Tom Lane [Mon, 25 Apr 2011 20:22:17 +0000 (16:22 -0400)]
Fix pg_size_pretty() to avoid overflow for inputs close to INT64_MAX.
The expression that tried to round the value to the nearest TB could
overflow, leading to bogus output as reported in bug #5993 from Nicola
Cossu. This isn't likely to ever happen in the intended usage of the
function (if it could, we'd be needing to use a wider datatype instead);
but it's not hard to give the expected output, so let's do so.
Robert Haas [Thu, 21 Apr 2011 02:23:58 +0000 (22:23 -0400)]
Fix use of incorrect constant RemoveRoleFromObjectACL.
This could cause failures when DROP OWNED BY attempt to remove default
privileges on sequences. Back-patching to 9.0.
Shigeru Hanada
Tom Lane [Thu, 21 Apr 2011 00:34:16 +0000 (20:34 -0400)]
Fix bugs in indexing of in-doubt HOT-updated tuples.
If we find a DELETE_IN_PROGRESS HOT-updated tuple, it is impossible to know
whether to index it or not except by waiting to see if the deleting
transaction commits. If it doesn't, the tuple might again be LIVE, meaning
we have to index it. So wait and recheck in that case.
Also, we must not rely on ii_BrokenHotChain to decide that it's possible to
omit tuples from the index. That could result in omitting tuples that we
need, particularly in view of yesterday's fixes to not necessarily set
indcheckxmin (but it's broken even without that, as per my analysis today).
Since this is just an extremely marginal performance optimization, dropping
the test shouldn't hurt.
These cases are only expected to happen in system catalogs (they're
possible there due to early release of RowExclusiveLock in most
catalog-update code paths). Since reindexing of a system catalog isn't a
particularly performance-critical operation anyway, there's no real need to
be concerned about possible performance degradation from these changes.
The worst aspects of this bug were introduced in 9.0 --- 8.x will always
wait out a DELETE_IN_PROGRESS tuple. But I think dropping index entries
on the strength of ii_BrokenHotChain is dangerous even without that, so
back-patch removal of that optimization to 8.3 and 8.4.
Tom Lane [Wed, 20 Apr 2011 23:01:25 +0000 (19:01 -0400)]
Set indcheckxmin true when REINDEX fixes an invalid or not-ready index.
Per comment from Greg Stark, it's less clear that HOT chains don't conflict
with the index than it would be for a valid index. So, let's preserve the
former behavior that indcheckxmin does get set when there are
potentially-broken HOT chains in this case. This change does not cause any
pg_index update that wouldn't have happened anyway, so we're not
re-introducing the previous bug with pg_index updates, and surely the case
is not significant from a performance standpoint; so let's be as
conservative as possible.
Heikki Linnakangas [Wed, 20 Apr 2011 06:49:44 +0000 (09:49 +0300)]
Quotes in strings injected into bki file need to escaped. In particular,
"People's Republic of China" locale on Windows was causing initdb to fail.
This fixes bug #5818 reported by yulei. On master, this makes the mapping
of "People's Republic of China" to just "China" obsolete. In 9.0 and 8.4,
just fix the escaping. Earlier versions didn't have locale names in bki
file.
Tom Lane [Tue, 19 Apr 2011 22:51:03 +0000 (18:51 -0400)]
Avoid changing an index's indcheckxmin horizon during REINDEX.
There can never be a need to push the indcheckxmin horizon forward, since
any HOT chains that are actually broken with respect to the index must
pre-date its original creation. So we can just avoid changing pg_index
altogether during a REINDEX operation.
This offers a cleaner solution than my previous patch for the problem
found a few days ago that we mustn't try to update pg_index while we are
reindexing it. System catalog indexes will always be created with
indcheckxmin = false during initdb, and with this modified code we should
never try to change their pg_index entries. This avoids special-casing
system catalogs as the former patch did, and should provide a performance
benefit for many cases where REINDEX formerly caused an index to be
considered unusable for a short time.
Back-patch to 8.3 to cover all versions containing HOT. Note that this
patch changes the API for index_build(), but I believe it is unlikely that
any add-on code is calling that directly.
Tom Lane [Tue, 19 Apr 2011 20:57:57 +0000 (16:57 -0400)]
Revert "Prevent incorrect updates of pg_index while reindexing pg_index itself."
This reverts commit
a03e3e1fd1d4ecfeb1096aeb7854b717061a75d9 of 2011-04-15.
There's a better way to do it, which will follow shortly.
Heikki Linnakangas [Tue, 19 Apr 2011 11:54:48 +0000 (14:54 +0300)]
Silence compiler warning about unused variable on Windows.
Tom Lane [Sat, 16 Apr 2011 00:19:03 +0000 (20:19 -0400)]
Prevent incorrect updates of pg_index while reindexing pg_index itself.
The places that attempt to change pg_index.indcheckxmin during a reindexing
operation cannot be executed safely if pg_index itself is the subject of
the operation. This is the explanation for a couple of recent reports of
VACUUM FULL failing with
ERROR: duplicate key value violates unique constraint "pg_index_indexrelid_index"
DETAIL: Key (indexrelid)=(2678) already exists.
However, there isn't any real need to update indcheckxmin in such a
situation, if we assume that pg_index can never contain a truly broken HOT
chain. This assumption holds if new indexes are never created on it during
concurrent operations, which is something we don't consider safe for any
system catalog, not just pg_index. Accordingly, modify the code to not
manipulate indcheckxmin when reindexing any system catalog.
Back-patch to 8.3, where HOT was introduced. The known failure scenarios
involve 9.0-style VACUUM FULL, so there might not be any real risk before
9.0, but let's not assume that.
Magnus Hagander [Fri, 15 Apr 2011 13:27:02 +0000 (15:27 +0200)]
Note that Bison on GnuWin32 has trouble with paths with spaces
Peter Eisentraut
Magnus Hagander [Fri, 15 Apr 2011 13:00:42 +0000 (15:00 +0200)]
Specify which versions of the Platform SDK are supported
Anything including Visual Studio 2010 compilers is not yet
supported for building on Windows.
Marc G. Fournier [Fri, 15 Apr 2011 03:15:53 +0000 (00:15 -0300)]
Tag 9.0.4.
Peter Eisentraut [Thu, 14 Apr 2011 19:52:18 +0000 (22:52 +0300)]
Translation updates
Tom Lane [Thu, 14 Apr 2011 19:51:41 +0000 (15:51 -0400)]
Update release notes for releases 9.0.4, 8.4.8, 8.3.15, and 8.2.21.
Tom Lane [Wed, 13 Apr 2011 22:56:47 +0000 (18:56 -0400)]
Ensure mark_dummy_rel doesn't create dangling pointers in RelOptInfos.
When we are doing GEQO join planning, the current memory context is a
short-lived context that will be reset at the end of geqo_eval(). However,
the RelOptInfos for base relations are set up before that and then re-used
across many GEQO cycles. Hence, any code that modifies a baserel during
join planning has to be careful not to put pointers to the short-lived
context into the baserel struct. mark_dummy_rel got this wrong, leading to
easy-to-reproduce-once-you-know-how crashes in 8.4, as reported off-list by
Leo Carson of SDSC. Some improvements made in 9.0 make it difficult to
demonstrate the crash in 9.0 or HEAD; but there's no doubt that there's
still a risk factor here, so patch all branches that have the function.
(Note: 8.3 has a similar function, but it's only applied to joinrels and
thus is not a hazard.)
Tom Lane [Wed, 13 Apr 2011 22:03:23 +0000 (18:03 -0400)]
Update time zone data files to tzdata release 2011f.
DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, Turkey.
Historical corrections for South Australia, Alaska, Hawaii.
Heikki Linnakangas [Wed, 13 Apr 2011 19:20:31 +0000 (22:20 +0300)]
On HP/UX, the structs used by ioctl(SIOCGLIFCONF) are named differently
than on other platforms, and only IPv6 addresses are returned. Because of
those two issues, fall back to ioctl(SIOCGIFCONF) on HP/UX, so that it at
least compiles and finds IPv4 addresses. This function is currently only
used for interpreting samehost/samenet in pg_hba.conf, which isn't that
critical.
Heikki Linnakangas [Wed, 13 Apr 2011 18:33:59 +0000 (21:33 +0300)]
Revert the patch to check if we've reached end-of-backup also when doing
crash recovery, and throw an error if not. hubert depesz lubaczewski pointed
out that that situation also happens in the crash recovery following a
system crash that happens during an online backup.
We might want to do something smarter in 9.1, like put the check back for
backups taken with pg_basebackup, but that's for another patch.
Bruce Momjian [Wed, 13 Apr 2011 15:33:55 +0000 (11:33 -0400)]
Fix pg_upgrade crash
Fix pg_upgrade crash in 9.0 caused by a new cluster database that
doesn't exist in the old cluster; instead throw an error. This was
reported to me by EnterpriseDB testing staff. This bug does not exist
in git head.
Heikki Linnakangas [Wed, 13 Apr 2011 08:43:22 +0000 (11:43 +0300)]
On IA64 architecture, we check the depth of the register stack in addition
to the regular stack. The code to do that is platform and compiler specific,
add support for the HP-UX native compiler.
Andrew Dunstan [Sun, 10 Apr 2011 18:51:26 +0000 (14:51 -0400)]
Don't make "replication" magical as a user name, only as a database name, in pg_hba.conf.
Per gripe from Josh Berkus. Backported from commit
ed557a373c406bbb2a1843544ebbd856ca4cac47.
Tom Lane [Tue, 12 Apr 2011 05:59:42 +0000 (01:59 -0400)]
Be more wary of missing statistics in eqjoinsel_semi().
In particular, if we don't have real ndistinct estimates for both sides,
fall back to assuming that half of the left-hand rows have join partners.
This is what was done in 8.2 and 8.3 (cf nulltestsel() in those versions).
It's pretty stupid but it won't lead us to think that an antijoin produces
no rows out, as seen in recent example from Uwe Schroeder.
Andrew Dunstan [Sun, 10 Apr 2011 21:03:44 +0000 (17:03 -0400)]
Adjust regression tests on cube and ECPG for MinGW 64 bit compiler.
Backport to 9.0, we're not supporting this compiler on earlier releases.
Andrew Dunstan [Sat, 9 Apr 2011 21:59:27 +0000 (17:59 -0400)]
Backport changes to allow building with MinGW 64 bit compiler.
These changes have been in HEAD for some time with no ill effect. They
are only being backported to 9.0, as the required WINNT version was not
high enough before that.
Bruce Momjian [Fri, 8 Apr 2011 15:59:14 +0000 (11:59 -0400)]
Have pg_upgrade properly preserve relfrozenxid in toast tables.
This fixes a pg_upgrade bug that could lead to query errors when clog
files are improperly removed.
Andrew Dunstan [Fri, 8 Apr 2011 02:16:56 +0000 (22:16 -0400)]
Avoid use of mixed slash style paths in arguments to xcopy in MSVC builds.
Some versions of xcopy, notably on Windows 7 don't like it. Backpatch
to 8.3, where we first used xcopy.
Tom Lane [Thu, 7 Apr 2011 19:14:44 +0000 (15:14 -0400)]
Modernize dlopen interface code for FreeBSD and OpenBSD.
Remove the hard-wired assumption that __mips__ (and only __mips__) lacks
dlopen in FreeBSD and OpenBSD. This assumption is outdated at least for
OpenBSD, as per report from an anonymous 9.1 tester. We can perfectly well
use HAVE_DLOPEN instead to decide which code to use.
Some other cosmetic adjustments to make freebsd.c, netbsd.c, and openbsd.c
exactly alike.
Tom Lane [Thu, 7 Apr 2011 15:40:28 +0000 (11:40 -0400)]
Fix SortTocFromFile() to cope with lines that are too long for its buffer.
The original coding supposed that a dump TOC file could never contain lines
longer than 1K. The folly of that was exposed by a recent report from
Per-Olov Esgard. We only really need to see the first dozen or two bytes
of each line, since we're just trying to read off the numeric ID at the
start of the line; so there's no need for a particularly huge buffer.
What there is a need for is logic to not process continuation bufferloads.
Back-patch to all supported branches, since it's always been like this.
Tom Lane [Sat, 2 Apr 2011 22:05:46 +0000 (18:05 -0400)]
Fix typo in PQconnectStartParams().
This would lead to leaking the PGconn structure after an error detected by
conninfo_array_parse(), as well as failing to return a useful error message
in such cases. Backpatch to 9.0 where the error was introduced.
Joseph Adams
Magnus Hagander [Fri, 1 Apr 2011 17:58:36 +0000 (19:58 +0200)]
Avoid palloc before CurrentMemoryContext is set up on win32
Instead, write the unconverted output - it will be in the wrong
encoding, but at least we don't crash.
Rushabh Lathia
Heikki Linnakangas [Wed, 30 Mar 2011 07:36:58 +0000 (10:36 +0300)]
Check that we've reached end-of-backup also when we're not performing
archive recovery.
It's possible to restore an online backup without recovery.conf, by simply
copying all the necessary WAL files to pg_xlog. "pg_basebackup -x" does that
too. That's the use case where this cross-check is useful.
Backpatch to 9.0. We used to do this in earlier versins, but in 9.0 the code
was inadvertently changed so that the check is only performed after archive
recovery.
Fujii Masao.
Tom Lane [Mon, 28 Mar 2011 19:45:02 +0000 (15:45 -0400)]
Prevent a rowtype from being included in itself.
Eventually we might be able to allow that, but it's not clear how many
places need to be fixed to prevent infinite recursion when there's a direct
or indirect inclusion of a rowtype in itself. One such place is
CheckAttributeType(), which will recurse to stack overflow in cases such as
those exhibited in bug #5950 from Alex Perepelica. If we were sure it was
the only such place, we could easily modify the code added by this patch to
stop the recursion without a complaint ... but it probably isn't the only
such place. Hence, throw error until such time as someone is excited
enough about this type of usage to put work into making it safe.
Back-patch as far as 8.3. 8.2 doesn't have the recursive call in
CheckAttributeType in the first place, so I see no need to add code there
in the absence of clear evidence of a problem elsewhere.
Robert Haas [Mon, 28 Mar 2011 01:28:15 +0000 (21:28 -0400)]
Correct "characters" to "bytes" in createdb docs.
Susanne Ebrecht
Tom Lane [Wed, 23 Mar 2011 20:57:29 +0000 (16:57 -0400)]
Improve user-defined-aggregates documentation.
On closer inspection, that two-element initcond value seems to have been
a little white lie to avoid explaining the full behavior of float8_accum.
But if people are going to expect the examples to be exactly correct,
I suppose we'd better explain. Per comment from Thom Brown.
Tom Lane [Wed, 23 Mar 2011 16:33:14 +0000 (12:33 -0400)]
Fix ancient typo in user-defined-aggregates documentation.
The description of the initcond value for the built-in avg(float8)
aggregate has been wrong since it was written. Noted by Disc Magnet.
Simon Riggs [Wed, 23 Mar 2011 13:32:37 +0000 (13:32 +0000)]
Prevent intermittent hang in recovery from bgwriter interaction.
Startup process waited for cleanup lock but when hot_standby = off
the pid was not registered, so that the bgwriter would not wake
the waiting process as intended.
Tom Lane [Tue, 22 Mar 2011 17:01:04 +0000 (13:01 -0400)]
Avoid potential deadlock in InitCatCachePhase2().
Opening a catcache's index could require reading from that cache's own
catalog, which of course would acquire AccessShareLock on the catalog.
So the original coding here risks locking index before heap, which could
deadlock against another backend trying to get exclusive locks in the
normal order. Because InitCatCachePhase2 is only called when a backend
has to start up without a relcache init file, the deadlock was seldom seen
in the field. (And by the same token, there's no need to worry about any
performance disadvantage; so not much point in trying to distinguish
exactly which catalogs have the risk.)
Bug report, diagnosis, and patch by Nikhil Sontakke. Additional commentary
by me. Back-patch to all supported branches.
Alvaro Herrera [Thu, 17 Mar 2011 15:28:46 +0000 (12:28 -0300)]
Fix PL/Python memory leak involving array slices
Report and patch from Daniel Popowich, bug #5842
(with some debugging help from Alex Hunsaker)
Andrew Dunstan [Thu, 17 Mar 2011 04:11:01 +0000 (00:11 -0400)]
Use correct PATH separator for Cygwin in pg_regress.c.
This has been broken for years, and I'm not sure why it has not been
noticed before, but now a very modern Cygwin breaks on it, and the fix
is clearly correct. Backpatching to all live branches.
Tom Lane [Sat, 12 Mar 2011 00:04:05 +0000 (19:04 -0500)]
On further reflection, we'd better do the same in int.c.
We previously heard of the same problem in int24div(), so there's not a
good reason to suppose the problem is confined to cases involving int8.
Tom Lane [Fri, 11 Mar 2011 23:18:59 +0000 (18:18 -0500)]
Put in some more safeguards against executing a division-by-zero.
Add dummy returns before every potential division-by-zero in int8.c,
because apparently further "improvements" in gcc's optimizer have
enabled it to break functions that weren't broken before.
Aurelien Jarno, via Martin Pitt
Heikki Linnakangas [Fri, 11 Mar 2011 13:44:40 +0000 (15:44 +0200)]
In ecpg preprocessor, don't try to look up constants in the test for
variable hiding. A constant is not a variable. It worked in most cases by
accident, because we add constants to the global list of variables (why?),
but float constants like 1.23 were interpreted as struct field references,
and not found.
Backpatch to 9.0, where the test for variable hiding was added.
Heikki Linnakangas [Tue, 8 Mar 2011 18:13:52 +0000 (20:13 +0200)]
Don't throw a warning if vacuum sees PD_ALL_VISIBLE flag set on a page that
contains newly-inserted tuples that according to our OldestXmin are not
yet visible to everyone. The value returned by GetOldestXmin() is conservative,
and it can move backwards on repeated calls, so if we see that contradiction
between the PD_ALL_VISIBLE flag and status of tuples on the page, we have to
assume it's because an earlier vacuum calculated a higher OldestXmin value,
and all the tuples really are visible to everyone.
We have received several reports of this bug, with the "PD_ALL_VISIBLE flag
was incorrectly set in relation ..." warning appearing in logs. We were
finally able to hunt it down with David Gould's help to run extra diagnostics
in an environment where this happened frequently.
Also reword the warning, per Robert Haas' suggestion, to not imply that the
PD_ALL_VISIBLE flag is necessarily at fault, as it might also be a symptom
of corruption on a tuple header.
Backpatch to 8.4, where the PD_ALL_VISIBLE flag was introduced.
Tom Lane [Fri, 4 Mar 2011 16:38:45 +0000 (11:38 -0500)]
In initialize_SSL, don't fail unnecessarily when home dir is unavailable.
Instead, just act as though the certificate file(s) are not present.
There is only one case where this need be a hard failure condition: when
sslmode is verify-ca or verify-full, not having a root cert file is an
error. Change the logic so that we complain only in that case, and
otherwise fall through cleanly. This is how it used to behave pre-9.0,
but my patch
4ed4b6c54e5fab24ab2624d80e26f7546edc88ad of 2010-05-26 broke
the case. Per report from Christian Kastner.
Tom Lane [Wed, 2 Mar 2011 16:17:07 +0000 (11:17 -0500)]
Correct mistaken claims about EXPLAIN ANALYZE's handling of triggers.
Time spent executing AFTER triggers is not included in the runtime of the
associated ModifyTable node; in my patch of yesterday I confused queuing of
these triggers with their actual execution. Spotted by Marko Tiikkaja.
Tom Lane [Tue, 1 Mar 2011 16:36:09 +0000 (11:36 -0500)]
Update discussion of EXPLAIN to reflect existence of ModifyTable nodes.
Back-patch to 9.0, since this was changed then.
Tom Lane [Tue, 22 Feb 2011 02:18:13 +0000 (21:18 -0500)]
Fix dangling-pointer problem in before-row update trigger processing.
ExecUpdate checked for whether ExecBRUpdateTriggers had returned a new
tuple value by seeing if the returned tuple was pointer-equal to the old
one. But the "old one" was in estate->es_junkFilter's result slot, which
would be scribbled on if we had done an EvalPlanQual update in response to
a concurrent update of the target tuple; therefore we were comparing a
dangling pointer to a live one. Given the right set of circumstances we
could get a false match, resulting in not forcing the tuple to be stored in
the slot we thought it was stored in. In the case reported by Maxim Boguk
in bug #5798, this led to "cannot extract system attribute from virtual
tuple" failures when trying to do "RETURNING ctid". I believe there is a
very-low-probability chance of more serious errors, such as generating
incorrect index entries based on the original rather than the
trigger-modified version of the row.
In HEAD, change all of ExecBRInsertTriggers, ExecIRInsertTriggers,
ExecBRUpdateTriggers, and ExecIRUpdateTriggers so that they continue to
have similar APIs. In the back branches I just changed
ExecBRUpdateTriggers, since there is no bug in the ExecBRInsertTriggers
case.
Tom Lane [Fri, 18 Feb 2011 18:11:50 +0000 (13:11 -0500)]
Fix parallel pg_restore to handle comments on POST_DATA items correctly.
The previous coding would try to process all SECTION_NONE items in the
initial sequential-restore pass, which failed if they were dependencies of
not-yet-restored items. Fix by postponing such items into the parallel
processing pass once we have skipped any non-PRE_DATA item.
Back-patch into 9.0; the original parallel-restore coding in 8.4 did not
have this bug, so no need to change it.
Report and diagnosis by Arnd Hannemann.
Tom Lane [Fri, 18 Feb 2011 00:00:54 +0000 (19:00 -0500)]
Fix tsmatchsel() to account properly for null rows.
ts_typanalyze.c computes MCE statistics as fractions of the non-null rows,
which seems fairly reasonable, and anyway changing it in released versions
wouldn't be a good idea. But then ts_selfuncs.c has to account for that.
Failure to do so results in overestimates in columns with a significant
fraction of null documents. Back-patch to 8.4 where this stuff was
introduced.
Jesper Krogh
Tom Lane [Thu, 17 Feb 2011 00:24:50 +0000 (19:24 -0500)]
Fix bogus test for hypothetical indexes in get_actual_variable_range().
That function was supposing that indexoid == 0 for a hypothetical index,
but that is not likely to be true in any non-toy implementation of an index
adviser, since assigning a fake OID is the only way to know at EXPLAIN time
which hypothetical index got selected. Fix by adding a flag to
IndexOptInfo to mark hypothetical indexes. Back-patch to 9.0 where
get_actual_variable_range() was added.
Gurjeet Singh
Tom Lane [Tue, 15 Feb 2011 20:49:59 +0000 (15:49 -0500)]
Add CheckTableNotInUse calls in DROP TABLE and DROP INDEX.
Recent releases had a check on rel->rd_refcnt in heap_drop_with_catalog,
but failed to cover the possibility of pending trigger events at DROP time.
(Before 8.4 we didn't even check the refcnt.) When the trigger events were
eventually fired, you'd get "could not open relation with OID nnn" errors,
as in recent report from strk. Better to throw a suitable error when the
DROP is attempted.
Also add a similar check in DROP INDEX.
Back-patch to all supported branches.
Bruce Momjian [Sun, 13 Feb 2011 14:29:01 +0000 (09:29 -0500)]
Clarify documentation for libpq's PQescapeBytea to mention the new hex
format.
Modify PQescapeStringConn() docs to be consisent with other escaping
functions.
Add mention problems with pre-9.0 versions of libpq using not understanding
bytea hex format to the 9.0 release notes.
Backpatch to 9.0 docs.
Tom Lane [Thu, 10 Feb 2011 04:27:16 +0000 (23:27 -0500)]
Fix improper matching of resjunk column names for FOR UPDATE in subselect.
Flattening of subquery range tables during setrefs.c could lead to the
rangetable indexes in PlanRowMark nodes not matching up with the column
names previously assigned to the corresponding resjunk ctid (resp. tableoid
or wholerow) columns. Typical symptom would be either a "cannot extract
system attribute from virtual tuple" error or an Assert failure. This
wasn't a problem before 9.0 because we didn't support FOR UPDATE below the
top query level, and so the final flattening could never renumber an RTE
that was relevant to FOR UPDATE. Fix by using a plan-tree-wide unique
number for each PlanRowMark to label the associated resjunk columns, so
that the number need not change during flattening.
Per report from David Johnston (though I'm darned if I can see how this got
past initial testing of the relevant code). Back-patch to 9.0.
Magnus Hagander [Thu, 3 Feb 2011 10:24:47 +0000 (11:24 +0100)]
Fix typo.
Thom Brown
Magnus Hagander [Tue, 1 Feb 2011 12:19:18 +0000 (13:19 +0100)]
Undefine setlocale() macro on Win32
New versions of libintl redefine setlocale() to a macro
which causes problems when the backend and libintl are
linked against different versions of the runtime, which
is often the case in msvc builds.
Hiroshi Inoue, slightly updated comment by me
Simon Riggs [Tue, 1 Feb 2011 08:49:58 +0000 (08:49 +0000)]
Create new errcode for recovery conflict caused by db drop on
Previously reported as ERRCODE_ADMIN_SHUTDOWN, this case is now
reported as ERRCODE_DATABASE_DROPPED. No message text change.
Unlikely to happen on most servers, so low impact change to allow
session poolers to correctly handle this situation.
Tatsuo Ishii and Simon Riggs
Itagaki Takahiro [Tue, 1 Feb 2011 06:21:32 +0000 (15:21 +0900)]
Fix wrong error reports in 'number of array dimensions exceeds the
maximum allowed' messages, that have reported one-less dimensions.
Alexey Klyukin
Simon Riggs [Mon, 31 Jan 2011 19:24:29 +0000 (19:24 +0000)]
Fix error code for canceling statement due to conflict with recovery.
All retryable conflict errors now have an error code that indicates that
a retry is possible, correcting my incomplete fix of 2010/05/12
Tatsuo Ishii and Simon Riggs, input from Robert Haas and Florian Pflug
Tom Lane [Sun, 30 Jan 2011 22:04:31 +0000 (17:04 -0500)]
Make reduce_outer_joins() smarter about semijoins.
reduce_outer_joins() mistakenly treated a semijoin like a left join for
purposes of deciding whether not-null constraints created by the join's
quals could be passed down into the join's left-hand side (possibly
resulting in outer-join simplification there). Actually, semijoin works
like inner join for this purpose, ie, we do not need to see any rows that
can't possibly satisfy the quals. Hence, two-line fix to treat semi and
inner joins alike. Per observation by Andres Freund about a performance
gripe from Yazan Suleiman.
Back-patch to 8.4, since this oversight has been there since the current
handling of semijoins was implemented.
Marc G. Fournier [Fri, 28 Jan 2011 02:21:31 +0000 (22:21 -0400)]
Tag 9.0.3
Tom Lane [Thu, 27 Jan 2011 22:45:42 +0000 (17:45 -0500)]
Update release notes.
Security: CVE-2010-4015
Tom Lane [Thu, 27 Jan 2011 22:41:46 +0000 (17:41 -0500)]
Prevent buffer overrun while parsing an integer in a "query_int" value.
contrib/intarray's gettoken() uses a fixed-size buffer to collect an
integer's digits, and did not guard against overrunning the buffer.
This is at least a backend crash risk, and in principle might allow
arbitrary code execution. The code didn't check for overflow of the
integer value either, which while not presenting a crash risk was still
bad.
Thanks to Apple Inc's security team for reporting this issue and supplying
the fix.
Security: CVE-2010-4015
Tom Lane [Thu, 27 Jan 2011 21:27:27 +0000 (16:27 -0500)]
Don't include <asm/ia64regs.h> unnecessarily.
We only need that header when compiling with icc, since the gcc variant of
ia64_get_bsp() uses in-line assembly code. Per report from Frank Brendel,
the header doesn't exist on all IA64 platforms; so don't include it unless
we need it.
Peter Eisentraut [Thu, 27 Jan 2011 19:25:25 +0000 (21:25 +0200)]
Translation updates for release 9.0.3
Tom Lane [Thu, 27 Jan 2011 21:09:51 +0000 (16:09 -0500)]
Update release notes for releases 9.0.3, 8.4.7, 8.3.14, and 8.2.20.
Robert Haas [Tue, 25 Jan 2011 23:50:35 +0000 (18:50 -0500)]
Correct ALTER TYPE -> SET DATA TYPE in ALTER TABLE documentation.
The latter is the correct name of the operation to change the data type
of a column.
Noah Misch
Robert Haas [Fri, 21 Jan 2011 03:44:10 +0000 (22:44 -0500)]
Make ALTER TABLE revalidate uniqueness and exclusion constraints.
Failure to do so can lead to constraint violations. This was broken by
commit
1ddc2703a936d03953657f43345460b9242bbed1 on 2010-02-07, so
back-patch to 9.0.
Noah Misch. Regression test by me.
Robert Haas [Thu, 20 Jan 2011 02:21:33 +0000 (21:21 -0500)]
Document that WITH queries are also called Common Table Expressions.
Peter Geoghegan, reviewed by Stephen Frost
Tom Lane [Mon, 17 Jan 2011 17:38:52 +0000 (12:38 -0500)]
Fix miscalculation of itemsafter in array_set_slice().
If the slice to be assigned to was before the existing array lower bound
(requiring at least one null element to spring into existence to fill the
gap), the code miscalculated how many entries needed to be copied from
the old array's null bitmap. This could result in trashing the array's
data area (as seen in bug #5840 from Karsten Loesing), or worse.
This has been broken since we first allowed the behavior of assigning to
non-adjacent slices, in 8.2. Back-patch to all affected versions.
Alvaro Herrera [Mon, 17 Jan 2011 16:01:04 +0000 (13:01 -0300)]
Increment Py_None refcount for NULL array elements
Per bug #5835 by Julien Demoor
Author: Alex Hunsaker
Heikki Linnakangas [Mon, 17 Jan 2011 10:22:24 +0000 (12:22 +0200)]
Before exiting walreceiver, fsync() all the WAL received.
Otherwise WAL recovery will replay the un-flushed WAL after walreceiver has
exited, which can lead to a non-recoverable standby if the system crashes hard
at that point.
Heikki Linnakangas [Thu, 13 Jan 2011 15:51:28 +0000 (17:51 +0200)]
Fix the logic in libpqrcv_receive() to determine if there's any incoming data
that can be read without blocking. It used to conclude that there isn't, even
though there was data in the socket receive buffer. That lead walreceiver to
flush the WAL after every received chunk, potentially causing big performance
issues.
Backpatch to 9.0, because the performance impact can be very significant.
Tom Lane [Thu, 13 Jan 2011 01:47:09 +0000 (20:47 -0500)]
Fix PlanRowMark/ExecRowMark structures to handle inheritance correctly.
In an inherited UPDATE/DELETE, each target table has its own subplan,
because it might have a column set different from other targets. This
means that the resjunk columns we add to support EvalPlanQual might be
at different physical column numbers in each subplan. The EvalPlanQual
rewrite I did for 9.0 failed to account for this, resulting in possible
misbehavior or even crashes during concurrent updates to the same row,
as seen in a recent report from Gordon Shannon. Revise the data structure
so that we track resjunk column numbers separately for each subplan.
I also chose to move responsibility for identifying the physical column
numbers back to executor startup, instead of assuming that numbers derived
during preprocess_targetlist would stay valid throughout subsequent
massaging of the plan. That's a bit slower, so we might want to consider
undoing it someday; but it would complicate the patch considerably and
didn't seem justifiable in a bug fix that has to be back-patched to 9.0.
Magnus Hagander [Tue, 11 Jan 2011 09:45:16 +0000 (10:45 +0100)]
Typo fix
Josh Kupershmidt
Magnus Hagander [Sun, 9 Jan 2011 16:01:15 +0000 (17:01 +0100)]
Ensure the directory for gram.h is created on win32
Result of bad testing of my last commit.
Magnus Hagander [Sun, 9 Jan 2011 14:31:48 +0000 (15:31 +0100)]
Properly install gram.h on MSVC builds
This file is now needed by pgAdmin builds, which started
failing since it was missing in the installer builds.
Michael Meskes [Sat, 8 Jan 2011 17:35:37 +0000 (18:35 +0100)]
In ecpg's parser removed a fixed length limit for constants defining an array dimension.
Robert Haas [Sat, 8 Jan 2011 11:12:05 +0000 (06:12 -0500)]
Remove bogus claims regarding createuser defaults.
Josh Kupershmidt
Bruce Momjian [Thu, 6 Jan 2011 02:32:13 +0000 (21:32 -0500)]
Update documentation to say that \lo_import sets :LASTOID, not
lo_insert.
Bruce Momjian [Wed, 5 Jan 2011 04:35:52 +0000 (23:35 -0500)]
In pg_upgrade, copy pg_largeobject_metadata and its index for 9.0+
servers because, like pg_largeobject, it is a system table whose
contents are not dumped by pg_dump --schema-only.
Bruce Momjian [Wed, 5 Jan 2011 02:33:37 +0000 (21:33 -0500)]
In pg_upgrade, fix backward logging display of link operations.
Tom Lane [Wed, 29 Dec 2010 18:43:58 +0000 (13:43 -0500)]
Improve pg_upgrade's checks for required executables.
Don't insist on pg_dumpall and psql being present in the old cluster,
since they are not needed. Do insist on pg_resetxlog being present
(in both old and new), since we need it. Also check for pg_config,
but only in the new cluster. Remove the useless attempt to call
pg_config in the old cluster; we don't need to know the old value of
--pkglibdir. (In the case of a stripped-down migration installation
there might be nothing there to look at anyway, so any future change
that might reintroduce that need would have to be considered carefully.)
Per my attempts to build a minimal previous-version installation to support
pg_upgrade.
Tom Lane [Wed, 29 Dec 2010 03:49:57 +0000 (22:49 -0500)]
Avoid unexpected conversion overflow in planner for distant date values.
The "date" type supports a wider range of dates than int64 timestamps do.
However, there is pre-int64-timestamp code in the planner that assumes that
all date values can be converted to timestamp with impunity. Fortunately,
what we really need out of the conversion is always a double (float8)
value; so even when the date is out of timestamp's range it's possible to
produce a sane answer. All we need is a code path that doesn't try to
force the result into int64. Per trouble report from David Rericha.
Back-patch to all supported versions. Although this is surely a corner
case, there's not much point in advertising a date range wider than
timestamp's if we will choke on such values in unexpected places.
Robert Haas [Sat, 25 Dec 2010 03:21:50 +0000 (22:21 -0500)]
Correct spelling: longjump() -> longjmp().
Peter Eisentraut [Fri, 24 Dec 2010 20:08:15 +0000 (22:08 +0200)]
Fix grammar
Andrew Dunstan [Fri, 24 Dec 2010 18:31:48 +0000 (13:31 -0500)]
Allow vpath builds and regression tests to succeed on Mingw. Backpatch to release 8.4 - earlier releases would require more changes and it's not worth the trouble.
Bruce Momjian [Fri, 24 Dec 2010 16:32:52 +0000 (11:32 -0500)]
Backpatch to 9.0 a doc mention that a BBU does not prevent partial page
writes.
Tom Lane [Sun, 19 Dec 2010 20:30:44 +0000 (15:30 -0500)]
Fix up handling of simple-form CASE with constant test expression.
eval_const_expressions() can replace CaseTestExprs with constants when
the surrounding CASE's test expression is a constant. This confuses
ruleutils.c's heuristic for deparsing simple-form CASEs, leading to
Assert failures or "unexpected CASE WHEN clause" errors. I had put in
a hack solution for that years ago (see commit
514ce7a331c5bea8e55b106d624e55732a002295 of 2006-10-01), but bug #5794
from Peter Speck shows that that solution failed to cover all cases.
Fortunately, there's a much better way, which came to me upon reflecting
that Peter's "CASE TRUE WHEN" seemed pretty redundant: we can "simplify"
the simple-form CASE to the general form of CASE, by simply omitting the
constant test expression from the rebuilt CASE construct. This is
intuitively valid because there is no need for the executor to evaluate
the test expression at runtime; it will never be referenced, because any
CaseTestExprs that would have referenced it are now replaced by constants.
This won't save a whole lot of cycles, since evaluating a Const is pretty
cheap, but a cycle saved is a cycle earned. In any case it beats kluging
ruleutils.c still further. So this patch improves const-simplification
and reverts the previous change in ruleutils.c.
Back-patch to all supported branches. The bug exists in 8.1 too, but it's
out of warranty.
Tom Lane [Sun, 19 Dec 2010 17:48:41 +0000 (12:48 -0500)]
Fix erroneous parsing of tsquery input "... & !(subexpression) | ..."
After parsing a parenthesized subexpression, we must pop all pending
ANDs and NOTs off the stack, just like the case for a simple operand.
Per bug #5793.
Also fix clones of this routine in contrib/intarray and contrib/ltree,
where input of types query_int and ltxtquery had the same problem.
Back-patch to all supported versions.
Magnus Hagander [Sat, 18 Dec 2010 15:30:00 +0000 (16:30 +0100)]
Document unavailable parameters in some configurations
Add a note to user-facing parameters that can be removed completely
(and not just empty) by #ifdef's depending on build configuration.
Tom Lane [Thu, 16 Dec 2010 21:22:12 +0000 (16:22 -0500)]
Remove optreset from src/port/ implementations of getopt and getopt_long.
We don't actually need optreset, because we can easily fix the code to
ensure that it's cleanly restartable after having completed a scan over the
argv array; which is the only case we need to restart in. Getting rid of
it avoids a class of interactions with the system libraries and allows
reversion of my change of yesterday in postmaster.c and postgres.c.
Back-patch to 8.4. Before that the getopt code was a bit different anyway.
Tom Lane [Thu, 16 Dec 2010 04:50:49 +0000 (23:50 -0500)]
Fix up getopt() reset management so it works on recent mingw.
The mingw people don't appear to care about compatibility with non-GNU
versions of getopt, so force use of our own copy of getopt on Windows.
Also, ensure that we make use of optreset when using our own copy.
Per report from Andrew Dunstan. Back-patch to all versions supported
on Windows.
Tom Lane [Thu, 16 Dec 2010 02:22:38 +0000 (21:22 -0500)]
Fix contrib/seg's GiST picksplit method.
Fix the same size_alpha versus size_beta typo that was recently fixed
in contrib/cube. Noted by Alexander Korotkov.
Back-patch to all supported branches (there is a more invasive fix in
HEAD).
Marc G. Fournier [Tue, 14 Dec 2010 02:55:50 +0000 (22:55 -0400)]
Tag 9.0.2.
Tom Lane [Tue, 14 Dec 2010 01:21:55 +0000 (20:21 -0500)]
Update release notes for releases 9.0.2, 8.4.6, 8.3.13, 8.2.19, and 8.1.23.
Peter Eisentraut [Mon, 13 Dec 2010 21:20:00 +0000 (23:20 +0200)]
Translation updates for release 9.0.2
Tom Lane [Mon, 13 Dec 2010 17:41:57 +0000 (12:41 -0500)]
Update time zone data files to tzdata release 2010o: DST law changes in
Fiji and Samoa. Historical corrections for Hong Kong.
Tom Lane [Fri, 10 Dec 2010 16:33:38 +0000 (11:33 -0500)]
Fix efficiency problems in tuplestore_trim().
The original coding in tuplestore_trim() was only meant to work efficiently
in cases where each trim call deleted most of the tuples in the store.
Which, in fact, was the pattern of the original usage with a Material node
supporting mark/restore operations underneath a MergeJoin. However,
WindowAgg now uses tuplestores and it has considerably less friendly
trimming behavior. In particular it can attempt to trim one tuple at a
time off a large tuplestore. tuplestore_trim() had O(N^2) runtime in this
situation because of repeatedly shifting its tuple pointer array. Fix by
avoiding shifting the array until a reasonably large number of tuples have
been deleted. This can waste some pointer space, but we do still reclaim
the tuples themselves, so the percentage wastage should be pretty small.
Per Jie Li's report of slow percent_rank() evaluation. cume_dist() and
ntile() would certainly be affected as well, along with any other window
function that has a moving frame start and requires reading substantially
ahead of the current row.
Back-patch to 8.4, where window functions were introduced. There's no
need to tweak it before that.
Simon Riggs [Fri, 10 Dec 2010 06:59:33 +0000 (06:59 +0000)]
Reduce spurious Hot Standby conflicts from never-visible records.
Hot Standby conflicts only with tuples that were visible at
some point. So ignore tuples from aborted transactions or for
tuples updated/deleted during the inserting transaction when
generating the conflict transaction ids.
Following detailed analysis and test case by Noah Misch.
Original report covered btree delete records, correctly observed
by Heikki Linnakangas that this applies to other cases also.
Fix covers all sources of cleanup records via common code.
Includes additional fix compared to commit on HEAD
Tom Lane [Thu, 9 Dec 2010 18:03:11 +0000 (13:03 -0500)]
Eliminate O(N^2) behavior in parallel restore with many blobs.
With hundreds of thousands of TOC entries, the repeated searches in
reduce_dependencies() become the dominant cost. Get rid of that searching
by constructing reverse-dependency lists, which we can do in O(N) time
during the fix_dependencies() preprocessing. I chose to store the reverse
dependencies as DumpId arrays for consistency with the forward-dependency
representation, and keep the previously-transient tocsByDumpId[] array
around to locate actual TOC entry structs quickly from dump IDs.
While this fixes the slow case reported by Vlad Arkhipov, there is still
a potential for O(N^2) behavior with sufficiently many tables:
fix_dependencies itself, as well as mark_create_done and
inhibit_data_for_failed_table, are doing repeated searches to deal with
table-to-table-data dependencies. Possibly this work could be extended
to deal with that, although the latter two functions are also used in
non-parallel restore where we currently don't run fix_dependencies.
Another TODO is that we fail to parallelize restore of multiple blobs
at all. This appears to require changes in the archive format to fix.
Back-patch to 9.0 where the problem was reported. 8.4 has potential issues
as well; but since it doesn't create a separate TOC entry for each blob,
it's at much less risk of having enough TOC entries to cause real problems.