * Determine whether current command's duration should be logged
2398 * We also check if this statement in this transaction must be logged
2399 * (regardless of its duration).
2400 *
2401 * Returns:
2402 * 0 if no logging is needed
2403 * 1 if just the duration should be logged
2404 * 2 if duration and query details should be logged
2405 *
2406 * If logging is needed, the duration in msec is formatted into msec_str[],
2407 * which must be a 32-byte buffer.
2408 *
2409 * was_logged should be true if caller already logged query details (this
2410 * essentially prevents 2 from being returned).
2411 */
2412 int
2414 {
2417 {
2430 /*
2431 * This odd-looking test for log_min_duration_* being exceeded is
2432 * designed to avoid integer overflow with very long durations: don't
2433 * compute secs * 1000 until we've verified it will fit in int.
2434 */
2445 /*
2446 * Do not log if log_statement_sample_rate = 0. Log a sample if
2447 * log_statement_sample_rate <= 1 and avoid unnecessary PRNG call if
2448 * log_statement_sample_rate = 1.
2449 */
2456 {
2461 else
2463 }
2464 }
2467 }
2469 /*
2470 * errdetail_execute
2471 *
2472 * Add an errdetail() line showing the query referenced by an EXECUTE, if any.
2473 * The argument is the raw parsetree list.
2474 */
2475 static int
2477 {
2481 {
2485 {
2491 {
2494 }
2495 }
2496 }
2499 }
2501 /*
2502 * errdetail_params
2503 *
2504 * Add an errdetail() line showing bind-parameter data, if available.
2505 * Note that this is only used for statement logging, so it is controlled
2506 * by log_parameter_max_length not log_parameter_max_length_on_error.
2507 */
2508 static int
2510 {
2512 {
2518 }
2521 }
2523 /*
2524 * errdetail_abort
2525 *
2526 * Add an errdetail() line showing abort reason, if any.
2527 */
2528 static int
2530 {
2535 }
2537 /*
2538 * errdetail_recovery_conflict
2539 *
2540 * Add an errdetail() line showing conflict source.
2541 */
2542 static int
2544 {
2546 {
2570 /* no errdetail */
2571 }
2574 }
2576 /*
2577 * bind_param_error_callback
2578 *
2579 * Error context callback used while parsing parameters in a Bind message
2580 */
2581 static void
2583 {
2585 StringInfoData buf;
2591 /* If we have a textual value, quote it, and trim if necessary */
2593 {
2596 log_parameter_max_length_on_error);
2598 }
2599 else
2603 {
2607 else
2610 }
2611 else
2612 {
2616 else
2619 }
2623 }
2625 /*
2626 * exec_describe_statement_message
2627 *
2628 * Process a "Describe" message for a prepared statement
2629 */
2630 static void
2632 {
2635 /*
2636 * Start up a transaction command. (Note that this will normally change
2637 * current memory context.) Nothing happens if we are already in one.
2638 */
2641 /* Switch back to message context */
2644 /* Find prepared statement */
2646 {
2651 }
2652 else
2653 {
2654 /* special-case the unnamed statement */
2660 }
2662 /* Prepared statements shouldn't have changeable result descs */
2665 /*
2666 * If we are in aborted transaction state, we can't run
2667 * SendRowDescriptionMessage(), because that needs catalog accesses.
2668 * Hence, refuse to Describe statements that return data. (We shouldn't
2669 * just refuse all Describes, since that might break the ability of some
2670 * clients to issue COMMIT or ROLLBACK commands, if they use code that
2671 * blindly Describes whatever it does.) We can Describe parameters
2672 * without doing anything dangerous, so we don't restrict that.
2673 */
2685 /*
2686 * First describe the parameters...
2687 */
2692 {
2696 }
2699 /*
2700 * Next send RowDescription or NoData to describe the result...
2701 */
2703 {
2706 /* Get the plan's primary targetlist */
2711 tlist,
2712 NULL);
2713 }
2714 else
2716 }
2718 /*
2719 * exec_describe_portal_message
2720 *
2721 * Process a "Describe" message for a portal
2722 */
2723 static void
2725 {
2726 Portal portal;
2728 /*
2729 * Start up a transaction command. (Note that this will normally change
2730 * current memory context.) Nothing happens if we are already in one.
2731 */
2734 /* Switch back to message context */
2743 /*
2744 * If we are in aborted transaction state, we can't run
2745 * SendRowDescriptionMessage(), because that needs catalog accesses.
2746 * Hence, refuse to Describe portals that return data. (We shouldn't just
2747 * refuse all Describes, since that might break the ability of some
2748 * clients to issue COMMIT or ROLLBACK commands, if they use code that
2749 * blindly Describes whatever it does.)
2750 */
2767 else
2769 }
2772 /*
2773 * Convenience routines for starting/committing a single command.
2774 */
2775 static void
2777 {
2779 {
2783 }
2785 /*
2786 * Start statement timeout if necessary. Note that this'll intentionally
2787 * not reset the clock on an already started timeout, to avoid the timing
2788 * overhead when start_xact_command() is invoked repeatedly, without an
2789 * interceding finish_xact_command() (e.g. parse/bind/execute). If that's
2790 * not desired, the timeout has to be disabled explicitly.
2791 */
2794 /* Start timeout for checking if the client has gone away if necessary. */
2796 IsUnderPostmaster &&
2797 MyProcPort &&
2800 client_connection_check_interval);
2801 }
2803 static void
2805 {
2806 /* cancel active statement timeout after each command */
2810 {
2813 #ifdef MEMORY_CONTEXT_CHECKING
2814 /* Check all memory contexts that weren't freed during commit */
2815 /* (those that were, were checked before being deleted) */
2817 #endif
2819 #ifdef SHOW_MEMORY_STATS
2820 /* Print mem stats after each commit for leak tracking */
2822 #endif
2825 }
2826 }
2829 /*
2830 * Convenience routines for checking whether a statement is one of the
2831 * ones that we allow in transaction-aborted state.
2832 */
2834 /* Test a bare parsetree */
2835 static bool
2837 {
2839 {
2847 }
2849 }
2851 /* Test a list that contains PlannedStmt nodes */
2852 static bool
2854 {
2856 {
2862 }
2864 }
2866 /* Test a list that contains PlannedStmt nodes */
2867 static bool
2869 {
2871 {
2877 }
2879 }
2881 /* Release any existing unnamed prepared statement */
2882 static void
2884 {
2885 /* paranoia to avoid a dangling pointer in case of error */
2887 {
2892 }
2893 }
2896 /* --------------------------------
2897 * signal handler routines used in PostgresMain()
2898 * --------------------------------
2899 */
2901 /*
2902 * quickdie() occurs when signaled SIGQUIT by the postmaster.
2903 *
2904 * Either some backend has bought the farm, or we've been told to shut down
2905 * "immediately"; so we need to stop what we're doing and exit.
2906 */
2907 void
2909 {
2913 /*
2914 * Prevent interrupts while exiting; though we just blocked signals that
2915 * would queue new interrupts, one may have been pending. We don't want a
2916 * quickdie() downgraded to a mere query cancel.
2917 */
2920 /*
2921 * If we're aborting out of client auth, don't risk trying to send
2922 * anything to the client; we will likely violate the protocol, not to
2923 * mention that we may have interrupted the guts of OpenSSL or some
2924 * authentication library.
2925 */
2929 /*
2930 * Notify the client before exiting, to give a clue on what happened.
2931 *
2932 * It's dubious to call ereport() from a signal handler. It is certainly
2933 * not async-signal safe. But it seems better to try, than to disconnect
2934 * abruptly and leave the client wondering what happened. It's remotely
2935 * possible that we crash or hang while trying to send the message, but
2936 * receiving a SIGQUIT is a sign that something has already gone badly
2937 * wrong, so there's not much to lose. Assuming the postmaster is still
2938 * running, it will SIGKILL us soon if we get stuck for some reason.
2939 *
2940 * One thing we can do to make this a tad safer is to clear the error
2941 * context stack, so that context callbacks are not called. That's a lot
2942 * less code that could be reached here, and the context info is unlikely
2943 * to be very relevant to a SIGQUIT report anyway.
2944 */
2947 /*
2948 * When responding to a postmaster-issued signal, we send the message only
2949 * to the client; sending to the server log just creates log spam, plus
2950 * it's more code that we need to hope will work in a signal handler.
2951 *
2952 * Ideally these should be ereport(FATAL), but then we'd not get control
2953 * back to force the correct type of process exit.
2954 */
2956 {
2958 /* Hmm, SIGQUIT arrived out of the blue */
2964 /* A crash-and-restart cycle is in progress */
2969 " the current transaction and exit, because another"
2970 " server process exited abnormally and possibly corrupted"
2976 /* Immediate-mode stop */
2981 }
2983 /*
2984 * We DO NOT want to run proc_exit() or atexit() callbacks -- we're here
2985 * because shared memory may be corrupted, so we don't want to try to
2986 * clean up our transaction. Just nail the windows shut and get out of
2987 * town. The callbacks wouldn't be safe to run from a signal handler,
2988 * anyway.
2989 *
2990 * Note we do _exit(2) not _exit(0). This is to force the postmaster into
2991 * a system reset cycle if someone sends a manual SIGQUIT to a random
2992 * backend. This is necessary precisely because we don't clean up our
2993 * shared memory state. (The "dead man switch" mechanism in pmsignal.c
2994 * should ensure the postmaster sees this as a crash, too, but no harm in
2995 * being doubly sure.)
2996 */
2998 }
3000 /*
3001 * Shutdown signal from postmaster: abort transaction and exit
3002 * at soonest convenient time
3003 */
3004 void
3006 {
3007 /* Don't joggle the elbow of proc_exit */
3009 {
3012 }
3014 /* for the cumulative stats system */
3017 /* If we're still here, waken anything waiting on the process latch */
3020 /*
3021 * If we're in single user mode, we want to quit immediately - we can't
3022 * rely on latches as they wouldn't work when stdin/stdout is a file.
3023 * Rather ugly, but it's unlikely to be worthwhile to invest much more
3024 * effort just for the benefit of single user mode.
3025 */
3028 }
3030 /*
3031 * Query-cancel signal from postmaster: abort current transaction
3032 * at soonest convenient time
3033 */
3034 void
3036 {
3037 /*
3038 * Don't joggle the elbow of proc_exit
3039 */
3041 {
3044 }
3046 /* If we're still here, waken anything waiting on the process latch */
3048 }
3050 /* signal handler for floating point exception */
3051 void
3053 {
3054 /* We're not returning, so no need to save errno */
3059 "This probably means an out-of-range result or an "
3061 }
3063 /*
3064 * Tell the next CHECK_FOR_INTERRUPTS() to check for a particular type of
3065 * recovery conflict. Runs in a SIGUSR1 handler.
3066 */
3067 void
3069 {
3073 /* latch will be set by procsignal_sigusr1_handler */
3074 }
3076 /*
3077 * Check one individual conflict reason.
3078 */
3079 static void
3081 {
3083 {
3086 /*
3087 * If we aren't waiting for a lock we can never deadlock.
3088 */
3092 /* Intentional fall through to check wait for pin */
3093 /* FALLTHROUGH */
3097 /*
3098 * If PROCSIG_RECOVERY_CONFLICT_BUFFERPIN is requested but we
3099 * aren't blocking the Startup process there is nothing more to
3100 * do.
3101 *
3102 * When PROCSIG_RECOVERY_CONFLICT_STARTUP_DEADLOCK is requested,
3103 * if we're waiting for locks and the startup process is not
3104 * waiting for buffer pin (i.e., also waiting for locks), we set
3105 * the flag so that ProcSleep() will check for deadlocks.
3106 */
3108 {
3113 }
3117 /* Intentional fall through to error handling */
3118 /* FALLTHROUGH */
3124 /*
3125 * If we aren't in a transaction any longer then ignore.
3126 */
3130 /* FALLTHROUGH */
3134 /*
3135 * If we're not in a subtransaction then we are OK to throw an
3136 * ERROR to resolve the conflict. Otherwise drop through to the
3137 * FATAL case.
3138 *
3139 * PROCSIG_RECOVERY_CONFLICT_LOGICALSLOT is a special case that
3140 * always throws an ERROR (ie never promotes to FATAL), though it
3141 * still has to respect QueryCancelHoldoffCount, so it shares this
3142 * code path. Logical decoding slots are only acquired while
3143 * performing logical decoding. During logical decoding no user
3144 * controlled code is run. During [sub]transaction abort, the
3145 * slot is released. Therefore user controlled code cannot
3146 * intercept an error before the replication slot is released.
3147 *
3148 * XXX other times that we can throw just an ERROR *may* be
3149 * PROCSIG_RECOVERY_CONFLICT_LOCK if no locks are held in parent
3150 * transactions
3151 *
3152 * PROCSIG_RECOVERY_CONFLICT_SNAPSHOT if no snapshots are held by
3153 * parent transactions and the transaction is not
3154 * transaction-snapshot mode
3155 *
3156 * PROCSIG_RECOVERY_CONFLICT_TABLESPACE if no temp files or
3157 * cursors open in parent transactions
3158 */
3161 {
3162 /*
3163 * If we already aborted then we no longer need to cancel. We
3164 * do this here since we do not wish to ignore aborted
3165 * subtransactions, which must cause FATAL, currently.
3166 */
3170 /*
3171 * If a recovery conflict happens while we are waiting for
3172 * input from the client, the client is presumably just
3173 * sitting idle in a transaction, preventing recovery from
3174 * making progress. We'll drop through to the FATAL case
3175 * below to dislodge it, in that case.
3176 */
3178 {
3179 /* Avoid losing sync in the FE/BE protocol. */
3181 {
3182 /*
3183 * Re-arm and defer this interrupt until later. See
3184 * similar code in ProcessInterrupts().
3185 */
3190 }
3192 /*
3193 * We are cleared to throw an ERROR. Either it's the
3194 * logical slot case, or we have a top-level transaction
3195 * that we can abort and a conflict that isn't inherently
3196 * non-retryable.
3197 */
3205 }
3206 }
3208 /* Intentional fall through to session cancel */
3209 /* FALLTHROUGH */
3213 /*
3214 * Retrying is not possible because the database is dropped, or we
3215 * decided above that we couldn't resolve the conflict with an
3216 * ERROR and fell through. Terminate the session.
3217 */
3221 ERRCODE_DATABASE_DROPPED :
3222 ERRCODE_T_R_SERIALIZATION_FAILURE),
3231 }
3232 }
3234 /*
3235 * Check each possible recovery conflict reason.
3236 */
3237 static void
3239 {
3240 /*
3241 * We don't need to worry about joggling the elbow of proc_exit, because
3242 * proc_exit_prepare() holds interrupts, so ProcessInterrupts() won't call
3243 * us.
3244 */
3253 reason++)
3254 {
3256 {
3259 }
3260 }
3261 }
3263 /*
3264 * ProcessInterrupts: out-of-line portion of CHECK_FOR_INTERRUPTS() macro
3265 *
3266 * If an interrupt condition is pending, and it's safe to service it,
3267 * then clear the flag and accept the interrupt. Called only when
3268 * InterruptPending is true.
3269 *
3270 * Note: if INTERRUPTS_CAN_BE_PROCESSED() is true, then ProcessInterrupts
3271 * is guaranteed to clear the InterruptPending flag before returning.
3272 * (This is not the same as guaranteeing that it's still clear when we
3273 * return; another interrupt could have arrived. But we promise that
3274 * any pre-existing one will have been serviced.)
3275 */
3276 void
3278 {
3279 /* OK to accept any interrupts now? */
3285 {
3289 /* As in quickdie, don't risk sending to client during auth */
3305 {
3309 /*
3310 * The logical replication launcher can be stopped at any time.
3311 * Use exit status 1 so the background worker is restarted.
3312 */
3314 }
3320 else
3324 }
3327 {
3330 /*
3331 * Check for lost connection and re-arm, if still configured, but not
3332 * if we've arrived back at DoingCommandRead state. We don't want to
3333 * wake up idle sessions, and they already know how to detect lost
3334 * connections.
3335 */
3337 {
3340 else
3342 client_connection_check_interval);
3343 }
3344 }
3347 {
3350 /* don't send to client, we already know the connection to be dead. */
3355 }
3357 /*
3358 * Don't allow query cancel interrupts while reading input from the
3359 * client, because we might lose sync in the FE/BE protocol. (Die
3360 * interrupts are OK, because we won't read any further messages from the
3361 * client in that case.)
3362 *
3363 * See similar logic in ProcessRecoveryConflictInterrupts().
3364 */
3366 {
3367 /*
3368 * Re-arm InterruptPending so that we process the cancel request as
3369 * soon as we're done reading the message. (XXX this is seriously
3370 * ugly: it complicates INTERRUPTS_CAN_BE_PROCESSED(), and it means we
3371 * can't use that macro directly as the initial test in this function,
3372 * meaning that this code also creates opportunities for other bugs to
3373 * appear.)
3374 */
3376 }
3378 {
3384 /*
3385 * If LOCK_TIMEOUT and STATEMENT_TIMEOUT indicators are both set, we
3386 * need to clear both, so always fetch both.
3387 */
3391 /*
3392 * If both were set, we want to report whichever timeout completed
3393 * earlier; this ensures consistent behavior if the machine is slow
3394 * enough that the second timeout triggers before we get here. A tie
3395 * is arbitrarily broken in favor of reporting a lock timeout.
3396 */
3402 {
3407 }
3409 {
3414 }
3416 {
3421 }
3423 /*
3424 * If we are reading a command from the client, just ignore the cancel
3425 * request --- sending an extra error message won't accomplish
3426 * anything. Otherwise, go ahead and throw the error.
3427 */
3429 {
3434 }
3435 }
3441 {
3442 /*
3443 * If the GUC has been reset to zero, ignore the signal. This is
3444 * important because the GUC update itself won't disable any pending
3445 * interrupt. We need to unset the flag before the injection point,
3446 * otherwise we could loop in interrupts checking.
3447 */
3450 {
3455 }
3456 }
3459 {
3460 /* As above, ignore the signal if the GUC has been reset to zero. */
3463 {
3468 }
3469 }
3472 {
3473 /* As above, ignore the signal if the GUC has been reset to zero. */
3476 {
3481 }
3482 }
3484 /*
3485 * If there are pending stats updates and we currently are truly idle
3486 * (matching the conditions in PostgresMain(), report stats now.
3487 */
3490 {
3493 }
3506 }
3508 /*
3509 * set_stack_base: set up reference point for stack depth checking
3510 *
3511 * Returns the old reference point, if any.
3512 */
3513 pg_stack_base_t
3515 {
3516 #ifndef HAVE__BUILTIN_FRAME_ADDRESS
3518 #endif
3519 pg_stack_base_t old;
3523 /*
3524 * Set up reference point for stack depth checking. On recent gcc we use
3525 * __builtin_frame_address() to avoid a warning about storing a local
3526 * variable's address in a long-lived variable.
3527 */
3528 #ifdef HAVE__BUILTIN_FRAME_ADDRESS
3530 #else
3532 #endif
3535 }
3537 /*
3538 * restore_stack_base: restore reference point for stack depth checking
3539 *
3540 * This can be used after set_stack_base() to restore the old value. This
3541 * is currently only used in PL/Java. When PL/Java calls a backend function
3542 * from different thread, the thread's stack is at a different location than
3543 * the main thread's stack, so it sets the base pointer before the call, and
3544 * restores it afterwards.
3545 */
3546 void
3548 {
3550 }
3552 /*
3553 * check_stack_depth/stack_is_too_deep: check for excessively deep recursion
3554 *
3555 * This should be called someplace in any recursive routine that might possibly
3556 * recurse deep enough to overflow the stack. Most Unixen treat stack
3557 * overflow as an unrecoverable SIGSEGV, so we want to error out ourselves
3558 * before hitting the hardware limit.
3559 *
3560 * check_stack_depth() just throws an error summarily. stack_is_too_deep()
3561 * can be used by code that wants to handle the error condition itself.
3562 */
3563 void
3565 {
3567 {
3573 max_stack_depth)));
3574 }
3575 }
3577 bool
3579 {
3583 /*
3584 * Compute distance from reference point to my local variables
3585 */
3588 /*
3589 * Take abs value, since stacks grow up on some machines, down on others
3590 */
3594 /*
3595 * Trouble?
3596 *
3597 * The test on stack_base_ptr prevents us from erroring out if called
3598 * during process setup or in a non-backend process. Logically it should
3599 * be done first, but putting it here avoids wasting cycles during normal
3600 * cases.
3601 */
3607 }
3609 /* GUC check hook for max_stack_depth */
3610 bool
3612 {
3617 {
3620 GUC_check_errhint("Increase the platform's stack depth limit via \"ulimit -s\" or local equivalent.");
3622 }
3624 }
3626 /* GUC assign hook for max_stack_depth */
3627 void
3629 {
3633 }
3635 /*
3636 * GUC check_hook for client_connection_check_interval
3637 */
3638 bool
3640 {
3642 {
3643 GUC_check_errdetail("\"client_connection_check_interval\" must be set to 0 on this platform.");
3645 }
3647 }
3649 /*
3650 * GUC check_hook for log_parser_stats, log_planner_stats, log_executor_stats
3651 *
3652 * This function and check_log_stats interact to prevent their variables from
3653 * being set in a disallowed combination. This is a hack that doesn't really
3654 * work right; for example it might fail while applying pg_db_role_setting
3655 * values even though the final state would have been acceptable. However,
3656 * since these variables are legacy settings with little production usage,
3657 * we tolerate that.
3658 */
3659 bool
3661 {
3663 {
3666 }
3668 }
3670 /*
3671 * GUC check_hook for log_statement_stats
3672 */
3673 bool
3675 {
3678 {
3683 }
3685 }
3687 /* GUC assign hook for transaction_timeout */
3688 void
3690 {
3692 {
3693 /*
3694 * If transaction_timeout GUC has changed within the transaction block
3695 * enable or disable the timer correspondingly.
3696 */
3701 }
3702 }
3704 /*
3705 * GUC check_hook for restrict_nonsystem_relation_kind
3706 */
3707 bool
3709 {
3715 /* Need a modifiable copy of string */
3719 {
3720 /* syntax error in list */
3725 }
3728 {
3735 else
3736 {
3741 }
3742 }
3747 /* Save the flags in *extra, for use by the assign function */
3752 }
3754 /*
3755 * GUC assign_hook for restrict_nonsystem_relation_kind
3756 */
3757 void
3759 {
3763 }
3765 /*
3766 * set_debug_options --- apply "-d N" command line option
3767 *
3768 * -d is not quite the same as setting log_min_messages because it enables
3769 * other output options.
3770 */
3771 void
3773 {
3775 {
3780 }
3781 else
3785 {
3788 }
3797 }
3800 bool
3802 {
3806 {
3831 }
3833 {
3836 }
3837 else
3839 }
3844 {
3846 {
3857 }
3860 }
3863 /* ----------------------------------------------------------------
3864 * process_postgres_switches
3865 * Parse command line arguments for backends
3866 *
3867 * This is called twice, once for the "secure" options coming from the
3868 * postmaster or command line, and once for the "insecure" options coming
3869 * from the client's startup packet. The latter have the same syntax but
3870 * may be restricted in what they can do.
3871 *
3872 * argv[0] is ignored in either case (it's assumed to be the program name).
3873 *
3874 * ctx is PGC_POSTMASTER for secure options, PGC_BACKEND for insecure options
3875 * coming from the client, or PGC_SU_BACKEND for insecure options coming from
3876 * a superuser client.
3877 *
3878 * If a database name is present in the command line arguments, it's
3879 * returned into *dbname (this is allowed only if *dbname is initially NULL).
3880 * ----------------------------------------------------------------
3881 */
3882 void
3885 {
3888 GucSource gucsource;
3892 {
3895 /* Ignore the initial --single argument, if present */
3897 {
3898 argv++;
3899 argc--;
3900 }
3901 }
3902 else
3903 {
3905 }
3907 #ifdef HAVE_INT_OPTERR
3909 /*
3910 * Turn this off because it's either printed to stderr and not the log
3911 * where we'd want it, or argv[0] is now "--single", which would make for
3912 * a weird error message. We print our own error message below.
3913 */
3915 #endif
3917 /*
3918 * Parse command-line options. CAUTION: keep this in sync with
3919 * postmaster/postmaster.c (the option sets should not conflict) and with
3920 * the common help() function in main/main.c.
3921 */
3923 {
3925 {
3931 /* Undocumented flag used for binary upgrades */
3937 /* ignored for consistency with the postmaster */
3942 {
3948 {
3953 optarg)));
3954 else
3958 optarg)));
3959 }
3964 }
3990 errs++;
4019 /* ignored for consistency with postmaster */
4035 /* send output (stdout and stderr) to the given file */
4049 /* ignored for consistency with the postmaster */
4053 {
4058 else
4059 errs++;
4061 }
4065 /*
4066 * -v is no longer used in normal operation, since
4067 * FrontendProtocol is already set before we get here. We keep
4068 * the switch only for possible use in standalone operation,
4069 * in case we ever support using normal FE/BE protocol with a
4070 * standalone backend.
4071 */
4081 errs++;
4083 }
4087 }
4089 /*
4090 * Optional database name should be there only if *dbname is NULL.
4091 */
4096 {
4100 /* spell the error message a bit differently depending on context */
4106 else
4112 }
4114 /*
4115 * Reset getopt(3) library so that it will work correctly in subprocesses
4116 * or when this function is called a second time with another array.
4117 */
4119 #ifdef HAVE_INT_OPTRESET
4121 #endif
4122 }
4125 /*
4126 * PostgresSingleUserMain
4127 * Entry point for single user mode. argc/argv are the command line
4128 * arguments to be used.
4129 *
4130 * Performs single user specific setup then calls PostgresMain() to actually
4131 * process queries. Single user mode specific setup should go here, rather
4132 * than PostgresMain() or InitPostgres() when reasonably possible.
4133 */
4134 void
4137 {
4142 /* Initialize startup process environment. */
4145 /*
4146 * Set default values for command-line options.
4147 */
4150 /*
4151 * Parse command-line options.
4152 */
4155 /* Must have gotten a database name, or have a default (the username) */
4157 {
4163 progname)));
4164 }
4166 /* Acquire configuration parameters */
4170 /*
4171 * Validate we have been given a reasonable-looking DataDir and change
4172 * into it.
4173 */
4177 /*
4178 * Create lockfile for data directory.
4179 */
4182 /* read control file (error checking and contains config ) */
4185 /*
4186 * process any libraries that should be preloaded at postmaster start
4187 */
4190 /* Initialize MaxBackends */
4193 /* Initialize size of fast-path lock cache. */
4196 /*
4197 * Give preloaded libraries a chance to request additional shared memory.
4198 */
4201 /*
4202 * Now that loadable modules have had their chance to request additional
4203 * shared memory, determine the value of any runtime-computed GUCs that
4204 * depend on the amount of shared memory required.
4205 */
4208 /*
4209 * Now that modules have been loaded, we can process any custom resource
4210 * managers specified in the wal_consistency_checking GUC.
4211 */
4216 /*
4217 * Remember stand-alone backend startup time,roughly at the same point
4218 * during startup that postmaster does so.
4219 */
4222 /*
4223 * Create a per-backend PGPROC struct in shared memory. We must do this
4224 * before we can use LWLocks.
4225 */
4228 /*
4229 * Now that sufficient infrastructure has been initialized, PostgresMain()
4230 * can do the rest.
4231 */
4233 }
4236 /* ----------------------------------------------------------------
4237 * PostgresMain
4238 * postgres main loop -- all backends, interactive or otherwise loop here
4239 *
4240 * dbname is the name of the database to connect to, username is the
4241 * PostgreSQL user name to be used for the session.
4242 *
4243 * NB: Single user mode specific setup should go to PostgresSingleUserMain()
4244 * if reasonably possible.
4245 * ----------------------------------------------------------------
4246 */
4247 void
4249 {
4250 sigjmp_buf local_sigjmp_buf;
4252 /* these must be volatile to ensure state is preserved across longjmp: */
4262 /*
4263 * Set up signal handlers. (InitPostmasterChild or InitStandaloneProcess
4264 * has already set up BlockSig and made that the active signal mask.)
4265 *
4266 * Note that postmaster blocked all signals before forking child process,
4267 * so there is no race condition whereby we might receive a signal before
4268 * we have set up the handler.
4269 *
4270 * Also note: it's best not to use any signals that are SIG_IGNored in the
4271 * postmaster. If such a signal arrives before we are able to change the
4272 * handler to non-SIG_IGN, it'll get dropped. Instead, make a dummy
4273 * handler in the postmaster to reserve the signal. (Of course, this isn't
4274 * an issue for signals that are locally generated, such as SIGALRM and
4275 * SIGPIPE.)
4276 */
4279 else
4280 {
4285 /*
4286 * In a postmaster child backend, replace SignalHandlerForCrashExit
4287 * with quickdie, so we can tell the client we're dying.
4288 *
4289 * In a standalone backend, SIGQUIT can be generated from the keyboard
4290 * easily, while SIGTERM cannot, so we make both signals do die()
4291 * rather than quickdie().
4292 */
4295 else
4299 /*
4300 * Ignore failure to write to frontend. Note: if frontend closes
4301 * connection, we will notice it and exit cleanly when control next
4302 * returns to outer loop. This seems safer than forcing exit in the
4303 * midst of output during who-knows-what operation...
4304 */
4310 /*
4311 * Reset some signals that are accepted by postmaster but not by
4312 * backend
4313 */
4315 * platforms */
4316 }
4318 /* Early initialization */
4321 /* We need to allow SIGINT, etc during the initial transaction */
4324 /*
4325 * Generate a random cancel key, if this is a backend serving a
4326 * connection. InitPostgres() will advertise it in shared memory.
4327 */
4330 {
4332 {
4336 }
4338 }
4340 /*
4341 * General initialization.
4342 *
4343 * NOTE: if you are tempted to add code in this vicinity, consider putting
4344 * it inside InitPostgres() instead. In particular, anything that
4345 * involves database access should be there, not here.
4346 *
4347 * Honor session_preload_libraries if not dealing with a WAL sender.
4348 */
4354 /*
4355 * If the PostmasterContext is still around, recycle the space; we don't
4356 * need it anymore after InitPostgres completes.
4357 */
4359 {
4362 }
4366 /*
4367 * Now all GUC states are fully set up. Report them to client if
4368 * appropriate.
4369 */
4372 /*
4373 * Also set up handler to log session end; we have to wait till now to be
4374 * sure Log_disconnections has its final value.
4375 */
4381 /* Perform initialization specific to a WAL sender process. */
4385 /*
4386 * Send this backend's cancellation info to the frontend.
4387 */
4389 {
4390 StringInfoData buf;
4397 /* Need not flush since ReadyForQuery will do it. */
4398 }
4400 /* Welcome banner for standalone case */
4404 /*
4405 * Create the memory context we will use in the main loop.
4406 *
4407 * MessageContext is reset once per iteration of the main loop, ie, upon
4408 * completion of processing of each command message from the client.
4409 */
4412 ALLOCSET_DEFAULT_SIZES);
4414 /*
4415 * Create memory context and buffer used for RowDescription messages. As
4416 * SendRowDescriptionMessage(), via exec_describe_statement_message(), is
4417 * frequently executed for ever single statement, we don't want to
4418 * allocate a separate buffer every time.
4419 */
4422 ALLOCSET_DEFAULT_SIZES);
4427 /* Fire any defined login event triggers, if appropriate */
4430 /*
4431 * POSTGRES main processing loop begins here
4432 *
4433 * If an exception is encountered, processing resumes here so we abort the
4434 * current transaction and start a new one.
4435 *
4436 * You might wonder why this isn't coded as an infinite loop around a
4437 * PG_TRY construct. The reason is that this is the bottom of the
4438 * exception stack, and so with PG_TRY there would be no exception handler
4439 * in force at all during the CATCH part. By leaving the outermost setjmp
4440 * always active, we have at least some chance of recovering from an error
4441 * during error recovery. (If we get into an infinite loop thereby, it
4442 * will soon be stopped by overflow of elog.c's internal state stack.)
4443 *
4444 * Note that we use sigsetjmp(..., 1), so that this function's signal mask
4445 * (to wit, UnBlockSig) will be restored when longjmp'ing to here. This
4446 * is essential in case we longjmp'd out of a signal handler on a platform
4447 * where that leaves the signal blocked. It's not redundant with the
4448 * unblock in AbortTransaction() because the latter is only called if we
4449 * were inside a transaction.
4450 */
4453 {
4454 /*
4455 * NOTE: if you are tempted to add more code in this if-block,
4456 * consider the high probability that it should be in
4457 * AbortTransaction() instead. The only stuff done directly here
4458 * should be stuff that is guaranteed to apply *only* for outer-level
4459 * error recovery, such as adjusting the FE/BE protocol status.
4460 */
4462 /* Since not using PG_TRY, must reset error stack by hand */
4465 /* Prevent interrupts while cleaning up */
4468 /*
4469 * Forget any pending QueryCancel request, since we're returning to
4470 * the idle loop anyway, and cancel any active timeout requests. (In
4471 * future we might want to allow some timeout requests to survive, but
4472 * at minimum it'd be necessary to do reschedule_timeouts(), in case
4473 * we got here because of a query cancel interrupting the SIGALRM
4474 * interrupt handler.) Note in particular that we must clear the
4475 * statement and lock timeout indicators, to prevent any future plain
4476 * query cancels from being misreported as timeouts in case we're
4477 * forgetting a timeout cancel.
4478 */
4484 /* Not reading from the client anymore. */
4487 /* Make sure libpq is in a good state */
4490 /* Report the error to the client and/or server log */
4493 /*
4494 * If Valgrind noticed something during the erroneous query, print the
4495 * query string, assuming we have one.
4496 */
4499 /*
4500 * Make sure debug_query_string gets reset before we possibly clobber
4501 * the storage it points at.
4502 */
4505 /*
4506 * Abort the current transaction in order to recover.
4507 */
4515 /*
4516 * We can't release replication slots inside AbortTransaction() as we
4517 * need to be able to start and abort transactions while having a slot
4518 * acquired. But we never need to hold them across top level errors,
4519 * so releasing here is fine. There also is a before_shmem_exit()
4520 * callback ensuring correct cleanup on FATAL errors.
4521 */
4525 /* We also want to cleanup temporary slots on error. */
4530 /*
4531 * Now return to normal top-level context and clear ErrorContext for
4532 * next time.
4533 */
4537 /*
4538 * If we were handling an extended-query-protocol message, initiate
4539 * skip till next Sync. This also causes us not to issue
4540 * ReadyForQuery (until we get Sync).
4541 */
4545 /* We don't have a transaction command open anymore */
4548 /*
4549 * If an error occurred while we were reading a message from the
4550 * client, we have potentially lost track of where the previous
4551 * message ends and the next one begins. Even though we have
4552 * otherwise recovered from the error, we cannot safely read any more
4553 * messages from the client, so there isn't much we can do with the
4554 * connection anymore.
4555 */
4561 /* Now we can allow interrupts again */
4563 }
4565 /* We can now handle ereport(ERROR) */
4571 /*
4572 * Non-error queries loop here.
4573 */
4576 {
4578 StringInfoData input_message;
4580 /*
4581 * At top of loop, reset extended-query-message flag, so that any
4582 * errors encountered in "idle" state don't provoke skip.
4583 */
4586 /*
4587 * For valgrind reporting purposes, the "current query" begins here.
4588 */
4589 #ifdef USE_VALGRIND
4591 #endif
4593 /*
4594 * Release storage left over from prior query cycle, and create a new
4595 * query input buffer in the cleared MessageContext.
4596 */
4602 /*
4603 * Also consider releasing our catalog snapshot if any, so that it's
4604 * not preventing advance of global xmin while we wait for the client.
4605 */
4608 /*
4609 * (1) If we've reached idle state, tell the frontend we're ready for
4610 * a new query.
4611 *
4612 * Note: this includes fflush()'ing the last of the prior output.
4613 *
4614 * This is also a good time to flush out collected statistics to the
4615 * cumulative stats system, and to update the PS stats display. We
4616 * avoid doing those every time through the message loop because it'd
4617 * slow down processing of batched messages, and because we don't want
4618 * to report uncommitted updates (that confuses autovacuum). The
4619 * notification processor wants a call too, if we are not in a
4620 * transaction block.
4621 *
4622 * Also, if an idle timeout is enabled, start the timer for that.
4623 */
4625 {
4627 {
4631 /* Start the idle-in-transaction timer */
4634 {
4637 IdleInTransactionSessionTimeout);
4638 }
4639 }
4641 {
4645 /* Start the idle-in-transaction timer */
4648 {
4651 IdleInTransactionSessionTimeout);
4652 }
4653 }
4654 else
4655 {
4658 /*
4659 * Process incoming notifies (including self-notifies), if
4660 * any, and send relevant messages to the client. Doing it
4661 * here helps ensure stable behavior in tests: if any notifies
4662 * were received during the just-finished transaction, they'll
4663 * be seen by the client before ReadyForQuery is.
4664 */
4668 /*
4669 * Check if we need to report stats. If pgstat_report_stat()
4670 * decides it's too soon to flush out pending stats / lock
4671 * contention prevented reporting, it'll tell us when we
4672 * should try to report stats again (so that stats updates
4673 * aren't unduly delayed if the connection goes idle for a
4674 * long time). We only enable the timeout if we don't already
4675 * have a timeout in progress, because we don't disable the
4676 * timeout below. enable_timeout_after() needs to determine
4677 * the current timestamp, which can have a negative
4678 * performance impact. That's OK because pgstat_report_stat()
4679 * won't have us wake up sooner than a prior call.
4680 */
4683 {
4686 stats_timeout);
4687 }
4688 else
4689 {
4690 /* all stats flushed, no need for the timeout */
4693 }
4698 /* Start the idle-session timer */
4700 {
4703 IdleSessionTimeout);
4704 }
4705 }
4707 /* Report any recently-changed GUC options */
4712 }
4714 /*
4715 * (2) Allow asynchronous signals to be executed immediately if they
4716 * come in while we are waiting for client input. (This must be
4717 * conditional since we don't want, say, reads on behalf of COPY FROM
4718 * STDIN doing the same thing.)
4719 */
4722 /*
4723 * (3) read a command (loop blocks here)
4724 */
4727 /*
4728 * (4) turn off the idle-in-transaction and idle-session timeouts if
4729 * active. We do this before step (5) so that any last-moment timeout
4730 * is certain to be detected in step (5).
4731 *
4732 * At most one of these timeouts will be active, so there's no need to
4733 * worry about combining the timeout.c calls into one.
4734 */
4736 {
4739 }
4741 {
4744 }
4746 /*
4747 * (5) disable async signal conditions again.
4748 *
4749 * Query cancel is supposed to be a no-op when there is no query in
4750 * progress, so if a query cancel arrived while we were idle, just
4751 * reset QueryCancelPending. ProcessInterrupts() has that effect when
4752 * it's called when DoingCommandRead is set, so check for interrupts
4753 * before resetting DoingCommandRead.
4754 */
4758 /*
4759 * (6) check for any other interesting events that happened while we
4760 * slept.
4761 */
4763 {
4766 }
4768 /*
4769 * (7) process the command. But ignore it if we're skipping till
4770 * Sync.
4771 */
4776 {
4778 {
4781 /* Set statement_timestamp() */
4788 {
4791 }
4792 else
4798 }
4802 {
4810 /* Set statement_timestamp() */
4817 {
4821 }
4828 }
4834 /* Set statement_timestamp() */
4837 /*
4838 * this message is complex enough that it seems best to put
4839 * the field extraction out-of-line
4840 */
4843 /* exec_bind_message does valgrind_report_error_query */
4847 {
4853 /* Set statement_timestamp() */
4862 /* exec_execute_message does valgrind_report_error_query */
4863 }
4869 /* Set statement_timestamp() */
4872 /* Report query to various monitoring facilities. */
4876 /* start an xact for this function invocation */
4879 /*
4880 * Note: we may at this point be inside an aborted
4881 * transaction. We can't throw error for that until we've
4882 * finished reading the function-call message, so
4883 * HandleFunctionRequest() must check for it after doing so.
4884 * Be careful not to do anything that assumes we're inside a
4885 * valid transaction here.
4886 */
4888 /* switch back to message context */
4893 /* commit the function-invocation transaction */
4902 {
4913 {
4917 else
4918 {
4919 /* special-case the unnamed statement */
4921 }
4924 {
4925 Portal portal;
4930 }
4936 close_type)));
4938 }
4944 }
4948 {
4954 /* Set statement_timestamp() (needed for xact) */
4962 {
4973 describe_type)));
4975 }
4978 }
4994 /*
4995 * 'X' means that the frontend is closing down the socket. EOF
4996 * means unexpected loss of frontend connection. Either way,
4997 * perform normal shutdown.
4998 */
5001 /* for the cumulative statistics system */
5004 /* FALLTHROUGH */
5008 /*
5009 * Reset whereToSendOutput to prevent ereport from attempting
5010 * to send any more messages to client.
5011 */
5015 /*
5016 * NOTE: if you are tempted to add more code here, DON'T!
5017 * Whatever you had in mind to do should be set up as an
5018 * on_proc_exit or on_shmem_exit callback, instead. Otherwise
5019 * it will fail to be called during other backend-shutdown
5020 * scenarios.
5021 */
5028 /*
5029 * Accept but ignore these messages, per protocol spec; we
5030 * probably got here because a COPY failed, and the frontend
5031 * is still sending data.
5032 */
5039 firstchar)));
5040 }
5042 }
5044 /*
5045 * Throw an error if we're a WAL sender process.
5046 *
5047 * This is used to forbid anything else than simple query protocol messages
5048 * in a WAL sender process. 'firstchar' specifies what kind of a forbidden
5049 * message was received, and is used to construct the error message.
5050 */
5051 static void
5053 {
5055 {
5060 else
5064 }
5065 }
5068 /*
5069 * Obtain platform stack depth limit (in bytes)
5070 *
5071 * Return -1 if unknown
5072 */
5073 long
5075 {
5076 #if defined(HAVE_GETRLIMIT)
5079 /* This won't change after process launch, so check just once */
5081 {
5088 /* rlim_cur is probably of an unsigned type, so check for overflow */
5091 else
5093 }
5095 #else
5096 /* On Windows we set the backend stack size in src/backend/Makefile */
5098 #endif
5099 }
5105 void
5107 {
5110 }
5112 void
5114 {
5115 StringInfoData str;
5117 sys;
5126 {
5129 }
5131 {
5134 }
5136 {
5139 }
5141 /*
5142 * The only stats we don't show here are ixrss, idrss, isrss. It takes
5143 * some work to interpret them, and most platforms don't fill them in.
5144 */
5162 #ifndef WIN32
5164 /*
5165 * The following rusage fields are not defined by POSIX, but they're
5166 * present on all current Unix-like systems so we use them without any
5167 * special checks. Some of these could be provided in our Windows
5168 * emulation in src/port/win32getrusage.c with more work.
5169 */
5172 #if defined(__darwin__)
5173 /* in bytes on macOS */
5175 #else
5176 /* in kilobytes on most other platforms */
5177 r.ru_maxrss
5178 #endif
5179 );
5183 /* they only drink coffee at dec */
5207 /* remove trailing newline */
5216 }
5218 /*
5219 * on_proc_exit handler to log end of session
5220 */
5221 static void
5223 {
5229 minutes,
5230 seconds;
5248 }
5250 /*
5251 * Start statement timeout timer, if enabled.
5252 *
5253 * If there's already a timeout running, don't restart the timer. That
5254 * enables compromises between accuracy of timeouts and cost of starting a
5255 * timeout.
5256 */
5257 static void
5259 {
5260 /* must be within an xact */
5265 {
5268 }
5269 else
5270 {
5273 }
5274 }
5276 /*
5277 * Disable statement timeout, if active.
5278 */
5279 static void
5281 {
5284 }