1. 15 May, 2019 3 commits
    • Tom Lane's avatar
      Remove no-longer-used typedef. · 8a0f0ad5
      Tom Lane authored
      struct ClonedConstraint is no longer needed, so delete it.
      
      Discussion: https://postgr.es/m/18102.1557947143@sss.pgh.pa.us
      8a0f0ad5
    • Peter Geoghegan's avatar
      Reverse order of newitem nbtree candidate splits. · 7505da2f
      Peter Geoghegan authored
      Commit fab25024, which taught nbtree to choose candidate split points
      more carefully, had _bt_findsplitloc() record all possible split points
      in an initial pass over a page that is about to be split.  The order
      that candidate split points were processed and stored in was assumed to
      match the offset number order of split points on an imaginary version of
      the page that contains the same items as the original, but also fits
      newitem (the item that provoked the split precisely because it didn't
      fit).
      
      However, the order of split points in the final array was not quite what
      was expected: the split point that makes newitem the firstright item
      came after the split point that makes newitem the lastleft item -- not
      before.  As a result, _bt_findsplitloc() could get confused about the
      leftmost and rightmost tuples among all possible split points recorded
      for the page.  This seems to have no appreciable impact on the quality
      of the final split point chosen by _bt_findsplitloc(), but it's still
      wrong.
      
      To fix, switch the order in which newitem candidate splits are recorded
      in.  This also makes it possible to describe candidate split points in
      terms of which pair of adjoining tuples enclose the split point within
      _bt_findsplitloc(), making it clearer why it's generally safe for
      _bt_split() to expect lastleft and firstright tuples.
      7505da2f
    • Bruce Momjian's avatar
      docs: properly indent PG 12 release notes · a429164e
      Bruce Momjian authored
      a429164e
  2. 14 May, 2019 20 commits
  3. 13 May, 2019 12 commits
  4. 12 May, 2019 3 commits
    • Tom Lane's avatar
      Fix misoptimization of "{1,1}" quantifiers in regular expressions. · 8a29ed05
      Tom Lane authored
      A bounded quantifier with m = n = 1 might be thought a no-op.  But
      according to our documentation (which traces back to Henry Spencer's
      original man page) it still imposes greediness, or non-greediness in the
      case of the non-greedy variant "{1,1}?", on whatever it's attached to.
      
      This turns out not to work though, because parseqatom() optimizes away
      the m = n = 1 case without regard for whether it's supposed to change
      the greediness of the argument RE.
      
      We can fix this by just not applying the optimization when the greediness
      needs to change; the subsequent general cases handle it fine.
      
      The three cases in which we can still apply the optimization are
      (a) no quantifier, or quantifier does not impose a preference;
      (b) atom has no greediness property, implying it cannot match a
      variable amount of text anyway; or
      (c) quantifier's greediness is same as atom's.
      Note that in most cases where one of these applies, we'd have exited
      earlier in the "not a messy case" fast path.  I think it's now only
      possible to get to the optimization when the atom involves capturing
      parentheses or a non-top-level backref.
      
      Back-patch to all supported branches.  I'd ordinarily be hesitant to
      put a subtle behavioral change into back branches, but in this case
      it's very hard to see a reason why somebody would write "{1,1}?" unless
      they're trying to get the documented change-of-greediness behavior.
      
      Discussion: https://postgr.es/m/5bb27a41-350d-37bf-901e-9d26f5592dd0@charter.net
      8a29ed05
    • Noah Misch's avatar
      Fail pgwin32_message_to_UTF16() for SQL_ASCII messages. · d02768dd
      Noah Misch authored
      The function had been interpreting SQL_ASCII messages as UTF8, throwing
      an error when they were invalid UTF8.  The new behavior is consistent
      with pg_do_encoding_conversion().  This affects LOG_DESTINATION_STDERR
      and LOG_DESTINATION_EVENTLOG, which will send untranslated bytes to
      write() and ReportEventA().  On buildfarm member bowerbird, enabling
      log_connections caused an error whenever the role name was not valid
      UTF8.  Back-patch to 9.4 (all supported versions).
      
      Discussion: https://postgr.es/m/20190512015615.GD1124997@rfd.leadboat.com
      d02768dd
    • Tom Lane's avatar
      Rearrange pgstat_bestart() to avoid failures within its critical section. · 85ccb689
      Tom Lane authored
      We long ago decided to design the shared PgBackendStatus data structure to
      minimize the cost of writing status updates, which means that writers just
      have to increment the st_changecount field twice.  That isn't hooked into
      any sort of resource management mechanism, which means that if something
      were to throw error between the two increments, the st_changecount field
      would be left odd indefinitely.  That would cause readers to lock up.
      Now, since it's also a bad idea to leave the field odd for longer than
      absolutely necessary (because readers will spin while we have it set),
      the expectation was that we'd treat these segments like spinlock critical
      sections, with only short, more or less straight-line, code in them.
      
      That was fine as originally designed, but commit 9029f4b3 broke it
      by inserting a significant amount of non-straight-line code into
      pgstat_bestart(), code that is very capable of throwing errors, not to
      mention taking a significant amount of time during which readers will spin.
      We have a report from Neeraj Kumar of readers actually locking up, which
      I suspect was due to an encoding conversion error in X509_NAME_to_cstring,
      though conceivably it was just a garden-variety OOM failure.
      
      Subsequent commits have loaded even more dubious code into pgstat_bestart's
      critical section (and commit fc70a4b0 deserves some kind of booby prize
      for managing to miss the critical section entirely, although the negative
      consequences seem minimal given that the PgBackendStatus entry should be
      seen by readers as inactive at that point).
      
      The right way to fix this mess seems to be to compute all these values
      into a local copy of the process' PgBackendStatus struct, and then just
      copy the data back within the critical section proper.  This plan can't
      be implemented completely cleanly because of the struct's heavy reliance
      on out-of-line strings, which we must initialize separately within the
      critical section.  But still, the critical section is far smaller and
      safer than it was before.
      
      In hopes of forestalling future errors of the same ilk, rename the
      macros for st_changecount management to make it more apparent that
      the writer-side macros create a critical section.  And to prevent
      the worst consequences if we nonetheless manage to mess it up anyway,
      adjust those macros so that they really are a critical section, ie
      they now bump CritSectionCount.  That doesn't add much overhead, and
      it guarantees that if we do somehow throw an error while the counter
      is odd, it will lead to PANIC and a database restart to reset shared
      memory.
      
      Back-patch to 9.5 where the problem was introduced.
      
      In HEAD, also fix an oversight in commit b0b39f72: it failed to teach
      pgstat_read_current_status to copy st_gssstatus data from shared memory to
      local memory.  Hence, subsequent use of that data within the transaction
      would potentially see changing data that it shouldn't see.
      
      Discussion: https://postgr.es/m/CAPR3Wj5Z17=+eeyrn_ZDG3NQGYgMEOY6JV6Y-WRRhGgwc16U3Q@mail.gmail.com
      85ccb689
  5. 11 May, 2019 2 commits