- 05 Jun, 2017 3 commits
-
-
Tom Lane authored
Given the possibility of race conditions and so on, it seems entirely unsafe to just assume that shm_toc_lookup() always finds the key it's looking for --- but that was exactly what all but one call site were doing. To fix, add a "bool noError" argument, similarly to what we have in many other functions, and throw an error on an unexpected lookup failure. Remove now-redundant Asserts that a rather random subset of call sites had. I doubt this will throw any light on buildfarm member lorikeet's recent failures, because if an unnoticed lookup failure were involved, you'd kind of expect a null-pointer-dereference crash rather than the observed symptom. But you never know ... and this is better coding practice even if it never catches anything. Discussion: https://postgr.es/m/9697.1496675981@sss.pgh.pa.us
-
Heikki Linnakangas authored
Daniele Varrazzo Discussion: https://www.postgresql.org/message-id/CA+mi_8bqY5THP8hLKKSdMEr5GCz6M=hD6_uLbvFeyEBfwqUxeA@mail.gmail.com
-
Heikki Linnakangas authored
Jeff Janes and me. Discussion: https://www.postgresql.org/message-id/CAMkU=1zYnniLYg+W9itL93DXebCjx6Uk6m_=Xa8p_zM65X3S0Q@mail.gmail.com
-
- 04 Jun, 2017 5 commits
-
-
Tom Lane authored
get_partition_parent felt that it could simply Assert that systable_getnext found a tuple. This is unlike any other caller of that function, and it's unsafe IMO --- in fact, the reason I noticed it was that the Assert failed. (OK, I was working with known-inconsistent catalog contents, but I wasn't expecting the DB to fall over quite that violently. The behavior in a non-assert-enabled build wouldn't be very nice, either.) Fix it to do what other callers do, namely an actual runtime-test-and-elog. Also, standardize the wording of elog messages that are complaining about unexpected failure of systable_getnext. 90% of them say "could not find tuple for <object>", so make the remainder do likewise. Many of the holdouts were using the phrasing "cache lookup failed", which is outright misleading since no catcache search is involved.
-
Tom Lane authored
I'd always assumed that backend/optimizer/geqo/'s remarkably poor showing on code coverage metrics was because we weren't exercising it much in the regression tests. But it turns out that a good chunk of the problem is that there's a bunch of code that is physically unreachable (because the calls to it are #ifdef'd out in geqo_main.c) but is being built anyway. Making the called code have #if guards similar to the calling code saves a couple of kilobytes of executable size and should make the coverage numbers more reflective of reality. It's arguable that we should just delete all the unused recombination mechanisms altogether, but I didn't feel a need to go that far today.
-
Tom Lane authored
If we allow this, whatever outer command has the table open will not know about the new index and may fail to update it as needed, as shown in a report from Laurenz Albe. We already had such a prohibition in place for ALTER TABLE, but the CREATE INDEX syntax missed the check. Fixing it requires an API change for DefineIndex(), which conceivably would break third-party extensions if we were to back-patch it. Given how long this problem has existed without being noticed, fixing it in the back branches doesn't seem worth that risk. Discussion: https://postgr.es/m/A737B7A37273E048B164557ADEF4A58B53A4DC9A@ntex2010i.host.magwien.gv.at
-
Alvaro Herrera authored
Mark our rusage reportage string translatable; remove quotes from type names; unify formatting of very similar messages.
-
- 03 Jun, 2017 6 commits
-
-
Tom Lane authored
\if and related commands were overlooked here, as were \dRp and \dRs from the logical-replication patch, as was \?. While here, reformat the list to put each new first command letter on a separate line; perhaps that will limit the need to reflow the whole list when we add more commands in future. Masahiko Sawada (reformatting by me) Discussion: https://postgr.es/m/CAD21AoDW1QHtBsM33hV+Fg2mYEs+FWj4qtoCU72AwHAXQ3U6ZQ@mail.gmail.com
-
Tom Lane authored
These estimators returned 1 minus the corresponding equality/match estimate, which is incorrect: we need to subtract off the fraction of nulls in the column, since those are neither equal nor not equal to the comparison value. The error only becomes obvious if the nullfrac is large, but it could be very bad in a mostly-nulls column, as reported in bug #14676 from Marko Tiikkaja. To fix the <> case, refactor eqsel() and neqsel() to call a common support routine, which can be made to account for nullfrac correctly. The pattern-match cases were already factored that way, and it was simply an oversight that patternsel() wasn't subtracting off nullfrac. neqjoinsel() has a similar problem, but since we're elsewhere discussing changing its behavior entirely, I left it alone for now. This is a very longstanding bug, but I'm hesitant to back-patch a fix for it. Given the lack of prior complaints, such cases must not come up often, so it's probably not worth the risk of destabilizing plans in stable branches. Discussion: https://postgr.es/m/20170529153847.4275.95416@wrigleys.postgresql.org
-
Tom Lane authored
When costing a nestloop with stop-at-first-inner-match semantics, and a non-indexscan inner path, final_cost_nestloop() wants to charge the full scan cost of the inner rel at least once, with additional scans charged at inner_rescan_run_cost which might be less. However the logic for doing this effectively assumed that outer_matched_rows is at least 1. If it's zero, which is not unlikely for a small outer rel, we ended up charging inner_run_cost plus N times inner_rescan_run_cost, as much as double the correct charge for an outer rel with only one row that we're betting won't be matched. (Unless the inner rel is materialized, in which case it has very small inner_rescan_run_cost and the cost is not so far off what it should have been.) The upshot of this was that the planner had a tendency to select plans that failed to make effective use of the stop-at-first-inner-match semantics, and that might have Materialize nodes in them even when the predicted number of executions of the Materialize subplan was only 1. This was not so obvious before commit 9c7f5229, because the case only arose in connection with semi/anti joins where there's not freedom to reverse the join order. But with the addition of unique-inner joins, it could result in some fairly bad planning choices, as reported by Teodor Sigaev. Indeed, some of the test cases added by that commit have plans that look dubious on closer inspection, and are changed by this patch. Fix the logic to ensure that we don't charge for too many inner scans. I chose to adjust it so that the full-freight scan cost is associated with an unmatched outer row if possible, not a matched one, since that seems like a better model of what would happen at runtime. This is a longstanding bug, but given the lesser impact in back branches, and the lack of field complaints, I won't risk a back-patch. Discussion: https://postgr.es/m/CAKJS1f-LzkUsFxdJ_-Luy38orQ+AdEXM5o+vANR+-pHAWPSecg@mail.gmail.com
-
Peter Eisentraut authored
We didn't accept any invalidation messages until the whole sync process had finished (because it flattens all the remote transactions in the single one). So the sync worker didn't learn about subscription changes/drop until it has finished. This could lead to "orphaned" sync workers. Author: Petr Jelinek <petr.jelinek@2ndquadrant.com> Reported-by: Masahiko Sawada <sawada.mshk@gmail.com>
-
Peter Eisentraut authored
This avoids "orphaned" sync workers. This was caused by a thinko in wait_for_sync_status_change. Author: Petr Jelinek <petr.jelinek@2ndquadrant.com> Reported-by: Masahiko Sawada <sawada.mshk@gmail.com>
-
Andres Freund authored
Previously this was not allowed, as copy.c didn't set the CURSOR_OPT_PARALLEL_OK flag when planning the query. Set it. While the lack of parallel query for COPY isn't strictly speaking a bug, it does prevent parallelism from being used in a facility commonly used to run long running queries. Thus backpatch to 9.6. Author: Andres Freund Discussion: https://postgr.es/m/20170531231958.ihanapplorptykzm@alap3.anarazel.de Backpatch: 9.6, where parallelism was introduced.
-
- 02 Jun, 2017 7 commits
-
-
Peter Eisentraut authored
Add some information about what to do when this fails.
-
Peter Eisentraut authored
When trying to access a replication slot that is supposed to already exist, we don't need to check the naming rules again. If the slot does not exist, we will then get a "does not exist" error message, which is generally more useful from the perspective of an end user.
-
Peter Eisentraut authored
The logical replication worker processes now use the normal die() handler for SIGTERM and CHECK_FOR_INTERRUPTS() instead of custom code. One problem before was that the apply worker would not exit promptly when a subscription was dropped, which could lead to deadlocks. Author: Petr Jelinek <petr.jelinek@2ndquadrant.com> Reported-by: Masahiko Sawada <sawada.mshk@gmail.com>
-
Magnus Hagander authored
Amit Langote
-
Magnus Hagander authored
Masahiko Sawada
-
Peter Eisentraut authored
Move the walrcv_disconnect() calls into the before_shmem_exit handler. This makes sure the call is always made even during exit by signal, it saves some duplicate code, and it makes the logic more similar to walreceiver.c. Author: Petr Jelinek <petr.jelinek@2ndquadrant.com>
-
Peter Eisentraut authored
If a FOR ALL TABLES publication was present, \d of a table would claim for each table that it was part of the publication, even for tables that are ignored for this purpose, such as system tables and unlogged tables. Fix the query by using the function pg_get_publication_tables(), which was intended for this purpose. Reported-by: tushar <tushar.ahuja@enterprisedb.com> Reviewed-by: Amit Langote <Langote_Amit_f8@lab.ntt.co.jp> Reviewed-by: Kuntal Ghosh <kuntalghosh.2007@gmail.com>
-
- 01 Jun, 2017 4 commits
-
-
Alvaro Herrera authored
Reported by: Tim Goodaire Discussion: https://postgr.es/m/20170601182230.1487.26008@wrigleys.postgresql.org
-
Andres Freund authored
This seems to have been broken in the commit (1753b1b0) that moved the sequence definition into pg_sequence. Author: Andres Freund Discussion: https://postgr.es/m/20170601000716.qxg7c46ukkiljjb3@alap3.anarazel.de Backpatch: Bug is in master/v10 only
-
Andres Freund authored
Previously the changes to the "data" part of the sequence, i.e. the one containing the current value, were not transactional, whereas the definition, including minimum and maximum value were. That leads to odd behaviour if a schema change is rolled back, with the potential that out-of-bound sequence values can be returned. To avoid the issue create a new relfilenode fork whenever ALTER SEQUENCE is executed, similar to how TRUNCATE ... RESTART IDENTITY already is already handled. This commit also makes ALTER SEQUENCE RESTART transactional, as it seems to be too confusing to have some forms of ALTER SEQUENCE behave transactionally, some forms not. This way setval() and nextval() are not transactional, but DDL is, which seems to make sense. This commit also rolls back parts of the changes made in 3d092fe5 and f8dc1985 as they're now not needed anymore. Author: Andres Freund Discussion: https://postgr.es/m/20170522154227.nvafbsm62sjpbxvd@alap3.anarazel.de Backpatch: Bug is in master/v10 only
-
Tom Lane authored
On some platforms, -fpic fails for sufficiently large shared libraries. We've mostly not hit that boundary yet, but there are some extensions such as Citus and pglogical where it's becoming a problem. A bit of research suggests that the penalty for -fPIC is small, in the single-digit-percentage range --- and there's none at all on popular platforms such as x86_64. So let's just default to -fPIC everywhere and provide one less thing for extension developers to worry about. Per complaint from Christoph Berg. Back-patch to all supported branches. (I did not bother to touch the recently-removed Makefiles for sco and unixware in the back branches, though. We'd have no way to test that it doesn't break anything on those platforms.) Discussion: https://postgr.es/m/20170529155850.qojdfrwkkqnjb3ap@msg.df7cb.de
-
- 31 May, 2017 4 commits
-
-
Magnus Hagander authored
Using the client pid can easily be non-unique when used on different hosts. Using the backend pid should be guaranteed unique, since the temporary slot gets removed when the client disconnects so it will be gone even if the pid is renewed. Reported by Ludovic Vaugeois-Pepin
-
Robert Haas authored
Commit 88e66d19 is to blame. Masahiko Sawada Discussion: http://postgr.es/m/CAD21AoAXeb7O4hgg+efs8JT_SxpR4doAH5c5s-Z5WoRLstBZJA@mail.gmail.com
-
Peter Eisentraut authored
-
Tom Lane authored
The GET/SET_n_BYTES macros are meant to be infrastructure for the DatumGetFoo/FooGetDatum macros, which include a cast to the intended target type. Using them directly without a cast, as DatumGetFloat4 and friends previously did, can yield warnings when -Wconversion is on. This is of little significance when building Postgres proper, because there are such a huge number of such warnings in the server that nobody would think -Wconversion is of any use. But some extensions build with -Wconversion due to outside constraints. Commit 14cca1bf did a disservice to those extensions by moving DatumGetFloat4 et al into postgres.h, where they can now cause warnings in extension builds. To fix, use DatumGetInt32 and friends in place of the low-level macros. This is arguably a bit cleaner anyway. Chapman Flack Discussion: https://postgr.es/m/592E4D04.1070609@anastigmatix.net
-
- 30 May, 2017 6 commits
-
-
Tom Lane authored
Not much point in having a convention about this if we don't enforce it. Mark Dilger Discussion: https://postgr.es/m/7F67FBEF-C3B3-404E-8EC6-E02ACB15D894@gmail.com
-
Alvaro Herrera authored
We were trying to free a pointer into a shared buffer, which never works; and we were failing to release the buffer lock appropriately. Fix those omissions. While at it, improve documentation for brinGetTupleForHeapBlock, the inadequacy of which evidently caused these bugs in the first place. Reported independently by Zhou Digoal (bug #14668) and Alexander Sosna. Discussion: https://postgr.es/m/8c31c11b-6adb-228d-22c2-4ace89fc9209@credativ.de Discussion: https://postgr.es/m/20170524063323.29941.46339@wrigleys.postgresql.org
-
Alvaro Herrera authored
Remove some gratuituous message differences by making the AM name previously embedded in each message be a %s instead. While at it, get rid of terminology that's unclear and unnecessary in one message. Discussion: https://postgr.es/m/20170523001557.bq2hbq7hxyvyw62q@alvherre.pgsql
-
Peter Eisentraut authored
Some of the text was made nonsensical by commit e9500240. Fix that and make some other minor changes. Reported-by: Jeff Janes <jeff.janes@gmail.com>
-
Tom Lane authored
We could have limped along without this for v10, which was my intention when I annotated the bug in commit 76a3df6e. But consensus is that it's better to fix it now and take the cost of a post-beta1 initdb (which is needed because these node types are stored in pg_class.relpartbound). Since we're forcing initdb anyway, take the opportunity to make the node type identification strings match the node struct names, instead of being randomly different from them. Discussion: https://postgr.es/m/E1dFBEX-0004wt-8t@gemulon.postgresql.org
-
Tom Lane authored
Per our message style guidelines, error messages incorporating the results of format_type_be() and its siblings should not add quotes around those results, because those functions already add quotes at need. Fix a few places that hadn't gotten that memo.
-
- 29 May, 2017 5 commits
-
-
Tom Lane authored
json_populate_record throws an error if asked to convert a JSON scalar or array into a composite type. jsonb_populate_record was returning a record full of NULL fields instead. It seems better to make it throw an error for this case as well. Nikita Glukhov Discussion: https://postgr.es/m/fbd1d566-bba0-a3de-d6d0-d3b1d7c24ff2@postgrespro.ru
-
Tom Lane authored
The macro gave the wrong answers for a JsObject with is_json == 0: it would return 1 if jsonb_cont == NULL, or if that wasn't NULL, it would return 1 for any non-zero size. We could fix that, but the only use of this macro at present is in the JsObjectIsEmpty() macro, so it seems simpler and clearer to get rid of JsObjectSize() and put corrected logic into JsObjectIsEmpty(). Thinko in commit cf35346e, so no need for back-patch. Nikita Glukhov Discussion: https://postgr.es/m/fbd1d566-bba0-a3de-d6d0-d3b1d7c24ff2@postgrespro.ru
-
Tom Lane authored
pg_resetwal (formerly pg_resetxlog) doesn't insist on finding a matching version number in pg_control, and that seems like an important thing to preserve since recovering from corrupt pg_control is a prime reason to need to run it. However, that means you can try to run it against a data directory of a different major version, which is at best useless and at worst disastrous. So as to provide some protection against that type of pilot error, inspect PG_VERSION at startup and refuse to do anything if it doesn't match. PG_VERSION is read-only after initdb, so it's unlikely to get corrupted, and even if it were corrupted it would be easy to fix by hand. This hazard has been there all along, so back-patch to all supported branches. Michael Paquier, with some kibitzing by me Discussion: https://postgr.es/m/f4b8eb91-b934-8a0d-b3cc-68f06e2279d1@enterprisedb.com
-
Tom Lane authored
The NumericOnly grammar production accepted ICONST, + ICONST, - ICONST, FCONST, and - FCONST, but for some reason not + FCONST. This led to strange inconsistencies like regression=# set random_page_cost = +4; SET regression=# set random_page_cost = 4000000000; SET regression=# set random_page_cost = +4000000000; ERROR: syntax error at or near "4000000000" (because 4000000000 is too large to be an ICONST). While there's no actual functional reason to need to write a "+", if we allow it for integers it seems like we should allow it for numerics too. It's been like that forever, so back-patch to all supported branches. Discussion: https://postgr.es/m/30908.1496006184@sss.pgh.pa.us
-
Tom Lane authored
Avoid trashing the input PartitionBoundSpec; while that might be safe for current callers, it's certainly trouble waiting to happen. In the same vein, make sure that all of the result data structure is freshly palloc'd, rather than some of it being pointers into the input data structures (which we don't know the lifespans of). Simplify the logic for tacking on IS NULL or IS NOT NULL conditions some more; commit 85c2b9a1 left a lot on the table there. And rearrange the construction of the nodes into (what seems to me) a more logical order. In passing, make sure that get_qual_for_range() also returns a freshly palloc'd structure, since there's no value in having that guarantee for only one kind of partitioning. And improve some comments there. Jeevan Ladhe, with further tweaking by me Discussion: https://postgr.es/m/CAOgcT0MAcYoMs93W80iTUf_dP36=1mZQzeUk+nnwY_-qWDrCfw@mail.gmail.com
-