1. 26 Sep, 2020 2 commits
    • Tom Lane's avatar
      Revise RelationBuildRowSecurity() to avoid memory leaks. · e55f718f
      Tom Lane authored
      This function leaked some memory while loading qual clauses for
      an RLS policy.  While ordinarily negligible, that could build up
      in some repeated-reload cases, as reported by Konstantin Knizhnik.
      We can improve matters by borrowing the coding long used in
      RelationBuildRuleLock: build stringToNode's result directly in
      the target context, and remember to explicitly pfree the
      input string.
      
      This patch by no means completely guarantees zero leaks within
      this function, since we have no real guarantee that the catalog-
      reading subroutines it calls don't leak anything.  However,
      practical tests suggest that this is enough to resolve the issue.
      In any case, any remaining leaks are similar to those risked by
      RelationBuildRuleLock and other relcache-loading subroutines.
      If we need to fix them, we should adopt a more global approach
      such as that used by the RECOVER_RELATION_BUILD_MEMORY hack.
      
      While here, let's remove the need for an expensive PG_TRY block by
      using MemoryContextSetParent to reparent an initially-short-lived
      context for the RLS data.
      
      Back-patch to all supported branches.
      
      Discussion: https://postgr.es/m/21356c12-8917-8249-b35f-1c447231922b@postgrespro.ru
      e55f718f
    • Amit Kapila's avatar
      Fix the logical replication from HEAD to lower versions. · 079d0cac
      Amit Kapila authored
      Commit 46482432 changed the logical replication protocol to allow the
      streaming of in-progress transactions and used the new version of protocol
      irrespective of the server version. Use the appropriate version of the
      protocol based on the server version.
      
      Reported-by: Ashutosh Sharma
      Author: Dilip Kumar
      Reviewed-by: Ashutosh Sharma and Amit Kapila
      Discussion: https://postgr.es/m/CAE9k0P=9OpXcNrcU5Gsvd5MZ8GFpiN833vNHzX6Uc=8+h1ft1Q@mail.gmail.com
      079d0cac
  2. 25 Sep, 2020 2 commits
    • Thomas Munro's avatar
      Defer flushing of SLRU files. · dee663f7
      Thomas Munro authored
      Previously, we called fsync() after writing out individual pg_xact,
      pg_multixact and pg_commit_ts pages due to cache pressure, leading to
      regular I/O stalls in user backends and recovery.  Collapse requests for
      the same file into a single system call as part of the next checkpoint,
      as we already did for relation files, using the infrastructure developed
      by commit 3eb77eba.  This can cause a significant improvement to
      recovery performance, especially when it's otherwise CPU-bound.
      
      Hoist ProcessSyncRequests() up into CheckPointGuts() to make it clearer
      that it applies to all the SLRU mini-buffer-pools as well as the main
      buffer pool.  Rearrange things so that data collected in CheckpointStats
      includes SLRU activity.
      
      Also remove the Shutdown{CLOG,CommitTS,SUBTRANS,MultiXact}() functions,
      because they were redundant after the shutdown checkpoint that
      immediately precedes them.  (I'm not sure if they were ever needed, but
      they aren't now.)
      
      Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> (parts)
      Tested-by: default avatarJakub Wartak <Jakub.Wartak@tomtom.com>
      Discussion: https://postgr.es/m/CA+hUKGLJ=84YT+NvhkEEDAuUtVHMfQ9i-N7k_o50JmQ6Rpj_OQ@mail.gmail.com
      dee663f7
    • Michael Paquier's avatar
      Remove custom memory allocation layer in pgcrypto · ca7f8e2b
      Michael Paquier authored
      PX_OWN_ALLOC was intended as a way to disable the use of palloc(), and
      over the time new palloc() or equivalent calls have been added like in
      32984d8f, making this extra layer losing its original purpose.  This
      simplifies on the way some code paths to use palloc0() rather than
      palloc() followed by memset(0).
      
      Author: Daniel Gustafsson
      Discussion: https://postgr.es/m/A5BFAA1A-B2E8-4CBC-895E-7B1B9475A527@yesql.se
      ca7f8e2b
  3. 24 Sep, 2020 7 commits
    • Tom Lane's avatar
      Fix handling of -d "connection string" in pg_dump/pg_restore. · a45bc8a4
      Tom Lane authored
      Parallel pg_dump failed if its -d parameter was a connection string
      containing any essential information other than host, port, or username.
      The same was true for pg_restore with --create.
      
      The reason is that these scenarios failed to preserve the connection
      string from the command line; the code felt free to replace that with
      just the database name when reconnecting from a pg_dump parallel worker
      or after creating the target database.  By chance, parallel pg_restore
      did not suffer this defect, as long as you didn't say --create.
      
      In practice it seems that the error would be obvious only if the
      connstring included essential, non-default SSL or GSS parameters.
      This may explain why it took us so long to notice.  (It also makes
      it very difficult to craft a regression test case illustrating the
      problem, since the test would fail in builds without those options.)
      
      Fix by refactoring so that ConnectDatabase always receives all the
      relevant options directly from the command line, rather than
      reconstructed values.  Inject a different database name, when necessary,
      by relying on libpq's rules for handling multiple "dbname" parameters.
      
      While here, let's get rid of the essentially duplicate _connectDB
      function, as well as some obsolete nearby cruft.
      
      Per bug #16604 from Zsolt Ero.  Back-patch to all supported branches.
      
      Discussion: https://postgr.es/m/16604-933f4b8791227b15@postgresql.org
      a45bc8a4
    • Robert Haas's avatar
      Fix two bugs in MaintainOldSnapshotTimeMapping. · 55b7e2f4
      Robert Haas authored
      The previous coding was confused about whether head_timestamp was
      intended to represent the timestamp for the newest bucket in the
      mapping or the oldest timestamp for the oldest bucket in the mapping.
      Decide that it's intended to be the oldest one, and repair
      accordingly.
      
      To do that, we need to do two things. First, when advancing to a
      new bucket, don't categorically set head_timestamp to the new
      timestamp. Do this only if we're blowing out the map completely
      because a lot of time has passed since we last maintained it. If
      we're replacing entries one by one, advance head_timestamp by
      1 minute for each; if we're filling in unused entries, don't
      advance head_timestamp at all.
      
      Second, fix the computation of how many buckets we need to advance.
      The previous formula would be correct if head_timestamp were the
      timestamp for the new bucket, but we're now making all the code
      agree that it's the timestamp for the oldest bucket, so adjust the
      formula accordingly.
      
      This is certainly a bug fix, but I don't feel good about
      back-patching it without the introspection tools added by commit
      aecf5ee2, and perhaps also some
      actual tests. Since back-patching the introspection tools might
      not attract sufficient support and since there are no automated
      tests of these fixes yet, I'm just committing this to master for
      now.
      
      Patch by me, reviewed by Thomas Munro, Dilip Kumar, Hamid Akhtar.
      
      Discussion: http://postgr.es/m/CA+TgmoY=aqf0zjTD+3dUWYkgMiNDegDLFjo+6ze=Wtpik+3XqA@mail.gmail.com
      55b7e2f4
    • Peter Eisentraut's avatar
      Standardize the printf format for st_size · c005eb00
      Peter Eisentraut authored
      Existing code used various inconsistent ways to printf struct stat's
      st_size member.  The type of that is off_t, which is in most cases a
      signed 64-bit integer, so use the long long int format for it.
      c005eb00
    • Robert Haas's avatar
      Add new 'old_snapshot' contrib module. · aecf5ee2
      Robert Haas authored
      You can use this to view the contents of the time to XID mapping
      which the server maintains when old_snapshot_threshold != -1.
      Being able to view that information may be interesting for users,
      and it's definitely useful for figuring out whether the mapping
      is being maintained correctly. It isn't, so that will need to be
      fixed in a subsequent commit.
      
      Patch by me, reviewed by Thomas Munro, Dilip Kumar, Hamid Akhtar.
      
      Discussion: http://postgr.es/m/CA+TgmoY=aqf0zjTD+3dUWYkgMiNDegDLFjo+6ze=Wtpik+3XqA@mail.gmail.com
      aecf5ee2
    • Robert Haas's avatar
      Expose oldSnapshotControl definition via new header. · f5ea92e8
      Robert Haas authored
      This makes it possible for code outside snapmgr.c to examine the
      contents of this data structure. This commit does not add any code
      which actually does so; a subsequent commit will make that change.
      
      Patch by me, reviewed by Thomas Munro, Dilip Kumar, Hamid Akhtar.
      
      Discussion: http://postgr.es/m/CA+TgmoY=aqf0zjTD+3dUWYkgMiNDegDLFjo+6ze=Wtpik+3XqA@mail.gmail.com
      f5ea92e8
    • Tom Lane's avatar
    • Tom Lane's avatar
      Improve behavior of tsearch_readline(), and remove t_readline(). · 83b61319
      Tom Lane authored
      Commit fbeb9da2, which added the tsearch_readline APIs, left
      t_readline() in place as a compatibility measure.  But that function
      has been unused and deprecated for twelve years now, so that seems
      like enough time to remove it.  Doing so, and merging t_readline's
      code into tsearch_readline, aids in making several useful
      improvements:
      
      * The hard-wired 4K limit on line length in tsearch data files is
      removed, by using a StringInfo buffer instead of a fixed-size buffer.
      
      * We can buy back the per-line palloc/pfree added by 3ea7e955
      in the common case where encoding conversion is not required.
      
      * We no longer need a separate pg_verify_mbstr call, as that
      functionality was folded into encoding conversion some time ago.
      
      (We could have done some of this stuff while keeping t_readline as a
      separate API, but there seems little point, since there's no reason
      for anyone to still be using t_readline directly.)
      
      Discussion: https://postgr.es/m/48A4FA71-524E-41B9-953A-FD04EF36E2E7@yesql.se
      83b61319
  4. 23 Sep, 2020 4 commits
  5. 22 Sep, 2020 5 commits
  6. 21 Sep, 2020 4 commits
  7. 20 Sep, 2020 2 commits
  8. 19 Sep, 2020 3 commits
  9. 18 Sep, 2020 6 commits
  10. 17 Sep, 2020 5 commits
    • Tom Lane's avatar
      Remove support for postfix (right-unary) operators. · 1ed6b895
      Tom Lane authored
      This feature has been a thorn in our sides for a long time, causing
      many grammatical ambiguity problems.  It doesn't seem worth the
      pain to continue to support it, so remove it.
      
      There are some follow-on improvements we can make in the grammar,
      but this commit only removes the bare minimum number of productions,
      plus assorted backend support code.
      
      Note that pg_dump and psql continue to have full support, since
      they may be used against older servers.  However, pg_dump warns
      about postfix operators.  There is also a check in pg_upgrade.
      
      Documentation-wise, I (tgl) largely removed the "left unary"
      terminology in favor of saying "prefix operator", which is
      a more standard and IMO less confusing term.
      
      I included a catversion bump, although no initial catalog data
      changes here, to mark the boundary at which oprkind = 'r'
      stopped being valid in pg_operator.
      
      Mark Dilger, based on work by myself and Robert Haas;
      review by John Naylor
      
      Discussion: https://postgr.es/m/38ca86db-42ab-9b48-2902-337a0d6b8311@2ndquadrant.com
      1ed6b895
    • Tom Lane's avatar
      Remove factorial operators, leaving only the factorial() function. · 76f412ab
      Tom Lane authored
      The "!" operator is our only built-in postfix operator.  Remove it,
      on the way to removal of grammar support for postfix operators.
      
      There is also a "!!" prefix operator, but since it's been marked
      deprecated for most of its existence, we might as well remove it too.
      
      Also zap the SQL alias function numeric_fac(), which seems to have
      equally little reason to live.
      
      Mark Dilger, based on work by myself and Robert Haas;
      review by John Naylor
      
      Discussion: https://postgr.es/m/38ca86db-42ab-9b48-2902-337a0d6b8311@2ndquadrant.com
      76f412ab
    • Tom Lane's avatar
      Further improve pgindent's list of file exclusions. · 74d4608f
      Tom Lane authored
      I despair of people keeping the README file's notes in sync with
      the actual exclusion list, so move the notes into the exclusion file.
      Adjust the pgindent script to explicitly ignore comments in the file,
      just in case (though it's hard to believe any would match filenames).
      
      Extend the list so that it doesn't process any files we'd not wish it to
      even in a fully-built-out development directory.  (There are still a
      couple of derived files that it wants to reformat, but fixing the
      generator scripts for those seems like fit material for a separate patch.)
      
      Discussion: https://postgr.es/m/79ed5348-be7a-b647-dd40-742207186a22@2ndquadrant.com
      74d4608f
    • Tom Lane's avatar
      Improve common/logging.c's support for multiple verbosity levels. · 99175141
      Tom Lane authored
      Instead of hard-wiring specific verbosity levels into the option
      processing of client applications, invent pg_logging_increase_verbosity()
      and encourage clients to implement --verbose by calling that.  Then,
      the common convention that more -v's gets you more verbosity just works.
      
      In particular, this allows resurrection of the debug-grade messages that
      have long existed in pg_dump and its siblings.  They were unreachable
      before this commit due to lack of a way to select PG_LOG_DEBUG logging
      level.  (It appears that they may have been unreachable for some time
      before common/logging.c was introduced, too, so I'm not specifically
      blaming cc8d4151 for the oversight.  One reason for thinking that is
      that it's now apparent that _allocAH()'s message needs a null-pointer
      guard.  Testing might have failed to reveal that before 96bf88d5.)
      
      Discussion: https://postgr.es/m/1173106.1600116625@sss.pgh.pa.us
      99175141
    • Amit Kapila's avatar
      Update parallel BTree scan state when the scan keys can't be satisfied. · b7f2dd95
      Amit Kapila authored
      For parallel btree scan to work for array of scan keys, it should reach
      BTPARALLEL_DONE state once for every distinct combination of array keys.
      This is required to ensure that the parallel workers don't try to seize
      blocks at the same time for different scan keys. We missed to update this
      state when we discovered that the scan keys can't be satisfied.
      
      Author: James Hunter
      Reviewed-by: Amit Kapila
      Tested-by: Justin Pryzby
      Backpatch-through: 10, where it was introduced
      Discussion: https://postgr.es/m/4248CABC-25E3-4809-B4D0-128E1BAABC3C@amazon.com
      b7f2dd95