2011-01-14 16:30:33 +01:00
|
|
|
%{
|
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
|
|
|
* repl_scanner.l
|
|
|
|
* a lexical scanner for the replication commands
|
|
|
|
*
|
2021-01-02 19:06:25 +01:00
|
|
|
* Portions Copyright (c) 1996-2021, PostgreSQL Global Development Group
|
2011-01-14 16:30:33 +01:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
|
|
|
* src/backend/replication/repl_scanner.l
|
|
|
|
*
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
#include "postgres.h"
|
|
|
|
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
#include "utils/builtins.h"
|
2014-02-01 04:45:17 +01:00
|
|
|
#include "parser/scansup.h"
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
/* Avoid exit() on fatal scanner errors (a bit ugly -- see yy_fatal_error) */
|
|
|
|
#undef fprintf
|
Improve handling of ereport(ERROR) and elog(ERROR).
In commit 71450d7fd6c7cf7b3e38ac56e363bff6a681973c, we added code to inform
suitably-intelligent compilers that ereport() doesn't return if the elevel
is ERROR or higher. This patch extends that to elog(), and also fixes a
double-evaluation hazard that the previous commit created in ereport(),
as well as reducing the emitted code size.
The elog() improvement requires the compiler to support __VA_ARGS__, which
should be available in just about anything nowadays since it's required by
C99. But our minimum language baseline is still C89, so add a configure
test for that.
The previous commit assumed that ereport's elevel could be evaluated twice,
which isn't terribly safe --- there are already counterexamples in xlog.c.
On compilers that have __builtin_constant_p, we can use that to protect the
second test, since there's no possible optimization gain if the compiler
doesn't know the value of elevel. Otherwise, use a local variable inside
the macros to prevent double evaluation. The local-variable solution is
inferior because (a) it leads to useless code being emitted when elevel
isn't constant, and (b) it increases the optimization level needed for the
compiler to recognize that subsequent code is unreachable. But it seems
better than not teaching non-gcc compilers about unreachability at all.
Lastly, if the compiler has __builtin_unreachable(), we can use that
instead of abort(), resulting in a noticeable code savings since no
function call is actually emitted. However, it seems wise to do this only
in non-assert builds. In an assert build, continue to use abort(), so that
the behavior will be predictable and debuggable if the "impossible"
happens.
These changes involve making the ereport and elog macros emit do-while
statement blocks not just expressions, which forces small changes in
a few call sites.
Andres Freund, Tom Lane, Heikki Linnakangas
2013-01-14 00:39:20 +01:00
|
|
|
#define fprintf(file, fmt, msg) fprintf_to_ereport(fmt, msg)
|
|
|
|
|
|
|
|
static void
|
|
|
|
fprintf_to_ereport(const char *fmt, const char *msg)
|
|
|
|
{
|
|
|
|
ereport(ERROR, (errmsg_internal("%s", msg)));
|
|
|
|
}
|
2011-01-14 16:30:33 +01:00
|
|
|
|
|
|
|
/* Handle to the buffer that the lexer uses internally */
|
|
|
|
static YY_BUFFER_STATE scanbufhandle;
|
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
/* Pushed-back token (we only handle one) */
|
|
|
|
static int repl_pushed_back_token;
|
|
|
|
|
|
|
|
/* Work area for collecting literals */
|
2011-01-14 16:30:33 +01:00
|
|
|
static StringInfoData litbuf;
|
|
|
|
|
|
|
|
static void startlit(void);
|
|
|
|
static char *litbufdup(void);
|
|
|
|
static void addlit(char *ytext, int yleng);
|
|
|
|
static void addlitchar(unsigned char ychar);
|
|
|
|
|
2017-08-11 05:33:47 +02:00
|
|
|
/* LCOV_EXCL_START */
|
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
%}
|
|
|
|
|
|
|
|
%option 8bit
|
|
|
|
%option never-interactive
|
|
|
|
%option nodefault
|
|
|
|
%option noinput
|
|
|
|
%option nounput
|
|
|
|
%option noyywrap
|
|
|
|
%option warn
|
|
|
|
%option prefix="replication_yy"
|
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
/*
|
|
|
|
* Exclusive states:
|
|
|
|
* <xd> delimited identifiers (double-quoted identifiers)
|
|
|
|
* <xq> standard single-quoted strings
|
|
|
|
*/
|
|
|
|
%x xd
|
|
|
|
%x xq
|
|
|
|
|
|
|
|
space [ \t\n\r\f]
|
|
|
|
|
|
|
|
quote '
|
|
|
|
quotestop {quote}
|
2011-01-14 16:30:33 +01:00
|
|
|
|
|
|
|
/* Extended quote
|
|
|
|
* xqdouble implements embedded quote, ''''
|
|
|
|
*/
|
|
|
|
xqstart {quote}
|
|
|
|
xqdouble {quote}{quote}
|
|
|
|
xqinside [^']+
|
|
|
|
|
2014-02-01 04:45:17 +01:00
|
|
|
/* Double quote
|
|
|
|
* Allows embedded spaces and other special characters into identifiers.
|
|
|
|
*/
|
|
|
|
dquote \"
|
|
|
|
xdstart {dquote}
|
|
|
|
xdstop {dquote}
|
|
|
|
xddouble {dquote}{dquote}
|
|
|
|
xdinside [^"]+
|
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
digit [0-9]
|
|
|
|
hexdigit [0-9A-Fa-f]
|
2011-01-14 16:30:33 +01:00
|
|
|
|
2014-02-01 04:45:17 +01:00
|
|
|
ident_start [A-Za-z\200-\377_]
|
|
|
|
ident_cont [A-Za-z\200-\377_0-9\$]
|
|
|
|
|
|
|
|
identifier {ident_start}{ident_cont}*
|
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
%%
|
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
%{
|
|
|
|
/* This code is inserted at the start of replication_yylex() */
|
|
|
|
|
|
|
|
/* If we have a pushed-back token, return that. */
|
|
|
|
if (repl_pushed_back_token)
|
|
|
|
{
|
|
|
|
int result = repl_pushed_back_token;
|
|
|
|
|
|
|
|
repl_pushed_back_token = 0;
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
%}
|
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
BASE_BACKUP { return K_BASE_BACKUP; }
|
2011-01-23 12:21:23 +01:00
|
|
|
FAST { return K_FAST; }
|
2011-01-14 16:30:33 +01:00
|
|
|
IDENTIFY_SYSTEM { return K_IDENTIFY_SYSTEM; }
|
2017-01-24 22:59:18 +01:00
|
|
|
SHOW { return K_SHOW; }
|
2011-01-14 16:30:33 +01:00
|
|
|
LABEL { return K_LABEL; }
|
2011-02-09 10:59:53 +01:00
|
|
|
NOWAIT { return K_NOWAIT; }
|
2011-01-14 16:30:33 +01:00
|
|
|
PROGRESS { return K_PROGRESS; }
|
2014-02-27 22:55:57 +01:00
|
|
|
MAX_RATE { return K_MAX_RATE; }
|
2011-01-30 21:30:09 +01:00
|
|
|
WAL { return K_WAL; }
|
2015-05-12 15:29:10 +02:00
|
|
|
TABLESPACE_MAP { return K_TABLESPACE_MAP; }
|
2018-04-03 13:47:16 +02:00
|
|
|
NOVERIFY_CHECKSUMS { return K_NOVERIFY_CHECKSUMS; }
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
TIMELINE { return K_TIMELINE; }
|
2011-01-14 16:30:33 +01:00
|
|
|
START_REPLICATION { return K_START_REPLICATION; }
|
2014-02-01 04:45:17 +01:00
|
|
|
CREATE_REPLICATION_SLOT { return K_CREATE_REPLICATION_SLOT; }
|
|
|
|
DROP_REPLICATION_SLOT { return K_DROP_REPLICATION_SLOT; }
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
TIMELINE_HISTORY { return K_TIMELINE_HISTORY; }
|
2014-02-01 04:45:17 +01:00
|
|
|
PHYSICAL { return K_PHYSICAL; }
|
2015-09-06 13:17:23 +02:00
|
|
|
RESERVE_WAL { return K_RESERVE_WAL; }
|
2014-03-10 18:50:28 +01:00
|
|
|
LOGICAL { return K_LOGICAL; }
|
2014-02-01 04:45:17 +01:00
|
|
|
SLOT { return K_SLOT; }
|
2016-12-08 18:00:00 +01:00
|
|
|
TEMPORARY { return K_TEMPORARY; }
|
2017-03-14 22:13:56 +01:00
|
|
|
EXPORT_SNAPSHOT { return K_EXPORT_SNAPSHOT; }
|
|
|
|
NOEXPORT_SNAPSHOT { return K_NOEXPORT_SNAPSHOT; }
|
2017-03-23 13:36:36 +01:00
|
|
|
USE_SNAPSHOT { return K_USE_SNAPSHOT; }
|
2017-09-01 13:44:14 +02:00
|
|
|
WAIT { return K_WAIT; }
|
Generate backup manifests for base backups, and validate them.
A manifest is a JSON document which includes (1) the file name, size,
last modification time, and an optional checksum for each file backed
up, (2) timelines and LSNs for whatever WAL will need to be replayed
to make the backup consistent, and (3) a checksum for the manifest
itself. By default, we use CRC-32C when checksumming data files,
because we are trying to detect corruption and user error, not foil an
adversary. However, pg_basebackup and the server-side BASE_BACKUP
command now have options to select a different algorithm, so users
wanting a cryptographic hash function can select SHA-224, SHA-256,
SHA-384, or SHA-512. Users not wanting file checksums at all can
disable them, or disable generating of the backup manifest altogether.
Using a cryptographic hash function in place of CRC-32C consumes
significantly more CPU cycles, which may slow down backups in some
cases.
A new tool called pg_validatebackup can validate a backup against the
manifest. If no checksums are present, it can still check that the
right files exist and that they have the expected sizes. If checksums
are present, it can also verify that each file has the expected
checksum. Additionally, it calls pg_waldump to verify that the
expected WAL files are present and parseable. Only plain format
backups can be validated directly, but tar format backups can be
validated after extracting them.
Robert Haas, with help, ideas, review, and testing from David Steele,
Stephen Frost, Andrew Dunstan, Rushabh Lathia, Suraj Kharage, Tushar
Ahuja, Rajkumar Raghuwanshi, Mark Dilger, Davinder Singh, Jeevan
Chalke, Amit Kapila, Andres Freund, and Noah Misch.
Discussion: http://postgr.es/m/CA+TgmoZV8dw1H2bzZ9xkKwdrk8+XYa+DC9H=F7heO2zna5T6qg@mail.gmail.com
2020-04-03 20:59:47 +02:00
|
|
|
MANIFEST { return K_MANIFEST; }
|
|
|
|
MANIFEST_CHECKSUMS { return K_MANIFEST_CHECKSUMS; }
|
2014-02-01 04:45:17 +01:00
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
{space}+ { /* do nothing */ }
|
2011-01-14 16:30:33 +01:00
|
|
|
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
{digit}+ {
|
2013-08-15 05:18:49 +02:00
|
|
|
yylval.uintval = strtoul(yytext, NULL, 10);
|
|
|
|
return UCONST;
|
Allow a streaming replication standby to follow a timeline switch.
Before this patch, streaming replication would refuse to start replicating
if the timeline in the primary doesn't exactly match the standby. The
situation where it doesn't match is when you have a master, and two
standbys, and you promote one of the standbys to become new master.
Promoting bumps up the timeline ID, and after that bump, the other standby
would refuse to continue.
There's significantly more timeline related logic in streaming replication
now. First of all, when a standby connects to primary, it will ask the
primary for any timeline history files that are missing from the standby.
The missing files are sent using a new replication command TIMELINE_HISTORY,
and stored in standby's pg_xlog directory. Using the timeline history files,
the standby can follow the latest timeline present in the primary
(recovery_target_timeline='latest'), just as it can follow new timelines
appearing in an archive directory.
START_REPLICATION now takes a TIMELINE parameter, to specify exactly which
timeline to stream WAL from. This allows the standby to request the primary
to send over WAL that precedes the promotion. The replication protocol is
changed slightly (in a backwards-compatible way although there's little hope
of streaming replication working across major versions anyway), to allow
replication to stop when the end of timeline reached, putting the walsender
back into accepting a replication command.
Many thanks to Amit Kapila for testing and reviewing various versions of
this patch.
2012-12-13 18:00:00 +01:00
|
|
|
}
|
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
{hexdigit}+\/{hexdigit}+ {
|
2012-06-24 17:51:37 +02:00
|
|
|
uint32 hi,
|
|
|
|
lo;
|
|
|
|
if (sscanf(yytext, "%X/%X", &hi, &lo) != 2)
|
2011-01-14 16:30:33 +01:00
|
|
|
yyerror("invalid streaming start location");
|
2012-06-24 17:51:37 +02:00
|
|
|
yylval.recptr = ((uint64) hi) << 32 | lo;
|
2011-01-14 16:30:33 +01:00
|
|
|
return RECPTR;
|
|
|
|
}
|
|
|
|
|
|
|
|
{xqstart} {
|
|
|
|
BEGIN(xq);
|
|
|
|
startlit();
|
|
|
|
}
|
2014-02-01 04:45:17 +01:00
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
<xq>{quotestop} {
|
|
|
|
yyless(1);
|
|
|
|
BEGIN(INITIAL);
|
|
|
|
yylval.str = litbufdup();
|
|
|
|
return SCONST;
|
|
|
|
}
|
2014-02-01 04:45:17 +01:00
|
|
|
|
|
|
|
<xq>{xqdouble} {
|
2011-01-14 16:30:33 +01:00
|
|
|
addlitchar('\'');
|
|
|
|
}
|
2014-02-01 04:45:17 +01:00
|
|
|
|
2011-01-14 16:30:33 +01:00
|
|
|
<xq>{xqinside} {
|
|
|
|
addlit(yytext, yyleng);
|
|
|
|
}
|
|
|
|
|
2014-02-01 04:45:17 +01:00
|
|
|
{xdstart} {
|
|
|
|
BEGIN(xd);
|
|
|
|
startlit();
|
|
|
|
}
|
|
|
|
|
|
|
|
<xd>{xdstop} {
|
|
|
|
int len;
|
|
|
|
yyless(1);
|
|
|
|
BEGIN(INITIAL);
|
|
|
|
yylval.str = litbufdup();
|
|
|
|
len = strlen(yylval.str);
|
|
|
|
truncate_identifier(yylval.str, len, true);
|
|
|
|
return IDENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
<xd>{xdinside} {
|
|
|
|
addlit(yytext, yyleng);
|
|
|
|
}
|
|
|
|
|
|
|
|
{identifier} {
|
|
|
|
int len = strlen(yytext);
|
|
|
|
|
|
|
|
yylval.str = downcase_truncate_identifier(yytext, len, true);
|
|
|
|
return IDENT;
|
|
|
|
}
|
|
|
|
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
. {
|
|
|
|
/* Any char not recognized above is returned as itself */
|
|
|
|
return yytext[0];
|
|
|
|
}
|
|
|
|
|
2014-02-01 04:45:17 +01:00
|
|
|
<xq,xd><<EOF>> { yyerror("unterminated quoted string"); }
|
2011-01-14 16:30:33 +01:00
|
|
|
|
|
|
|
|
|
|
|
<<EOF>> {
|
|
|
|
yyterminate();
|
|
|
|
}
|
|
|
|
|
|
|
|
%%
|
|
|
|
|
2017-08-11 05:33:47 +02:00
|
|
|
/* LCOV_EXCL_STOP */
|
2011-01-14 16:30:33 +01:00
|
|
|
|
|
|
|
static void
|
|
|
|
startlit(void)
|
|
|
|
{
|
2011-11-01 20:50:00 +01:00
|
|
|
initStringInfo(&litbuf);
|
2011-01-14 16:30:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
static char *
|
|
|
|
litbufdup(void)
|
|
|
|
{
|
2011-11-01 20:50:00 +01:00
|
|
|
return litbuf.data;
|
2011-01-14 16:30:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
addlit(char *ytext, int yleng)
|
|
|
|
{
|
|
|
|
appendBinaryStringInfo(&litbuf, ytext, yleng);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
addlitchar(unsigned char ychar)
|
|
|
|
{
|
2011-11-01 20:50:00 +01:00
|
|
|
appendStringInfoChar(&litbuf, ychar);
|
2011-01-14 16:30:33 +01:00
|
|
|
}
|
|
|
|
|
2015-03-11 14:19:54 +01:00
|
|
|
void
|
2011-01-14 16:30:33 +01:00
|
|
|
yyerror(const char *message)
|
|
|
|
{
|
2011-11-01 20:50:00 +01:00
|
|
|
ereport(ERROR,
|
2011-01-14 16:30:33 +01:00
|
|
|
(errcode(ERRCODE_SYNTAX_ERROR),
|
|
|
|
errmsg_internal("%s", message)));
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
replication_scanner_init(const char *str)
|
|
|
|
{
|
|
|
|
Size slen = strlen(str);
|
|
|
|
char *scanbuf;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Might be left over after ereport()
|
|
|
|
*/
|
|
|
|
if (YY_CURRENT_BUFFER)
|
|
|
|
yy_delete_buffer(YY_CURRENT_BUFFER);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Make a scan buffer with special termination needed by flex.
|
|
|
|
*/
|
|
|
|
scanbuf = (char *) palloc(slen + 2);
|
|
|
|
memcpy(scanbuf, str, slen);
|
|
|
|
scanbuf[slen] = scanbuf[slen + 1] = YY_END_OF_BUFFER_CHAR;
|
|
|
|
scanbufhandle = yy_scan_buffer(scanbuf, slen + 2);
|
2022-01-24 18:09:46 +01:00
|
|
|
|
|
|
|
/* Make sure we start in proper state */
|
|
|
|
BEGIN(INITIAL);
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
repl_pushed_back_token = 0;
|
2011-01-14 16:30:33 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2015-08-15 17:25:00 +02:00
|
|
|
replication_scanner_finish(void)
|
2011-01-14 16:30:33 +01:00
|
|
|
{
|
|
|
|
yy_delete_buffer(scanbufhandle);
|
|
|
|
scanbufhandle = NULL;
|
|
|
|
}
|
Fix limitations on what SQL commands can be issued to a walsender.
In logical replication mode, a WalSender is supposed to be able
to execute any regular SQL command, as well as the special
replication commands. Poor design of the replication-command
parser caused it to fail in various cases, notably:
* semicolons embedded in a command, or multiple SQL commands
sent in a single message;
* dollar-quoted literals containing odd numbers of single
or double quote marks;
* commands starting with a comment.
The basic problem here is that we're trying to run repl_scanner.l
across the entire input string even when it's not a replication
command. Since repl_scanner.l does not understand all of the
token types known to the core lexer, this is doomed to have
failure modes.
We certainly don't want to make repl_scanner.l as big as scan.l,
so instead rejigger stuff so that we only lex the first token of
a non-replication command. That will usually look like an IDENT
to repl_scanner.l, though a comment would end up getting reported
as a '-' or '/' single-character token. If the token is a replication
command keyword, we push it back and proceed normally with repl_gram.y
parsing. Otherwise, we can drop out of exec_replication_command()
without examining the rest of the string.
(It's still theoretically possible for repl_scanner.l to fail on
the first token; but that could only happen if it's an unterminated
single- or double-quoted string, in which case you'd have gotten
largely the same error from the core lexer too.)
In this way, repl_gram.y isn't involved at all in handling general
SQL commands, so we can get rid of the SQLCmd node type. (In
the back branches, we can't remove it because renumbering enum
NodeTag would be an ABI break; so just leave it sit there unused.)
I failed to resist the temptation to clean up some other sloppy
coding in repl_scanner.l while at it. The only externally-visible
behavior change from that is it now accepts \r and \f as whitespace,
same as the core lexer.
Per bug #17379 from Greg Rychlewski. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/17379-6a5c6cfb3f1f5e77@postgresql.org
2022-01-24 21:33:34 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check to see if the first token of a command is a WalSender keyword.
|
|
|
|
*
|
|
|
|
* To keep repl_scanner.l minimal, we don't ask it to know every construct
|
|
|
|
* that the core lexer knows. Therefore, we daren't lex more than the
|
|
|
|
* first token of a general SQL command. That will usually look like an
|
|
|
|
* IDENT token here, although some other cases are possible.
|
|
|
|
*/
|
|
|
|
bool
|
|
|
|
replication_scanner_is_replication_command(void)
|
|
|
|
{
|
|
|
|
int first_token = replication_yylex();
|
|
|
|
|
|
|
|
switch (first_token)
|
|
|
|
{
|
|
|
|
case K_IDENTIFY_SYSTEM:
|
|
|
|
case K_BASE_BACKUP:
|
|
|
|
case K_START_REPLICATION:
|
|
|
|
case K_CREATE_REPLICATION_SLOT:
|
|
|
|
case K_DROP_REPLICATION_SLOT:
|
|
|
|
case K_TIMELINE_HISTORY:
|
|
|
|
case K_SHOW:
|
|
|
|
/* Yes; push back the first token so we can parse later. */
|
|
|
|
repl_pushed_back_token = first_token;
|
|
|
|
return true;
|
|
|
|
default:
|
|
|
|
/* Nope; we don't bother to push back the token. */
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|