Commit 6eb52da3 authored by Tom Lane's avatar Tom Lane

Fix handling of savepoint commands within multi-statement Query strings.

Issuing a savepoint-related command in a Query message that contains
multiple SQL statements led to a FATAL exit with a complaint about
"unexpected state STARTED".  This is a shortcoming of commit 4f896dac,
which attempted to prevent such misbehaviors in multi-statement strings;
its quick hack of marking the individual statements as "not top-level"
does the wrong thing in this case, and isn't a very accurate description
of the situation anyway.

To fix, let's introduce into xact.c an explicit model of what happens for
multi-statement Query strings.  This is an "implicit transaction block
in progress" state, which for many purposes works like the normal
TBLOCK_INPROGRESS state --- in particular, IsTransactionBlock returns true,
causing the desired result that PreventTransactionChain will throw error.
But in case of error abort it works like TBLOCK_STARTED, allowing the
transaction to be cancelled without need for an explicit ROLLBACK command.

Commit 4f896dac is reverted in toto, so that we go back to treating the
individual statements as "top level".  We could have left it as-is, but
this allows sharpening the error message for PreventTransactionChain
calls inside functions.

Except for getting a normal error instead of a FATAL exit for savepoint
commands, this patch should result in no user-visible behavioral change
(other than that one error message rewording).  There are some things
we might want to do in the line of changing the appearance or wording of
error and warning messages around this behavior, which would be much
simpler to do now that it's an explicitly modeled state.  But I haven't
done them here.

Although this fixes a long-standing bug, no backpatch.  The consequences
of the bug don't seem severe enough to justify the risk that this commit
itself creates some new issue.

Patch by me, but it owes something to previous investigation by
Takayuki Tsunakawa, who also reported the bug in the first place.
Also thanks to Michael Paquier for reviewing.

Discussion: https://postgr.es/m/0A3221C70F24FB45833433255569204D1F6BE40D@G01JPEXMBYT05
parent bfea9256
This diff is collapsed.
...@@ -883,10 +883,9 @@ exec_simple_query(const char *query_string) ...@@ -883,10 +883,9 @@ exec_simple_query(const char *query_string)
ListCell *parsetree_item; ListCell *parsetree_item;
bool save_log_statement_stats = log_statement_stats; bool save_log_statement_stats = log_statement_stats;
bool was_logged = false; bool was_logged = false;
bool isTopLevel; bool use_implicit_block;
char msec_str[32]; char msec_str[32];
/* /*
* Report query to various monitoring facilities. * Report query to various monitoring facilities.
*/ */
...@@ -947,13 +946,14 @@ exec_simple_query(const char *query_string) ...@@ -947,13 +946,14 @@ exec_simple_query(const char *query_string)
MemoryContextSwitchTo(oldcontext); MemoryContextSwitchTo(oldcontext);
/* /*
* We'll tell PortalRun it's a top-level command iff there's exactly one * For historical reasons, if multiple SQL statements are given in a
* raw parsetree. If more than one, it's effectively a transaction block * single "simple Query" message, we execute them as a single transaction,
* and we want PreventTransactionChain to reject unsafe commands. (Note: * unless explicit transaction control commands are included to make
* we're assuming that query rewrite cannot add commands that are * portions of the list be separate transactions. To represent this
* significant to PreventTransactionChain.) * behavior properly in the transaction machinery, we use an "implicit"
* transaction block.
*/ */
isTopLevel = (list_length(parsetree_list) == 1); use_implicit_block = (list_length(parsetree_list) > 1);
/* /*
* Run through the raw parsetree(s) and process each one. * Run through the raw parsetree(s) and process each one.
...@@ -1001,6 +1001,16 @@ exec_simple_query(const char *query_string) ...@@ -1001,6 +1001,16 @@ exec_simple_query(const char *query_string)
/* Make sure we are in a transaction command */ /* Make sure we are in a transaction command */
start_xact_command(); start_xact_command();
/*
* If using an implicit transaction block, and we're not already in a
* transaction block, start an implicit block to force this statement
* to be grouped together with any following ones. (We must do this
* each time through the loop; otherwise, a COMMIT/ROLLBACK in the
* list would cause later statements to not be grouped.)
*/
if (use_implicit_block)
BeginImplicitTransactionBlock();
/* If we got a cancel signal in parsing or prior command, quit */ /* If we got a cancel signal in parsing or prior command, quit */
CHECK_FOR_INTERRUPTS(); CHECK_FOR_INTERRUPTS();
...@@ -1098,7 +1108,7 @@ exec_simple_query(const char *query_string) ...@@ -1098,7 +1108,7 @@ exec_simple_query(const char *query_string)
*/ */
(void) PortalRun(portal, (void) PortalRun(portal,
FETCH_ALL, FETCH_ALL,
isTopLevel, true, /* always top level */
true, true,
receiver, receiver,
receiver, receiver,
...@@ -1108,15 +1118,7 @@ exec_simple_query(const char *query_string) ...@@ -1108,15 +1118,7 @@ exec_simple_query(const char *query_string)
PortalDrop(portal, false); PortalDrop(portal, false);
if (IsA(parsetree->stmt, TransactionStmt)) if (lnext(parsetree_item) == NULL)
{
/*
* If this was a transaction control statement, commit it. We will
* start a new xact command for the next command (if any).
*/
finish_xact_command();
}
else if (lnext(parsetree_item) == NULL)
{ {
/* /*
* If this is the last parsetree of the query string, close down * If this is the last parsetree of the query string, close down
...@@ -1124,9 +1126,18 @@ exec_simple_query(const char *query_string) ...@@ -1124,9 +1126,18 @@ exec_simple_query(const char *query_string)
* is so that any end-of-transaction errors are reported before * is so that any end-of-transaction errors are reported before
* the command-complete message is issued, to avoid confusing * the command-complete message is issued, to avoid confusing
* clients who will expect either a command-complete message or an * clients who will expect either a command-complete message or an
* error, not one and then the other. But for compatibility with * error, not one and then the other. Also, if we're using an
* historical Postgres behavior, we do not force a transaction * implicit transaction block, we must close that out first.
* boundary between queries appearing in a single query string. */
if (use_implicit_block)
EndImplicitTransactionBlock();
finish_xact_command();
}
else if (IsA(parsetree->stmt, TransactionStmt))
{
/*
* If this was a transaction control statement, commit it. We will
* start a new xact command for the next command.
*/ */
finish_xact_command(); finish_xact_command();
} }
...@@ -1149,7 +1160,9 @@ exec_simple_query(const char *query_string) ...@@ -1149,7 +1160,9 @@ exec_simple_query(const char *query_string)
} /* end loop over parsetrees */ } /* end loop over parsetrees */
/* /*
* Close down transaction statement, if one is open. * Close down transaction statement, if one is open. (This will only do
* something if the parsetree list was empty; otherwise the last loop
* iteration already did it.)
*/ */
finish_xact_command(); finish_xact_command();
......
...@@ -352,6 +352,8 @@ extern void BeginTransactionBlock(void); ...@@ -352,6 +352,8 @@ extern void BeginTransactionBlock(void);
extern bool EndTransactionBlock(void); extern bool EndTransactionBlock(void);
extern bool PrepareTransactionBlock(char *gid); extern bool PrepareTransactionBlock(char *gid);
extern void UserAbortTransactionBlock(void); extern void UserAbortTransactionBlock(void);
extern void BeginImplicitTransactionBlock(void);
extern void EndImplicitTransactionBlock(void);
extern void ReleaseSavepoint(List *options); extern void ReleaseSavepoint(List *options);
extern void DefineSavepoint(char *name); extern void DefineSavepoint(char *name);
extern void RollbackToSavepoint(List *options); extern void RollbackToSavepoint(List *options);
......
...@@ -659,6 +659,90 @@ ERROR: portal "ctt" cannot be run ...@@ -659,6 +659,90 @@ ERROR: portal "ctt" cannot be run
COMMIT; COMMIT;
DROP FUNCTION create_temp_tab(); DROP FUNCTION create_temp_tab();
DROP FUNCTION invert(x float8); DROP FUNCTION invert(x float8);
-- Test assorted behaviors around the implicit transaction block created
-- when multiple SQL commands are sent in a single Query message. These
-- tests rely on the fact that psql will not break SQL commands apart at a
-- backslash-quoted semicolon, but will send them as one Query.
create temp table i_table (f1 int);
-- psql will show only the last result in a multi-statement Query
SELECT 1\; SELECT 2\; SELECT 3;
?column?
----------
3
(1 row)
-- this implicitly commits:
insert into i_table values(1)\; select * from i_table;
f1
----
1
(1 row)
-- 1/0 error will cause rolling back the whole implicit transaction
insert into i_table values(2)\; select * from i_table\; select 1/0;
ERROR: division by zero
select * from i_table;
f1
----
1
(1 row)
rollback; -- we are not in a transaction at this point
WARNING: there is no transaction in progress
-- can use regular begin/commit/rollback within a single Query
begin\; insert into i_table values(3)\; commit;
rollback; -- we are not in a transaction at this point
WARNING: there is no transaction in progress
begin\; insert into i_table values(4)\; rollback;
rollback; -- we are not in a transaction at this point
WARNING: there is no transaction in progress
-- begin converts implicit transaction into a regular one that
-- can extend past the end of the Query
select 1\; begin\; insert into i_table values(5);
commit;
select 1\; begin\; insert into i_table values(6);
rollback;
-- commit in implicit-transaction state commits but issues a warning.
insert into i_table values(7)\; commit\; insert into i_table values(8)\; select 1/0;
WARNING: there is no transaction in progress
ERROR: division by zero
-- similarly, rollback aborts but issues a warning.
insert into i_table values(9)\; rollback\; select 2;
WARNING: there is no transaction in progress
?column?
----------
2
(1 row)
select * from i_table;
f1
----
1
3
5
7
(4 rows)
rollback; -- we are not in a transaction at this point
WARNING: there is no transaction in progress
-- implicit transaction block is still a transaction block, for e.g. VACUUM
SELECT 1\; VACUUM;
ERROR: VACUUM cannot run inside a transaction block
SELECT 1\; COMMIT\; VACUUM;
WARNING: there is no transaction in progress
ERROR: VACUUM cannot run inside a transaction block
-- we disallow savepoint-related commands in implicit-transaction state
SELECT 1\; SAVEPOINT sp;
ERROR: SAVEPOINT can only be used in transaction blocks
SELECT 1\; COMMIT\; SAVEPOINT sp;
WARNING: there is no transaction in progress
ERROR: SAVEPOINT can only be used in transaction blocks
ROLLBACK TO SAVEPOINT sp\; SELECT 2;
ERROR: ROLLBACK TO SAVEPOINT can only be used in transaction blocks
SELECT 2\; RELEASE SAVEPOINT sp\; SELECT 3;
ERROR: RELEASE SAVEPOINT can only be used in transaction blocks
-- but this is OK, because the BEGIN converts it to a regular xact
SELECT 1\; BEGIN\; SAVEPOINT sp\; ROLLBACK TO SAVEPOINT sp\; COMMIT;
-- Test for successful cleanup of an aborted transaction at session exit. -- Test for successful cleanup of an aborted transaction at session exit.
-- THIS MUST BE THE LAST TEST IN THIS FILE. -- THIS MUST BE THE LAST TEST IN THIS FILE.
begin; begin;
......
...@@ -419,6 +419,60 @@ DROP FUNCTION create_temp_tab(); ...@@ -419,6 +419,60 @@ DROP FUNCTION create_temp_tab();
DROP FUNCTION invert(x float8); DROP FUNCTION invert(x float8);
-- Test assorted behaviors around the implicit transaction block created
-- when multiple SQL commands are sent in a single Query message. These
-- tests rely on the fact that psql will not break SQL commands apart at a
-- backslash-quoted semicolon, but will send them as one Query.
create temp table i_table (f1 int);
-- psql will show only the last result in a multi-statement Query
SELECT 1\; SELECT 2\; SELECT 3;
-- this implicitly commits:
insert into i_table values(1)\; select * from i_table;
-- 1/0 error will cause rolling back the whole implicit transaction
insert into i_table values(2)\; select * from i_table\; select 1/0;
select * from i_table;
rollback; -- we are not in a transaction at this point
-- can use regular begin/commit/rollback within a single Query
begin\; insert into i_table values(3)\; commit;
rollback; -- we are not in a transaction at this point
begin\; insert into i_table values(4)\; rollback;
rollback; -- we are not in a transaction at this point
-- begin converts implicit transaction into a regular one that
-- can extend past the end of the Query
select 1\; begin\; insert into i_table values(5);
commit;
select 1\; begin\; insert into i_table values(6);
rollback;
-- commit in implicit-transaction state commits but issues a warning.
insert into i_table values(7)\; commit\; insert into i_table values(8)\; select 1/0;
-- similarly, rollback aborts but issues a warning.
insert into i_table values(9)\; rollback\; select 2;
select * from i_table;
rollback; -- we are not in a transaction at this point
-- implicit transaction block is still a transaction block, for e.g. VACUUM
SELECT 1\; VACUUM;
SELECT 1\; COMMIT\; VACUUM;
-- we disallow savepoint-related commands in implicit-transaction state
SELECT 1\; SAVEPOINT sp;
SELECT 1\; COMMIT\; SAVEPOINT sp;
ROLLBACK TO SAVEPOINT sp\; SELECT 2;
SELECT 2\; RELEASE SAVEPOINT sp\; SELECT 3;
-- but this is OK, because the BEGIN converts it to a regular xact
SELECT 1\; BEGIN\; SAVEPOINT sp\; ROLLBACK TO SAVEPOINT sp\; COMMIT;
-- Test for successful cleanup of an aborted transaction at session exit. -- Test for successful cleanup of an aborted transaction at session exit.
-- THIS MUST BE THE LAST TEST IN THIS FILE. -- THIS MUST BE THE LAST TEST IN THIS FILE.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment