Firebird 3.0.12 Release Notes

#8181 — Ensure the standalone CS listener on Linux uses the SO_REUSEADDR socket option

Implemented by Dmitry Yemanov

#8030 — Better cardinality estimation when empty data pages exist

Implemented by Vlad Khorsun

#7978 — Update Windows distributions with zlib version 1.3.1

Implemented by Vlad Khorsun

#7539 — RDB$GET/SET_CONTEXT(): enclosing in apostrophes or double quotes of a missed namespace/variable will make output more readable

Implemented by Vlad Khorsun

#7494 — Firebird performance issue - unnecessary index reads

Implemented by Vlad Khorsun

#7468 — Add switch to control in guardian timeout before killing firebird server process

Implemented by Alexander Peshkov

#7437 — zlib version 1.2.13 released 2022-10-13

Implemented by Vlad Khorsun

#7418 — Reliability of plugin manager

Implemented by Alexander Peshkov

#7259 — Remove TcpLoopbackFastPath and use of SIO_LOOPBACK_FAST_PATH

Implemented by Vlad Khorsun

#7194 — Make it possible to avoid fbclient dependency in Pascal programs using firebird.pas.

Implemented by A. Peshkov

#7161 — Update zlib to 1.2.12.

Implemented by V. Khorsun

#7093 — Improve indexed lookup speed of strings when the last keys characters are part of collated contractions.

Implemented by A. dos Santos Fernandes

#6872 — Faster execution of indexed STARTING WITH with UNICODE collation.

Implemented by A. dos Santos Fernandes

#6957 — Added database creation time to the output of ISQL’s command SHOW DATABASE.

Implemented by V. Khorsun

#6769 (CORE-6542) — More efficient implementation of SUBSTRING for UTF8 character set.

Implemented by A. dos Santos Fernandes

#6748 (CORE-6519) — Freeing a statement using DSQL_drop or DSQL_unprepare is no longer deferred.

Implemented by V. Khorsun

#5913 (CORE-5647) — Increased number of formats/versions of views from 255 to 32K.

Implemented by A. dos Santos Fernandes

#5137 (CORE-4841) — Made message about missing password being always displayed as reply on attempt to issue CREATE new login without PASSWORD clause.

Implemented by A. Peshkov

(CORE-6413) — Removed PIDFile/-pidfile option from Super(Server/Classic) systemd unit.

Implemented by A. Peshkov

(CORE-6362) — Added better diagnostic for the 'Missing security context' error.

Implemented by A. Peshkov

(CORE-6339) — Server was modified to disconnect from the security database when missing plugin data structures cause an error

Implemented by A. Peshkov

(CORE-6334) — Added missing relocation support to MacOS builds.

Implemented by A. Peshkov

(CORE-6274) — Increased parsing speed of long queries.

Implemented by A. dos Santos Fernandes

(CORE-6237) — Improved performance when using SRP plugin.

Implemented by A. Peshkov

(CORE-4933) — Added better transaction control to ISQL.

Implemented by V. Khorsun

(CORE-6072) — Improved the engine providers compatibility across Firebird versions.

Implemented by A. Peshkov

(CORE-6004) — Added a configuration switch to disable the "TCP Loopback Fast Path" option (Windows only).

Implemented by KarloX2

(CORE-5948) — Improved the WIN_SSPI plugin to produce keys for the WireCrypt plugin.

Implemented by A. Peshkov

(CORE-5928) — Made it possible for the AuthClient plugin to access the authentication block from DPB.

Implemented by A. Peshkov

(CORE-5724) — Added ability to use “install.sh -path /opt/my_path” without a need to install Firebird first in the default folder.

Implemented by A. Peshkov

(CORE-4462) — Implemented option to restore compressed .nbk files without explicitly decompressing them.

Implemented by A. Peshkov, V. Khorsun

(CORE-5913) — Context variables WIRE_COMPRESSED and WIRE_ENCRYPTED were added to the SYSTEM namespace to report compression and encryption status, respectively, of the current connection. See Context Variables: v.3.0.4 for details.

Implemented by V. Khorsun

(CORE-5908) — Enhanced reporting of errors when a dynamic library fails to load. For more information, see Better Reporting on Dynamic Library Loading Errors.

Implemented by A. Peshkov

(CORE-5876) — When an external function (UDF) causes an error of the type “Arithmetic exception, numeric overflow, or string truncation”, the error message will now include the name of the function.

Implemented by A. Peshkov

(CORE-5860) — The API now supports passing the DPB/spb item ***_auth_plugin_list from an application to the client interface. More details.

Implemented by A. Peshkov

(CORE-5853) — Two new context variables LOCALTIME and LOCALTIMESTAMP that are synonyms for CURRENT_TIME and CURRENT_TIMESTAMP, respectively. They can be used in Firebird 3.0.4 and later, for forward-compatibility with Firebird 4. See Context Variables: v.3.0.4 for details.

Implemented by A. dos Santos Fernandes

(CORE-5746) — The read-only restriction for system tables was relaxed to permit CREATE, ALTER and DROP operations on their indexes.

Implemented by R. Abzalov, V. Khorsun

(CORE-5727) — Engine response has been improved on cancel/shutdown signals when scanning a long list of pointer pages.

Implemented by V. Khorsun

(CORE-5712) — The name of the encryption key is not top secret information. It can be read using the gstat utility or service, for example. However, for working with that name from a program it was desirable to access the key name using the API call Attachment::getInfo(). Hence, this facility is now provided via the information item fb_info_crypt_key.

Implemented by A. Peshkov

(CORE-5704) — Some clauses of the ALTER DATABASE statement require updating of the single row in RDB$DATABASE: SET DEFAULT CHARACTER SET, SET LINGER, DROP LINGER. Others, such as BEGIN|END BACKUP, ENCRYPT, DECRYPT, et al., do not need to touch that record.

In previous versions, to prevent concurrent instances of ALTER DATABASE running in parallel transactions, the engine would run an update on the RDB$DATABASE record regardless of the nature of clauses specified by the user. Hence, any other transaction that read the RDB$DATABASE record in READ COMMITTED NO RECORD VERSION mode would be blocked briefly, even by a “dummy update” that in fact did not update the record.

In some cases, such as with an ALTER DATABASE END BACKUP the blockage could last 10 minutes or more. A user would seem to be unable to connect to the database with isql, for example, while ALTER DATABASE END BACKUP was running. In fact, isql would connect successfully, but it would read RDB$DATABASE immediately after attaching, using a READ COMMITTED NO RECORD VERSION WAIT transaction and then just wait until the work of ALTER DATABASE END BACKUP was committed.

From this sub-release forward, the update of the RDB$DATABASE record is avoided when possible, and an implicit lock is placed to prevent concurrent runs of the ALTER DATABASE statement.

Implemented by V. Khorsun

(CORE-5676) — All queries that are semantically the same should have the same plan. However, until now, the optimizer understood only an explicit reference inside an ORDER BY clause and would ignore sorts derived from equivalent expressions. Now, it will consider equivalence classes for index navigation. Refer to the Tracker ticket for an example.

Implemented by D. Yemanov

(CORE-5674) — Common Table Expressions are now allowed to be left unused.

implemented by V. Khorsun

(CORE-5660) — Flushing a large number of dirty pages has been made faster.

Implemented by V. Khorsun

(CORE-5648) — Measures have been taken to avoid serialization of isc_attach_database calls issued by EXECUTE STATEMENT.

Implemented by V. Khorsun

(CORE-5629) — Output from gstat now includes the date and time of analysis.

implemented by A. Peshkov

(CORE-5614) — The merge stage of a physical backup stage could run too long, especially with huge page cache. Changes have been made to reduce it.

Implemented by V. Khorsun

(CORE-5610) — Message “Error during sweep: connection shutdown” now provides information about the database that was being swept.

Implemented by A. Peshkov

(CORE-5602) — Improvement in performance of ALTER DOMAIN when the domain has many dependencies.

Implemented by V. Khorsun

(CORE-5601) — Compression details and encryption status of the connection (fb_info_conn_flags) have been added to the getInfo() API call. For more information see notes in the API chapter.

(CORE-5543) — Restoring a pre ODS 11.1 database now correctly populates RDB$RELATION_TYPE field in the metadata.

implemented by D. Yemanov

(CORE-4913) — Speed of backup with nBackup when directed to NAS over SMB protocol has been improved.

Implemented by J. Hejda & V. Khorsun

(CORE-3295) — The optimizer can now estimate the actual record compression ratio.

Implemented by D. Yemanov

(CORE-4563) — Support was added for fast/low-latency “TCP Loopback Fast Path” functionality introduced in Windows 8 and Server 2012.

This feature is said to improve the performance of the TCP stack for local loopback connections, by short-circuiting the TCP stack for local calls. The details of the feature can be found in this Microsoft Technet blog.

Implemented by V. Khorsun

The following improvements appear in this sub-release:

(CORE-5475) — IMPROVEMENT: It is now possible to filter out info and warnings from the trace log.

implemented by V. Khorsun

(CORE-5442) — IMPROVEMENT: Enhanced control capability when sharing the database crypt key between Superserver attachments.

implemented by A. Peshkov

(CORE-5441) — IMPROVEMENT: The physical numbers of frequently used data pages are now cached to reduce the number of fetches of pointer pages.

implemented by V. Khorsun

(CORE-5434) — IMPROVEMENT: A read-only transaction will no longer force write the Header/TIP page content to disk immediately after a change. This improvement gives a significant performance gain where there are numerous light read-only transactions. At this stage, it affects only servers in SS mode. For CS and SC it is more complex to implement and should appear in Firebird 4.0.

implemented by V. Khorsun

(CORE-5374) — IMPROVEMENT: The database name was made available to an encryption plug-in.

implemented by A. Peshkov

(CORE-5332) — IMPROVEMENT: libfbclient.so was compiled for Android (x86/x86-64/arm64).

implemented by M. A. Popa

(CORE-5257) — IMPROVEMENT: Nesting of keys in a plug-in configuration was enabled.

implemented by V. Khorsun

(CORE-5204) — IMPROVEMENT: The Linux code is now built with --enable-binreloc and an option was included in the installer script to install in locations other than /opt/firebird.

implemented by A. Peshkov

(CORE-4486) — IMPROVEMENT: For Trace, a filter has been provided to INCLUDE / EXCLUDE errors by their mnemonical names.

implemented by V. Khorsun

(CORE-3885) — IMPROVEMENT: Android port (arm32).

implemented by A. Peshkov

(CORE-3637) — IMPROVEMENT: A port was done and tested for Linux on the ancient Motorola 680000 CPU platform to satisfy some requirement from Debian.

implemented by A. Peshkov

(CORE-1095) — IMPROVEMENT: Support has been added to enable SELECT expressions to be valid operands for the BETWEEN predicate.

implemented by D. Yemanov

The providers are more or less what we traditionally thought of as the methods used to connect a client to a server, that is to say, across a network, host-locally, via the local loopback (“localhost”) or by a more direct local connection (the old libfbembed.so on POSIX, now implemented as the plug-in library libEngine12.so; on Windows, engine12.dll; on MacOSX, engine12.dylib).

Connection string refers to the local or remote path to the database to which a client requests an attachment (connection). The syntax of the connection string determines the transport protocol by which clients and the server communicate. The legacy syntaxes for the available protocols, supported by all Firebird versions, are as follows:

Local connection is implied if <host> is omitted. Depending on settings, platform and Firebird version, it could be performed via either the embedded engine, xnet (shared memory) protocol or TCP/IP localhost loopback.

Alex Peshkov

From version 3 onward, Firebird’s architecture supports plug-ins. For a number of predefined points in the Firebird code, a developer can write his own fragment of code for execution when needed.

A plug-in is not necessarily one written by a third party: Firebird has a number of intrinsic plug-ins. Even some core parts of Firebird are implemented as plug-ins.

Adriano dos Santos Fernandes

The UDR (User Defined Routines) engine adds a layer on top of the FirebirdExternal engine interface with the purpose of

Paul Beach

(CORE-4439) — Maximum connections (FD_SETSIZE) on Windows Superserver and Superclassic was raised from 1024 to 2048.

Dmitry Yemanov

(CORE-3881) — The error reported for index/constraint violations has been extended to include the problematic key value.

Adriano dos Santos Fernandes

(CORE-2224) — The ICU version was upgraded to v.52.1.

Vlad Khorsun

A new BLOB filter translates internal debug information into text.

Claudio Valderrama C.

A silly message sent by the parser when a reference to an undefined object was encountered was replaced with one that tells it like it really is.

Adriano dos Santos Fernandes

A pseudocolumn named RDB$RECORD_VERSION returns the number of the transaction that created the current record version.

It is retrieved the same way as RDB$DB_KEY, i.e., select RDB$RECORD_VERSION from aTable where…​

Alex Peshkov

systemd init scripts are available in Firebird 3 POSIX installers. See Tracker ticket CORE-4085.

Alex Peshkov

A mistake in the initial design of the ModuleLoader class meant that errors displayed when dynamic libraries failed to load were lacking any OS-specific information about the reason for the failure (no such file, invalid format, unresolved external reference, etc.). The only report was “Module/library not loaded”. In many cases, that made it extremely hard to find and fix the related bugs.

Firebird 3.0.4 extends the reported errors to show the exact reason a library failed to load.

Firebird 3.0 creates databases with an ODS (On-Disk Structure) version of 12. In the initial release, a database with an older ODS cannot be opened by Firebird 3.0. In order to work with a database with an older ODS it will be necessary to make a backup using gbak under the older server and restore it with gbak on Firebird 3.

Alex Peshkov

The Implementation ID in the ODS of a database is deprecated in favour of a new field in database headers describing hardware details that need to match in order for the database to be assumed to have been created by a compatible implementation.

The old Implementation ID is replaced with a 4-byte structure consisting of hardware ID, operating system ID, compiler ID and compatibility flags. The three ID fields are just for information: the ODS does not depend upon them directly, and they are not checked when opening the database.

The compatibility flags are checked for a match between the database and the engine opening it. Currently, we have only one flag, for endianness. As previously, Firebird will not open a database on little-endian that was created on big-endian, nor vice versa.

The purpose is to make it easier to do ports of Firebird for new platforms.

Maximum database size is increased to 2³² pages (previously 2³¹ -1 pages). The new limit is 16TB/32TB/64TB, depending on the page size.

The maximum page size remains 16 KB (16384 bytes).

The maximum number of pages that can be configured for the database cache depends on whether the database is running under 64-bit or 32-bit Firebird:

Dmitry Yemanov

Historically, the transaction ID space was limited to 2³¹ -1 transactions, counted from the time the database was created. After that point, the database becomes unavailable until backup and restore is performed to reset the transaction ID counter back to zero. In Firebird 3.0, the transaction ID space has been raised to 2⁴⁸ bits, or roughly equal to 2.8 * 10¹⁴ transactions, increasing the database up-time without backup and restore by a factor 2¹⁷.

With the introduction of 48-bit internal transaction IDs that are publicly (via the API and the MON$ tables) represented as 64-bit numbers. In later versions, the transaction space could be extended up to 2⁶³ -1.

The implemented solution has no additional storage overhead until the transaction counters grow beyond the 2³² boundary.

Attachment IDs and statement IDs were changed to 64-bit numbers, both internally and externally via the API and the MON$ tables.

Alex Peshkov

Firebird needed a modernised API for a number of compelling reasons.

Other new APIs support various plug-ins by declaring the interfaces between the engine and the plug-in. Besides pluggable authentication and pluggable encryption, Firebird 3 supports “external engines”, bridges between the engine and the execution environments that can run UDRs: native code, Java and others. By and large they are intended for use by third-party solution providers, rather than for client application development.

For creating custom plug-ins and bridges, the relevant interface (API) needs to be implemented in the plug-in code.

The following improvements to the API should be noted.

Items marked with asterisks (*) were previously non-reserved.

The standard wildcards ‘*’ and ‘?’ may be used in an include directive, to include all matching files in undefined order. For example,

In aliases.conf the format for specifying a database alias was

If you are not adding any database-specific configuration directives for an alias, the format is just as it was before, e.g.,

A slightly more complex format is used for cases where certain non-global parameters are to be targeted at an individual database. The entry for the database is defined by the alias declaration, as previously. The database-specific directives are listed below it, within curly brackets.

The following parameters can be copy/pasted to databases.conf and used as overrides for specific databases.

Defines the name and location of the security database that stores login user names and passwords used by the server to validate remote connections. By default, in firebird.conf, it is $(root)/security3.fdb. It can be overridden for a specific database by a configuration in databases.conf.

Two parameters that determine what authentication methods can be used by the network server and the client redirector. The enabled methods are listed as string symbols separated by commas, semicolons or spaces.

For AuthServer, Srp and Win_Sspi are listed; for AuthClient, Srp, Win_Sspi and Legacy_Auth.

To disable a method, erase the comment marker (‘#’) and remove the unwanted method from the list.

Both parameters can be used in databases.conf. They can both be used in the DPB or the SPB for a connection-specific configuration.

Sets whether the network connection should be encrypted. It has three possible values: Required | Enabled | Disabled. The default is set such that encryption is Required for connections coming in to the server and Enabled for connections outgoing to a server.

To access a server using an older client library and, thus, no encryption, WireCrypt in the server configuration file should be set to Enabled or Disabled to avert the default Required.

The rules are simple: if one side has WireCrypt = Required and the other sets the parameter to Disabled, the side with WireCrypt=Required rejects the connection and it is not established.

A missing WireCrypt plug-in or encryption key in cases where the channel must be encrypted also thwarts a connection.

In all other cases, connection is established without encryption if at least one side has WireCrypt = Disabled. In other cases, the encrypted connection is established.

Sets the plug-in that will operate on the security database. It can be a list with blanks, commas or semicolons as separators: the first plug-in from the list is used as the default.

The default plug-in is Srp (libSrp.s0/Srp.dll/Srp.dylib).

The UserManager parameter can be used in databases.conf for a database-specific override.

Specifies the plug-in used by Firebird’s Trace facility to send trace data to the client app or audit data to the log file.

The default plug-in is fbtrace (libfbtrace.s0/fbtrace.dll/fbtrace.dylib).

A wire-crypt plug-in is used to encrypt and decrypt data transferred over the network.

The installation default Arc4 implies use of an Alleged RC4 plug-in. The configured plug-in, which requires a key generated by the configured authentication plug-in, can be overridden in the API for a specific connection via the DPB or the SPB.

This parameter would represent some form of temporary storage for database encryption keys. Nothing is implemented as a default plug-in, but a sample Linux plug-in named libCryptKeyHolder_example.so can be found in /plugins/.

List of allowed transports for accessing databases, discussed in the Engine chapter.

Determines the execution mode of the server (“server model”). Discussed in the Engine chapter.

Parameter in firebird.conf and databases.conf provides an efficient, configurable replacement for hard-coded rules limiting access to security3.fdb. It can also be used to configure limited remote access to any other database, including non-default security databases.

By default RemoteAccess is enabled for all databases except the security database. If you intend using more than one dedicated security database, then disabling remote access to it (or them) via databases.conf is recommended.

For stricter security, server-wide, you can set RemoteAccess to false in firebird.conf and use entries in database.conf to re-enable it for specific databases.

RemoteAccess is a Boolean. It can be expressed with either true/false, 1/0 or Yes/No.

Alex Peshkov

Parameter in firebird.conf or databases.conf, enabling or disabling compression of data over the wire at global or individual database level.

The default setting is disabled (= False). Settings and environment must be correct at both server and client for WireCompression to take effect:

See Tracker item CORE-733.

Michael Kubecek

Parameter in firebird.conf only. (TCP ports are created before any connection is established.)

Firebird 3 supports IPv6 connections, on both client and server sides.

Entries in the “Restrict” list of the ExternalFileAccess parameter can be used to mangle file names with relative paths.

Entries in the “Restrict” list were already used to mangle file names with no path component. For example, with

and the following sequence of commands:

the file /opt/extern/zz will be created.

However, if something like this is submitted,

the result is an error about denied access to file /opt/firebird/bin/dir/zz.

The improvement avoids this gap by mangling the file name in accord with the value of the parameter and, if necessary, creating the missing path components, such as 'dir' in the example above.

In older version, this parameter provided a superfluous option for recording the file system path to Firebird’s “root” files (firebird.conf, the security database and so on).

This parameter used to make it possible to use the old security.fdb from Firebird 1.X installations after it had been subjected to an upgrade script and thence to enable or disable use of the obsolete DES hash encrypting algorithm. It is no longer supported.

This parameter enabled temporary support for an implementation fault in certain sequences of SET clauses in versions of Firebird prior to version 2.5. It is no longer available.

This parameter temporarily enabled legacy code support for an old InterBase/Firebird 1.0 bug that generated unnamed columns for computed output which was not explicitly aliased in the SELECT specification. It is no longer available.

This parameter used to allow the option to have Firebird’s Lock Manager emulate InterBase v3.3 lock allocation behaviour, whereby locks would be granted in no particular order, as soon as they were available, rather than by the normal order (first-come, first-served). The legacy option is no longer supported.

UsePriorityScheduler, PrioritySwitchDelay and PriorityBoost, which were marginally relevant to obsolete processors on obsolete Windows versions, are no longer supported.

To start using a separate, non-default security database, the first step is to create it, unless it already exists. An embedded isql connection is used:

Now connect to any database which will be served by the security database you are currently preparing, in order to create its SYSDBA user:

The main problem with database encryption is how to store the secret key. Firebird provides a helper to transfer that key from the client but that does not imply that storing the key on a client is the best way: it is no more than a possible alternative. A very bad option is to keep the key on the same disk as the database.

To separate encryption and key access efficiently, a database crypt plug-in is split into two parts: encryption itself and the secret key holder. This may be an efficient approach for third-party plug-ins when you want to use some good encryption algorithm, but you have your own secret way to store a key.

CORE-3251

So, the answer to the question “Does Firebird use SSL/TLS for password validation?” is “yes and no”. The “No” answer comes because, by default, SSL is not used. That is due to a minor licensing incompatibility between Firebird and OpenSSL, the most popular SSL implementation.

The “Yes” applies because anyone is free to write an authentication plug-in that uses SSL and TLS.

CORE-1898.

Implementation of SRP in our plugin has increased the password length from 8 bytes to 20 or more. Because of the use of SHA1 for hashes, maximum security is provided for passwords up to 20 characters in length. Longer passwords can be used without restriction but there is a remote possibility of hash collisions between passwords that differ beyond the 20th byte. Just be aware of the possibility that any password longer than 20 characters password could share the same hash with some shorter password so, theoretically, they could be attacked using brute force.

A custom SRP plug-in could be built quite easily, using a hash algorithm that would guarantee unique hashes for longer passwords.

Support for the LegacyHash and Authentication parameters in firebird.conf has been dropped. Authentication is overtaken by an AuthServer parameter in firebird.conf or elsewhere.

The Authentication plug-in comprises three parts:

All three parts are actually separate plug-ins which should be configured separately in firebird.conf. Let’s look at an example of configuring a server to accept connections from old clients. The default setting are:

To enable access from old clients, AuthServer needs to be changed:

If we also want to manage the list of users in the old format we must add:

Multiple user managers can be enumerated in firebird.conf. The first member of the list of user managers is the default. Selecting from SEC$USERS would produce something like the following:

There might well be two users named SYSDBA in such a list, because each user manager has its own SYSDBA.

Alex Peshkov; Tony Whyman

Review of the Firebird SRP implementation in terms of the NIST guidance on the use of SHA-1 appears to indicate that most uses of SHA-1 continue to be permitted except for its use in generating the client proof.

The SHA-256 message digest may be used instead of SHA-1 for generating the client proof. For compatibility, SHA-1 remains the default for Firebird 3 but SHA-256 is available as an alternative from version 3.0.4 onward, until the decision is taken to make it the default.

The challenge with use of a symmetric cypher is where to get a key for it. Firebird assumes that such a key, also called a secret session key, is produced by the authentication plug-in at the connection establishment phase. SRP meets this requirement just fine by producing a cryptographically strong session key.

The mapping rule consists of four pieces of information:

Mappings are defined using the following set of DDL statements:

The examples use the CREATE syntax. Usage of ALTER is exactly the same and the usage of DROP should be obvious.

Previous versions of Firebird have one hard-coded global default rule: users authenticated in the security database are always mapped into any database one-to-one. It is a safe rule: it makes no sense for a security database not to trust itself!

For backward compatibility this rule is retained in Firebird 3.

Generic mapping is used to set the rule defining the user name under which the user accesses a database when performing a request from a database using one security database to a database using a different one, or when server-wide authentication, such as Win_Sspi, is used. The rule comes into action whenever the Firebird engine is processing the authentication block associated with a request to connect to a database.

The simple rule to follow for using non-ASCII user names and passwords is that the character set and code page selected in the client for SQL input must match those in which the credentials are stored on the server and, obviously, the credentials must be supplied in the specified character set. On POSIX terminals and most GUI clients this condition is satisfied. However, there are three fairly common situations where problems could arise:

Examining these situations in more detail:

Alex Peshkov

The SQL set of DDL commands for managing user accounts has been enhanced in Firebird 3, thus improving the capability to manage (add, modify or delete) users in a security database from a regular database attachment.

<options_list> is a (possibly empty) list with the following options:

Each <tag> may have one of two forms:

or the DROP tagname tag form to remove a user-defined attribute entirely:

Alex Peshkov

See Tracker item CORE-1377.

The SQL:2008-compliant operator SET ROLE allows the CURRENT_ROLE context variable to be set to one that has been granted to the CURRENT_USER or to a user assigned to the database attachment as trusted (SET TRUSTED ROLE).

Alex Peshkov

Previously, the grantor or revoker of SQL privileges was always the current user. This change makes it so that a different grantor or revoker can be specified in GRANT and REVOKE commands.

The GRANTED BY clause form is recommended by the SQL standard. The alternative form using AS is supported by Informix and possibly some other servers and is included for better compatibility.

When a user is removed from the security database or another authentication source, this new command is useful for revoking its access to all objects in the database.

Dmitry Yemanov; Roman Simakov

In Firebird 3, the system tables are read-only. This SQL syntax provides the means to assign metadata write privileges to specified users or roles for specified objects. See Tracker item CORE-735.

Granting metadata privileges:

Revoking metadata privileges:

Special form for database access:

Dmitry Yemanov

CORE-2554: EXECUTE permission is now supported for UDFs (both legacy and PSQL based ones).

Alex Peshkov

A recursive stored procedure no longer requires the EXECUTE privilege to call itself. See Tracker item CORE-3242.

New SQL:2008 compliant USAGE permission is introduced to protect metadata objects other than tables, views, procedures and functions.

A fully-fledged BOOLEAN type is introduced in this release, along with a surfaced emulation of the SQL standard “identity” column.

Adriano dos Santos Fernandes

ALTER syntax is now available to change the nullability of a table column or a domain

Adriano dos Santos Fernandes; Dmitry Yemanov

More statement options have been added for modifying generators (sequences). Where previously in SQL the only option was ALTER SEQUENCE <sequence name> RESTART WITH <value>, now a full lexicon is provided and GENERATOR and SEQUENCE are synonyms for the full range of commands.

RESTART can now be used on its own to restart the sequence at its previous start or restart value. A new column RDB$INITIAL_VALUE is added to the system table RDB$GENERATORS to store that value.

A generator (sequence) can also be [re]created or altered to include an optional “step” clause to make the generator increment the series by two or more steps instead of the default 1. The clause is implemented as INCREMENT BY number and is stored in RDB$GENERATORS in RDB$GENERATOR_INCREMENT.

Adriano dos Santos Fernandes

The alteration does not change any existing data. The new default character set is used only in subsequent DDL commands and will assume the default collation of the new character set.

Adriano dos Santos Fernandes

A substring from a BLOB column can now be used to define a computed column.

Alex Peshkov

Sometimes it is desirable to have the Superserver engine keep the database open for a period after the last attachment is closed, i.e. to have it “linger” a while. It can help to improve performance at low cost, under conditions where the database is opened and closed frequently, by keeping resources “warm” for next time it is reopened.

Firebird 3.0 introduces an enhancement to ALTER DATABASE to manage this optional LINGER capability for databases running under Superserver.

To set linger for the database do:

Either of the following forms will clear the linger setting and return the database to the normal condition (no linger):

See also Tracker ticket CORE-4263 for some discussion of the development of this feature.

Alex Peshkov

The DROP SHADOW command has a new option to preserve the shadow file in the filesystem:

See Tracker ticket CORE-4955.

A number of new features and enhancements have been added to the DDL lexicon for managing users and their access to objects in databases. They are described in detail in Chapter 7, Security.

All aggregate functions may be used as window functions, adding the OVER clause.

Imagine a table EMPLOYEE with columns ID, NAME and SALARY, and the need to show each employee with his respective salary and the percentage of his salary over the payroll.

A normal query could achieve this, as follows:

The query is repetitive and lengthy to run, especially if EMPLOYEE happens to be a complex view.

The same query could be specified in a much faster and more elegant way using a window function:

Here, sum(salary) over () is computed with the sum of all SALARY from the query (the EMPLOYEE table).

Like aggregate functions, that may operate alone or in relation to a group, window functions may also operate on a group, which is called a “partition”.

Aggregation over a group could produce more than one row, so the result set generated by a partition is joined with the main query using the same expression list as the partition.

Continuing the EMPLOYEE example, instead of getting the portion of each employee’s salary over the all-employees total, we would like to get the portion based on just the employees in the same department:

The ORDER BY sub-clause can be used with or without partitions and, with the standard aggregate functions, make them return the partial aggregations as the records are being processed.

Then cumul_salary returns the partial/accumulated (or running) aggregation (of the SUM function). It may appear strange that 37.00 is repeated for the ids 1 and 5, but that is how it should work. The ORDER BY keys are grouped together and the aggregation is computed once (but summing the two 10.00). To avoid this, you can add the ID field to the end of the ORDER BY clause.

It’s possible to use multiple windows with different orders, and ORDER BY parts like ASC/DESC and NULLS FIRST/LAST.

With a partition, ORDER BY works the same way, but at each partition boundary the aggregation is reset.

All aggregation functions, other than LIST(), are usable with ORDER BY.

Beyond aggregate functions are the exclusive window functions, currently divided into ranking and navigational categories. Both sets can be used with or without partition and ordering, although the usage does not make much sense without ordering.

New syntax SET EXPLAIN [ON | OFF ] has been added to the isql utility to surface this option. For details, refer to SET EXPLAIN Extensions for Viewing Detailed Plans in the Utilities chapter.

Adriano dos Santos Fernandes

A substring search can now use a regular expression.

Discussion: Tracker CORE-2006

For more information about the use of SIMILAR expressions, refer to README.similar_to.txt in the /doc/ subdirectory of your Firebird installation.

Claudio Valderrama C.

The six inverse hyperbolic trigonometric functions have been implemented internally. They are:

Hajime Nakagami; Adriano dos Santos Fernandes

A suite of SQL-standard-compliant statistical functions has been implemented.

Adriano dos Santos Fernandes

In prior versions, TRIM(substring FROM string) allowed BLOBs for both arguments, but the first argument had to be smaller than 32 KB. Now both arguments can take BLOBs of up to 4 GB.

Adriano dos Santos Fernandes

The internal length of a string can, at some levels, be almost 64 KB. Tests demonstrated that it is safe to accept a string literal of up to that size for writing to a text BLOB. Accordingly,

See Tracker ticket CORE-4881.

Adriano dos Santos Fernandes

For the internal function DATEADD()

Adriano dos Santos Fernandes

It is now possible to use a character, or character pair, other than the doubled (escaped) apostrophe, to embed a quoted string inside another string. The keyword q or Q preceding a quoted string informs the parser that certain left-right pairs or pairs of identical characters within the string are the delimiters of the embedded string literal.

Mark Rotteveel

New SQL:2008 compliant OFFSET and FETCH clauses provide a standard equivalent for FIRST and SKIP, and an alternative for ROWS…​TO, when fetching sets from ordered output.

As with SKIP and FIRST, OFFSET and FETCH clauses can be applied independently, in both top-level and nested query expressions. They are available in PSQL and DSQL.

<simple_value_expr> is a (numeric) literal, a DSQL parameter (‘?’) or a PSQL named parameter (“:namedparameter”) that resolves to an integer data type.

Dmitry Yemanov

While mixing of implicit and explict join syntax is not recommended at all, the parser would allows them, nevertheless. Certain “mixes” actually cause the optimizer to produce unexpected results, including “No record for fetch” errors. The same edgy styles are prohibited by other SQL engines and now they are prohibited in Firebird.

To visit some discussion on the subject, see the Tracker ticket CORE-2812.

Adriano dos Santos Fernandes

The following style of subquery, with the parameter in the left side of a WHERE…​IN (SELECT…​) condition, would fail with the error “The data type of the parameter is unknown”.

This style is now accepted. For example:

Adriano dos Santos Fernandes

Two enhancements were added to the RETURNING clause:

Vlad Khorsun

Until this release, Firebird suffered from an infamous bug whereby a data modification operation could loop infinitely and, depending on the operation, delete all the rows in a table, continue updating the same rows ad infinitum or insert rows until the host machine ran out of resources. All DML statements were affected (INSERT, UPDATE, DELETE, MERGE). It occurred because the engine used an implicit cursor for the operations.

To ensure stability, rows to be inserted, updated or deleted had to be marked in some way in order to avoid multiple visits. Another workaround was to force the query to have a SORT in its plan, in order to materialize the cursor.

From Firebird 3, engine uses the Undo log to check whether a row was already inserted or modified by the current cursor.

Vlad Khorsun

Global temporary tables (GTTs) are now writable even in read-only transactions. The effect is as follows:

Also

Adriano dos Santos Fernandes

Strings in DML queries are now transformed or validated to avoid passing malformed strings to the engine internals, for example, to the MON$STATEMENTS.MON$SQL_TEXT column.

The solution adopted depends on the character set of the attachment:

The COUNT() aggregate function now returns its result as BIGINT instead of INTEGER.

Optimizations made for this release included:

Adriano dos Santos Fernandes

Selection of SQL_INT64, SQL_DATE and SQL_TIME in dialect 1 was enabled.

See Tracker CORE-3972

Dmitry Yemanov

Two enhancements were included in the Embedded SQL subset in this release: