1. 12 Nov, 2012 1 commit
    • Tom Lane's avatar
      Check for stack overflow in transformSetOperationTree(). · 34f3b396
      Tom Lane authored
      Since transformSetOperationTree() recurses, it can be driven to stack
      overflow with enough UNION/INTERSECT/EXCEPT clauses in a query.  Add a
      check to ensure it fails cleanly instead of crashing.  Per report from
      Matthew Gerber (though it's not clear whether this is the only thing
      going wrong for him).
      
      Historical note: I think the reasoning behind not putting a check here in
      the beginning was that the check in transformExpr() ought to be sufficient
      to guard the whole parser.  However, because transformSetOperationTree()
      recurses all the way to the bottom of the set-operation tree before doing
      any analysis of the statement's expressions, that check doesn't save it.
      34f3b396
  2. 09 Nov, 2012 3 commits
    • Alvaro Herrera's avatar
      Remove leftover LWLockRelease() call · fa12cb7f
      Alvaro Herrera authored
      This code was refactored in d5497b95 but an extra LWLockRelease call was
      left behind.
      
      Per report from Erik Rijkers
      fa12cb7f
    • Peter Eisentraut's avatar
      XSLT stylesheet: Add slash to directory name · 732740e7
      Peter Eisentraut authored
      Some versions of the XSLT stylesheets don't handle the missing slash
      correctly (they concatenate directory and file name without the slash).
      This might never have worked correctly.
      732740e7
    • Tom Lane's avatar
      Fix WaitLatch() to return promptly when the requested timeout expires. · 3e7fdcff
      Tom Lane authored
      If the sleep is interrupted by a signal, we must recompute the remaining
      time to wait; otherwise, a steady stream of non-wait-terminating interrupts
      could delay return from WaitLatch indefinitely.  This has been shown to be
      a problem for the autovacuum launcher, and there may well be other places
      now or in the future with similar issues.  So we'd better make the function
      robust, even though this'll add at least one gettimeofday call per wait.
      
      Back-patch to 9.2.  We might eventually need to fix 9.1 as well, but the
      code is quite different there, and the usage of WaitLatch in 9.1 is so
      limited that it's not clearly important to do so.
      
      Reported and diagnosed by Jeff Janes, though I rewrote his patch rather
      heavily.
      3e7fdcff
  3. 08 Nov, 2012 3 commits
    • Tom Lane's avatar
      Rename ResolveNew() to ReplaceVarsFromTargetList(), and tweak its API. · dcc55dd2
      Tom Lane authored
      This function currently lacks the option to throw error if the provided
      targetlist doesn't have any matching entry for a Var to be replaced.
      Two of the four existing call sites would be better off with an error,
      as would the usage in the pending auto-updatable-views patch, so it seems
      past time to extend the API to support that.  To do so, replace the "event"
      parameter (historically of type CmdType, though it was declared plain int)
      with a special-purpose enum type.
      
      It's unclear whether this function might be called by third-party code.
      Since many C compilers wouldn't warn about a call site continuing to use
      the old calling convention, rename the function to forcibly break any
      such code that hasn't been updated.  The old name was none too well chosen
      anyhow.
      dcc55dd2
    • Tom Lane's avatar
      Don't trash input list structure in does_not_exist_skipping(). · 75af5ae9
      Tom Lane authored
      The trigger and rule cases need to split up the input name list, but
      they mustn't corrupt the passed-in data structure, since it could be part
      of a cached utility-statement parsetree.  Per bug #7641.
      75af5ae9
    • Heikki Linnakangas's avatar
      Teach pg_basebackup and pg_receivexlog to reply to server keepalives. · a9dad564
      Heikki Linnakangas authored
      Without this, the connection will be killed after timeout if
      wal_sender_timeout is set in the server.
      
      Original patch by Amit Kapila, modified by me to fit recent changes in the
      code.
      a9dad564
  4. 07 Nov, 2012 5 commits
  5. 06 Nov, 2012 1 commit
  6. 05 Nov, 2012 1 commit
    • Tom Lane's avatar
      Fix handling of inherited check constraints in ALTER COLUMN TYPE. · 5ed6546c
      Tom Lane authored
      This case got broken in 8.4 by the addition of an error check that
      complains if ALTER TABLE ONLY is used on a table that has children.
      We do use ONLY for this situation, but it's okay because the necessary
      recursion occurs at a higher level.  So we need to have a separate
      flag to suppress recursion without making the error check.
      
      Reported and patched by Pavan Deolasee, with some editorial adjustments by
      me.  Back-patch to 8.4, since this is a regression of functionality that
      worked in earlier branches.
      5ed6546c
  7. 02 Nov, 2012 1 commit
  8. 01 Nov, 2012 3 commits
    • Tom Lane's avatar
      Fix bogus handling of $(X) (i.e., ".exe") in isolationtester Makefile. · ef28e05a
      Tom Lane authored
      I'm not sure why commit 1eb1dde0 seems
      to have made this start to fail on Cygwin when it never did before ---
      but nonetheless, the coding was pretty bogus, and unlike the way we
      handle $(X) anywhere else.  Per buildfarm.
      ef28e05a
    • Tom Lane's avatar
      Limit the number of rel sets considered in consider_index_join_outer_rels. · 19e36477
      Tom Lane authored
      In bug #7626, Brian Dunavant exposes a performance problem created by
      commit 3b8968f2: that commit attempted to
      consider *all* possible combinations of indexable join clauses, but if said
      clauses join to enough different relations, there's an exponential increase
      in the number of outer-relation sets considered.
      
      In Brian's example, all the clauses come from the same equivalence class,
      which means it's redundant to use more than one of them in an indexscan
      anyway.  So we can prevent the problem in this class of cases (which is
      probably the majority of real examples) by rejecting combinations that
      would only serve to add a known-redundant clause.
      
      But that still leaves us exposed to exponential growth of planning time
      when the query has a lot of non-equivalence join clauses that are usable
      with the same index.  I chose to prevent such cases by setting an upper
      limit on the number of relation sets considered, equal to ten times the
      number of index clauses considered so far.  (This sliding limit still
      allows new relsets to be added on as we move to additional index columns,
      which is probably more important than considering even more combinations of
      clauses for the previous column.)  This should keep the amount of work done
      roughly linear rather than exponential in the apparent query complexity.
      This part of the fix is pretty ad-hoc; but without a clearer idea of
      real-world cases for which this would result in markedly inferior plans,
      it's hard to see how to do better.
      19e36477
    • Peter Eisentraut's avatar
      Have make never delete intermediate files automatically · 1eb1dde0
      Peter Eisentraut authored
      Several hacks in certain modes already thought this was a bad idea, so
      just disable it globally.
      1eb1dde0
  9. 31 Oct, 2012 4 commits
    • Alvaro Herrera's avatar
      2f1692d2
    • Tom Lane's avatar
      Document that TCP keepalive settings read as 0 on Unix-socket connections. · e774b764
      Tom Lane authored
      Per bug #7631 from Rob Johnson.  The code is operating as designed, but the
      docs didn't explain it.
      e774b764
    • Alvaro Herrera's avatar
      Fix erroneous choices of segNo variables · 9b8dd7e8
      Alvaro Herrera authored
      Commit dfda6eba (which changed segment numbers to use a single 64 bit
      variable instead of log/seg) introduced a couple of bogus choices of
      exactly which log segment number variable to use in each case.
      
      This is currently pretty harmless; in one place, the bogus number was
      only being used in an error message for a pretty unlikely condition
      (failure to fsync a WAL segment file).  In the other, it was using a
      global variable instead of the local variable; but all callsites were
      passing the value of the global variable anyway.
      
      No need to backpatch because that commit is not on earlier branches.
      9b8dd7e8
    • Alvaro Herrera's avatar
      Fix ALTER EXTENSION / SET SCHEMA · 04f28bdb
      Alvaro Herrera authored
      In its original conception, it was leaving some objects into the old
      schema, but without their proper pg_depend entries; this meant that the
      old schema could be dropped, causing future pg_dump calls to fail on the
      affected database.  This was originally reported by Jeff Frost as #6704;
      there have been other complaints elsewhere that can probably be traced
      to this bug.
      
      To fix, be more consistent about altering a table's subsidiary objects
      along the table itself; this requires some restructuring in how tables
      are relocated when altering an extension -- hence the new
      AlterTableNamespaceInternal routine which encapsulates it for both the
      ALTER TABLE and the ALTER EXTENSION cases.
      
      There was another bug lurking here, which was unmasked after fixing the
      previous one: certain objects would be reached twice via the dependency
      graph, and the second attempt to move them would cause the entire
      operation to fail.  Per discussion, it seems the best fix for this is to
      do more careful tracking of objects already moved: we now maintain a
      list of moved objects, to avoid attempting to do it twice for the same
      object.
      
      Authors: Alvaro Herrera, Dimitri Fontaine
      Reviewed by Tom Lane
      04f28bdb
  10. 28 Oct, 2012 1 commit
    • Peter Eisentraut's avatar
      Preserve intermediate .c files in coverage mode · 4af3dda1
      Peter Eisentraut authored
      The introduction of the .y -> .c pattern rule causes some .c files such
      as bootparse.c to be considered intermediate files in the .y -> .c -> .o
      rule chain, which make would automatically delete.  But in coverage
      mode, the processing tools such as genhtml need those files, so mark
      them as "precious" so that make preserves them.
      4af3dda1
  11. 26 Oct, 2012 3 commits
    • Kevin Grittner's avatar
      Throw error if expiring tuple is again updated or deleted. · 6868ed74
      Kevin Grittner authored
      This prevents surprising behavior when a FOR EACH ROW trigger
      BEFORE UPDATE or BEFORE DELETE directly or indirectly updates or
      deletes the the old row.  Prior to this patch the requested action
      on the row could be silently ignored while all triggered actions
      based on the occurence of the requested action could be committed.
      One example of how this could happen is if the BEFORE DELETE
      trigger for a "parent" row deleted "children" which had trigger
      functions to update summary or status data on the parent.
      
      This also prevents similar surprising problems if the query has a
      volatile function which updates a target row while it is already
      being updated.
      
      There are related issues present in FOR UPDATE cursors and READ
      COMMITTED queries which are not handled by this patch.  These
      issues need further evalution to determine what change, if any, is
      needed.
      
      Where the new error messages are generated, in most cases the best
      fix will be to move code from the BEFORE trigger to an AFTER
      trigger.  Where this is not feasible, the trigger can avoid the
      error by re-issuing the triggering statement and returning NULL.
      
      Documentation changes will be submitted in a separate patch.
      
      Kevin Grittner and Tom Lane with input from Florian Pflug and
      Robert Haas, based on problems encountered during conversion of
      Wisconsin Circuit Court trigger logic to plpgsql triggers.
      6868ed74
    • Tom Lane's avatar
      Prefer actual constants to pseudo-constants in equivalence class machinery. · 17804fa7
      Tom Lane authored
      generate_base_implied_equalities_const() should prefer plain Consts over
      other em_is_const eclass members when choosing the "pivot" value that
      all the other members will be equated to.  This makes it more likely that
      the generated equalities will be useful in constraint-exclusion proofs.
      Per report from Rushabh Lathia.
      17804fa7
    • Tom Lane's avatar
      In pg_dump, dump SEQUENCE SET items in the data not pre-data section. · 5a39114f
      Tom Lane authored
      Represent a sequence's current value as a separate TableDataInfo dumpable
      object, so that it can be dumped within the data section of the archive
      rather than in pre-data.  This fixes an undesirable inconsistency between
      the meanings of "--data-only" and "--section=data", and also fixes dumping
      of sequences that are marked as extension configuration tables, as per a
      report from Marko Kreen back in July.  The main cost is that we do one more
      SQL query per sequence, but that's probably not very meaningful in most
      databases.
      
      Back-patch to 9.1, since it has the extension configuration issue even
      though not the --section switch.
      5a39114f
  12. 24 Oct, 2012 2 commits
    • Tom Lane's avatar
      Tweak genericcostestimate's fudge factor for index size. · bf01e34b
      Tom Lane authored
      To provide some bias against using a large index when a small one would do
      as well, genericcostestimate adds a "fudge factor", which for a long time
      was random_page_cost * index_pages/10000.  However, this can grow to be the
      dominant term in indexscan cost estimates when the index involved is large
      enough, a behavior that was never intended.  Change to a ln(1 + n/10000)
      formulation, which has nearly the same behavior up to a few hundred pages
      but tails off significantly thereafter.  (A log curve seems correct on
      first principles, since what we're trying to account for here is index
      descent costs, which are typically logarithmic.)  Per bug #7619 from Niko
      Kiirala.
      
      Possibly this change should get back-patched, but I'm hesitant to mess with
      cost estimates in stable branches.
      bf01e34b
    • Tom Lane's avatar
      When converting a table to a view, remove its system columns. · a4e8680a
      Tom Lane authored
      Views should not have any pg_attribute entries for system columns.
      However, we forgot to remove such entries when converting a table to a
      view.  This could lead to crashes later on, if someone attempted to
      reference such a column, as reported by Kohei KaiGai.
      
      Patch in HEAD only.  This bug has been there forever, but in the back
      branches we will have to defend against existing mis-converted views,
      so it doesn't seem worthwhile to change the conversion code too.
      a4e8680a
  13. 23 Oct, 2012 1 commit
    • Alvaro Herrera's avatar
      Add context info to OAT_POST_CREATE security hook · f4c4335a
      Alvaro Herrera authored
      ... and have sepgsql use it to determine whether to check permissions
      during certain operations.  Indexes that are being created as a result
      of REINDEX, for instance, do not need to have their permissions checked;
      they were already checked when the index was created.
      
      Author: KaiGai Kohei, slightly revised by me
      f4c4335a
  14. 21 Oct, 2012 1 commit
    • Kevin Grittner's avatar
      Correct predicate locking for DROP INDEX CONCURRENTLY. · 4c9d0901
      Kevin Grittner authored
      For the non-concurrent case there is an AccessExclusiveLock lock
      on both the index and the heap at a time during which no other
      process is using either, before which the index is maintained and
      used for scans, and after which the index is no longer used or
      maintained.  Predicate locks can safely be moved from the index to
      the related heap relation under the protection of these locks.
      This was done prior to the introductin of DROP INDEX CONCURRENTLY
      and continues to be done for non-concurrent index drops.
      
      For concurrent index drops, the predicate locks must be moved when
      there are no index scans in progress on that index and no more can
      subsequently start, and before heap inserts stop maintaining the
      index.  As long as these conditions are guaranteed when the
      TransferPredicateLocksToHeapRelation() function is called,
      stronger locks are not needed for correctness.
      
      Kevin Grittner based on questions by Tom Lane in reviewing the
      DROP INDEX CONCURRENTLY patch and in cooperation with Andres
      Freund and Simon Riggs.
      4c9d0901
  15. 20 Oct, 2012 2 commits
    • Tom Lane's avatar
      Fix pg_dump's handling of DROP DATABASE commands in --clean mode. · edef20f6
      Tom Lane authored
      In commit 4317e024, I accidentally broke
      this behavior while rearranging code to ensure that --create wouldn't
      affect whether a DATABASE entry gets put into archive-format output.
      Thus, 9.2 would issue a DROP DATABASE command in --clean mode, which is
      either useless or dangerous depending on the usage scenario.
      It should not do that, and no longer does.
      
      A bright spot is that this refactoring makes it easy to allow the
      combination of --clean and --create to work sensibly, ie, emit DROP
      DATABASE then CREATE DATABASE before reconnecting.  Ordinarily we'd
      consider that a feature addition and not back-patch it, but it seems
      silly to not include the extra couple of lines required in the 9.2
      version of the code.
      
      Per report from Guillaume Lelarge, though this is slightly more extensive
      than his proposed patch.
      edef20f6
    • Tom Lane's avatar
      Prevent overflow in pgbench's percent-done display. · ca0b960e
      Tom Lane authored
      Per Thom Brown.
      ca0b960e
  16. 19 Oct, 2012 4 commits
    • Tom Lane's avatar
      Fix UtilityContainsQuery() to handle CREATE TABLE AS EXECUTE correctly. · 5d1abe64
      Tom Lane authored
      The code seems to have been written to handle the pre-parse-analysis
      representation, where an ExecuteStmt would appear directly under
      CreateTableAsStmt.  But in reality the function is only run on
      already-parse-analyzed statements, so there will be a Query node in
      between.  We'd not noticed the bug because the function is generally
      not used at all except in extended query protocol.
      
      Per report from Robert Haas and Rushabh Lathia.
      5d1abe64
    • Tom Lane's avatar
      Fix hash_search to avoid corruption of the hash table on out-of-memory. · 4e32f8cd
      Tom Lane authored
      An out-of-memory error during expand_table() on a palloc-based hash table
      would leave a partially-initialized entry in the table.  This would not be
      harmful for transient hash tables, since they'd get thrown away anyway at
      transaction abort.  But for long-lived hash tables, such as the relcache
      hash, this would effectively corrupt the table, leading to crash or other
      misbehavior later.
      
      To fix, rearrange the order of operations so that table enlargement is
      attempted before we insert a new entry, rather than after adding it
      to the hash table.
      
      Problem discovered by Hitoshi Harada, though this is a bit different
      from his proposed patch.
      4e32f8cd
    • Tom Lane's avatar
      Fix ruleutils to print "INSERT INTO foo DEFAULT VALUES" correctly. · 0d689505
      Tom Lane authored
      Per bug #7615 from Marko Tiikkaja.  Apparently nobody ever tried this
      case before ...
      0d689505
    • Simon Riggs's avatar
      Fix orphan on cancel of drop index concurrently. · da857275
      Simon Riggs authored
      Canceling DROP INDEX CONCURRENTLY during
      wait could allow an orphaned index to be
      left behind which could not be dropped.
      
      Backpatch to 9.2
      
      Andres Freund, tested by Abhijit Menon-Sen
      da857275
  17. 18 Oct, 2012 4 commits