1. 31 May, 2011 1 commit
    • Tom Lane's avatar
      Replace use of credential control messages with getsockopt(LOCAL_PEERCRED). · be4585b1
      Tom Lane authored
      It turns out the reason we hadn't found out about the portability issues
      with our credential-control-message code is that almost no modern platforms
      use that code at all; the ones that used to need it now offer getpeereid(),
      which we choose first.  The last holdout was NetBSD, and they added
      getpeereid() as of 5.0.  So far as I can tell, the only live platform on
      which that code was being exercised was Debian/kFreeBSD, ie, FreeBSD kernel
      with Linux userland --- since glibc doesn't provide getpeereid(), we fell
      back to the control message code.  However, the FreeBSD kernel provides a
      LOCAL_PEERCRED socket parameter that's functionally equivalent to Linux's
      SO_PEERCRED.  That is both much simpler to use than control messages, and
      superior because it doesn't require receiving a message from the other end
      at just the right time.
      
      Therefore, add code to use LOCAL_PEERCRED when necessary, and rip out all
      the credential-control-message code in the backend.  (libpq still has such
      code so that it can still talk to pre-9.1 servers ... but eventually we can
      get rid of it there too.)  Clean up related autoconf probes, too.
      
      This means that libpq's requirepeer parameter now works on exactly the same
      platforms where the backend supports peer authentication, so adjust the
      documentation accordingly.
      be4585b1
  2. 30 May, 2011 9 commits
    • Tom Lane's avatar
      Fix portability bugs in use of credentials control messages for peer auth. · 13c00ae8
      Tom Lane authored
      Even though our existing code for handling credentials control messages has
      been basically unchanged since 2001, it was fundamentally wrong: it did not
      ensure proper alignment of the supplied buffer, and it was calculating
      buffer sizes and message sizes incorrectly.  This led to failures on
      platforms where alignment padding is relevant, for instance FreeBSD on
      64-bit platforms, as seen in a recent Debian bug report passed on by
      Martin Pitt (http://bugs.debian.org//cgi-bin/bugreport.cgi?bug=612888).
      
      Rewrite to do the message-whacking using the macros specified in RFC 2292,
      following a suggestion from Theo de Raadt in that thread.  Tested by me
      on Debian/kFreeBSD-amd64; since OpenBSD and NetBSD document the identical
      CMSG API, it should work there too.
      
      Back-patch to all supported branches.
      13c00ae8
    • Tom Lane's avatar
      Fix VACUUM so that it always updates pg_class.reltuples/relpages. · b4b6923e
      Tom Lane authored
      When we added the ability for vacuum to skip heap pages by consulting the
      visibility map, we made it just not update the reltuples/relpages
      statistics if it skipped any pages.  But this could leave us with extremely
      out-of-date stats for a table that contains any unchanging areas,
      especially for TOAST tables which never get processed by ANALYZE.  In
      particular this could result in autovacuum making poor decisions about when
      to process the table, as in recent report from Florian Helmberger.  And in
      general it's a bad idea to not update the stats at all.  Instead, use the
      previous values of reltuples/relpages as an estimate of the tuple density
      in unvisited pages.  This approach results in a "moving average" estimate
      of reltuples, which should converge to the correct value over multiple
      VACUUM and ANALYZE cycles even when individual measurements aren't very
      good.
      
      This new method for updating reltuples is used by both VACUUM and ANALYZE,
      with the result that we no longer need the grotty interconnections that
      caused ANALYZE to not update the stats depending on what had happened
      in the parent VACUUM command.
      
      Also, fix the logic for skipping all-visible pages during VACUUM so that it
      looks ahead rather than behind to decide what to do, as per a suggestion
      from Greg Stark.  This eliminates useless scanning of all-visible pages at
      the start of the relation or just after a not-all-visible page.  In
      particular, the first few pages of the relation will not be invariably
      included in the scanned pages, which seems to help in not overweighting
      them in the reltuples estimate.
      
      Back-patch to 8.4, where the visibility map was introduced.
      b4b6923e
    • Peter Eisentraut's avatar
      Suppress foreign data wrappers and foreign servers in partial dumps · 3001b763
      Peter Eisentraut authored
      This is consistent with the behavior of other global objects such as
      languages and extensions.
      
      Omitting foreign servers also omits the respective user mappings.
      3001b763
    • Magnus Hagander's avatar
      Don't recommend upgrading to latest available Windows SDK · 2367da88
      Magnus Hagander authored
      We only support up to version 7.0, so don't recommend
      upgrading past it. The rest of the documentation around this
      was already updated, but one spot was missed.
      2367da88
    • Magnus Hagander's avatar
      Refuse "local" lines in pg_hba.conf on platforms that don't support it · 5830f696
      Magnus Hagander authored
      This makes the behavior compatible with that of hostssl, which
      also throws an error when there is no SSL support included.
      5830f696
    • Magnus Hagander's avatar
      Don't include local line on platforms without support · 764bde0f
      Magnus Hagander authored
      Since we now include a sample line for replication on local
      connections in pg_hba.conf, don't include it where local
      connections aren't available (such as on win32).
      
      Also make sure we use authmethodlocal and not authmethod on
      the sample line.
      764bde0f
    • Heikki Linnakangas's avatar
      The row-version chaining in Serializable Snapshot Isolation was still wrong. · 3103f9a7
      Heikki Linnakangas authored
      On further analysis, it turns out that it is not needed to duplicate predicate
      locks to the new row version at update, the lock on the version that the
      transaction saw as visible is enough. However, there was a different bug in
      the code that checks for dangerous structures when a new rw-conflict happens.
      Fix that bug, and remove all the row-version chaining related code.
      
      Kevin Grittner & Dan Ports, with some comment editorialization by me.
      3103f9a7
    • Alvaro Herrera's avatar
      Make message more consistent · 5177dfef
      Alvaro Herrera authored
      5177dfef
    • Alvaro Herrera's avatar
      Remove usage of &PL_sv_undef in hashes and arrays · 7de38741
      Alvaro Herrera authored
      According to perlguts, &PL_sv_undef is not the right thing to use in
      those cases because it doesn't behave the same way as an undef value via
      Perl code.  Seems the intuitive way to deal with undef values is subtly
      enough broken that it's hard to notice when misused.
      
      The broken uses got inadvertently introduced in commit
      87bb2ade by Alexey Klyukin, Alex
      Hunsaker and myself on 2011-02-17; no backpatch is necessary.
      
      Per testing report from Greg Mullane.
      
      Author: Alex Hunsaker
      7de38741
  3. 29 May, 2011 2 commits
  4. 28 May, 2011 4 commits
  5. 27 May, 2011 5 commits
    • Peter Eisentraut's avatar
      4d7d6386
    • Peter Eisentraut's avatar
      Drop "meaning" column from error code table · 420dcaae
      Peter Eisentraut authored
      This is currently the same as the condition name, so it doesn't add
      any value, only clutter.
      420dcaae
    • Tom Lane's avatar
      Improve corner cases in pg_ctl's new wait-for-postmaster-startup code. · 0bae3bc9
      Tom Lane authored
      With "-w -t 0", we should report "still starting up", not "ok".  If we
      fall out of the loop without ever being able to call PQping (because we
      were never able to construct a connection string), report "no response",
      not "ok".  This gets rid of corner cases in which we'd claim the server
      had started even though it had not.
      
      Also, if the postmaster.pid file is not there at any point after we've
      waited 5 seconds, assume the postmaster has failed and report that, rather
      than almost-certainly-fruitlessly continuing to wait.  The pidfile should
      appear almost instantly even when there is extensive startup work to do,
      so 5 seconds is already a very conservative figure.  This part is per a
      gripe from MauMau --- there might be better ways to do it, but nothing
      simple enough to get done for 9.1.
      0bae3bc9
    • Tom Lane's avatar
      Preserve caller's memory context in ProcessCompletedNotifies(). · 90857b48
      Tom Lane authored
      This is necessary to avoid long-term memory leakage, because the main loop
      in PostgresMain expects to be executing in MessageContext, and hence is a
      bit sloppy about freeing stuff that is only needed for the duration of
      processing the current client message.  The known case of an actual leak
      is when encoding conversion has to be done on the incoming command string,
      but there might be others.  Per report from Per-Olov Esgard.
      
      Back-patch to 9.0, where the bug was introduced by the LISTEN/NOTIFY
      rewrite.
      90857b48
    • Heikki Linnakangas's avatar
      Check the return code of pthread_create(). Otherwise we go into an infinite · 336db7e3
      Heikki Linnakangas authored
      loop if it fails, which is what what happened on my HP-UX box. (I think
      the reason it failed on that box is a misconfiguration on my behalf, but
      that's no reason to hang.)
      336db7e3
  6. 26 May, 2011 2 commits
    • Tom Lane's avatar
      Make decompilation of optimized CASE constructs more robust. · 3987e9e6
      Tom Lane authored
      We had some hacks in ruleutils.c to cope with various odd transformations
      that the optimizer could do on a CASE foo WHEN "CaseTestExpr = RHS" clause.
      However, the fundamental impossibility of covering all cases was exposed
      by Heikki, who pointed out that the "=" operator could get replaced by an
      inlined SQL function, which could contain nearly anything at all.  So give
      up on the hacks and just print the expression as-is if we fail to recognize
      it as "CaseTestExpr = RHS".  (We must cover that case so that decompiled
      rules print correctly; but we are not under any obligation to make EXPLAIN
      output be 100% valid SQL in all cases, and already could not do so in some
      other cases.)  This approach requires that we have some printable
      representation of the CaseTestExpr node type; I used "CASE_TEST_EXPR".
      
      Back-patch to all supported branches, since the problem case fails in all.
      3987e9e6
    • Tom Lane's avatar
      Adjust configure to use "+Olibmerrno" with HP-UX C compiler, if possible. · 44404f39
      Tom Lane authored
      This is reported to be necessary on some versions of that OS.  In service
      of this, cause PGAC_PROG_CC_CFLAGS_OPT to reject switches that result in
      compiler warnings, since on yet other versions of that OS, the switch does
      nothing except provoke a warning.
      
      Report and patch by Ibrar Ahmed, further tweaking by me.
      44404f39
  7. 25 May, 2011 4 commits
    • Tom Lane's avatar
      Suppress extensions in partial dumps. · 7b158d1b
      Tom Lane authored
      We initially had pg_dump emit CREATE EXTENSION commands unconditionally.
      However, pg_dump has long been in the habit of not dumping procedural
      language definitions when a --schema or --table switch is given.  It seems
      appropriate to handle extensions the same way, since like PLs they are SQL
      objects that are not in any particular schema.  Per complaint from Adrian
      Schreyer.
      7b158d1b
    • Peter Eisentraut's avatar
      Put options in some sensible order · 3439e40f
      Peter Eisentraut authored
      For the --help output and reference pages of pg_dump, pg_dumpall,
      pg_restore, put the options in some consistent, mostly alphabetical,
      and consistent order, rather than newest option last or something like
      that.
      3439e40f
    • Andrew Dunstan's avatar
      Convert builddoc.bat into a perl script that actually works. · 8c3604ae
      Andrew Dunstan authored
      The old .bat file wasn't working for reasons that are unclear, and
      which it did not seem worth the trouble to ascertain.
      The new perl script has been tested and is known to work.
      Soon it will be tested regularly on the buildfarm.
      The .bat file is kept as a simple wrapper for the perl script.
      8c3604ae
    • Bruce Momjian's avatar
  8. 24 May, 2011 7 commits
  9. 23 May, 2011 6 commits
    • Tom Lane's avatar
      Make plpgsql complain about conflicting IN and OUT parameter names. · 59a4a571
      Tom Lane authored
      The core CREATE FUNCTION code only enforces that IN parameter names are
      non-duplicate, and that OUT parameter names are separately non-duplicate.
      This is because some function languages might not have any confusion
      between the two.  But in plpgsql, such names are all in the same namespace,
      so we'd better disallow it.
      
      Per a recent complaint from Dan S.  Not back-patching since this is a small
      issue and the change could cause unexpected failures if we started to
      enforce it in a minor release.
      59a4a571
    • Heikki Linnakangas's avatar
      Fix integer overflow in text_format function, reported by Dean Rasheed. · 34be83b7
      Heikki Linnakangas authored
      In the passing, clarify the comment on why text_format_nv wrapper is needed.
      34be83b7
    • Robert Haas's avatar
      Improve hash_array() logic for combining hash values. · 7149b128
      Robert Haas authored
      The new logic is less vulnerable to transpositions.
      
      This invalidates the contents of hash indexes built with the old
      functions; hence, bump catversion.
      
      Dean Rasheed
      7149b128
    • Peter Eisentraut's avatar
      Message style improvements · c58b945e
      Peter Eisentraut authored
      c58b945e
    • Tom Lane's avatar
      Install defenses against overflow in BuildTupleHashTable(). · 299d1716
      Tom Lane authored
      The planner can sometimes compute very large values for numGroups, and in
      cases where we have no alternative to building a hashtable, such a value
      will get fed directly to BuildTupleHashTable as its nbuckets parameter.
      There were two ways in which that could go bad.  First, BuildTupleHashTable
      declared the parameter as "int" but most callers were passing "long"s,
      so on 64-bit machines undetected overflow could occur leading to a bogus
      negative value.  The obvious fix for that is to change the parameter to
      "long", which is what I've done in HEAD.  In the back branches that seems a
      bit risky, though, since third-party code might be calling this function.
      So for them, just put in a kluge to treat negative inputs as INT_MAX.
      Second, hash_create can go nuts with extremely large requested table sizes
      (notably, my_log2 becomes an infinite loop for inputs larger than
      LONG_MAX/2).  What seems most appropriate to avoid that is to bound the
      initial table size request to work_mem.
      
      This fixes bug #6035 reported by Daniel Schreiber.  Although the reported
      case only occurs back to 8.4 since it involves WITH RECURSIVE, I think
      it's a good idea to install the defenses in all supported branches.
      299d1716
    • Andrew Dunstan's avatar