1. 29 Jun, 2015 6 commits
  2. 28 Jun, 2015 9 commits
    • Tom Lane's avatar
      Improve design and implementation of pg_file_settings view. · 62d16c7f
      Tom Lane authored
      As first committed, this view reported on the file contents as they were
      at the last SIGHUP event.  That's not as useful as reporting on the current
      contents, and what's more, it didn't work right on Windows unless the
      current session had serviced at least one SIGHUP.  Therefore, arrange to
      re-read the files when pg_show_all_settings() is called.  This requires
      only minor refactoring so that we can pass changeVal = false to
      set_config_option() so that it won't actually apply any changes locally.
      
      In addition, add error reporting so that errors that would prevent the
      configuration files from being loaded, or would prevent individual settings
      from being applied, are visible directly in the view.  This makes the view
      usable for pre-testing whether edits made in the config files will have the
      desired effect, before one actually issues a SIGHUP.
      
      I also added an "applied" column so that it's easy to identify entries that
      are superseded by later entries; this was the main use-case for the original
      design, but it seemed unnecessarily hard to use for that.
      
      Also fix a 9.4.1 regression that allowed multiple entries for a
      PGC_POSTMASTER variable to cause bogus complaints in the postmaster log.
      (The issue here was that commit bf007a27 unintentionally reverted
      3e3f6597, which suppressed any duplicate entries within
      ParseConfigFp.  However, since the original coding of the pg_file_settings
      view depended on such suppression *not* happening, we couldn't have fixed
      this issue now without first doing something with pg_file_settings.
      Now we suppress duplicates by marking them "ignored" within
      ProcessConfigFileInternal, which doesn't hide them in the view.)
      
      Lesser changes include:
      
      Drive the view directly off the ConfigVariable list, instead of making a
      basically-equivalent second copy of the data.  There's no longer any need
      to hang onto the data permanently, anyway.
      
      Convert show_all_file_settings() to do its work in one call and return a
      tuplestore; this avoids risks associated with assuming that the GUC state
      will hold still over the course of query execution.  (I think there were
      probably latent bugs here, though you might need something like a cursor
      on the view to expose them.)
      
      Arrange to run SIGHUP processing in a short-lived memory context, to
      forestall process-lifespan memory leaks.  (There is one known leak in this
      code, in ProcessConfigDirectory; it seems minor enough to not be worth
      back-patching a specific fix for.)
      
      Remove mistaken assignment to ConfigFileLineno that caused line counting
      after an include_dir directive to be completely wrong.
      
      Add missed failure check in AlterSystemSetConfigFile().  We don't really
      expect ParseConfigFp() to fail, but that's not an excuse for not checking.
      62d16c7f
    • Heikki Linnakangas's avatar
      Also trigger restartpoints based on max_wal_size on standby. · d661532e
      Heikki Linnakangas authored
      When archive recovery and restartpoints were initially introduced,
      checkpoint_segments was ignored on the grounds that the files restored from
      archive don't consume any space in the recovery server. That was changed in
      later releases, but even then it was arguably a feature rather than a bug,
      as performing restartpoints as often as checkpoints during normal operation
      might be excessive, but you might nevertheless not want to waste a lot of
      space for pre-allocated WAL by setting checkpoint_segments to a high value.
      But now that we have separate min_wal_size and max_wal_size settings, you
      can bound WAL usage with max_wal_size, and still avoid consuming excessive
      space usage by setting min_wal_size to a lower value, so that argument is
      moot.
      
      There are still some issues with actually limiting the space usage to
      max_wal_size: restartpoints in recovery can only start after seeing the
      checkpoint record, while a checkpoint starts flushing buffers as soon as
      the redo-pointer is set. Restartpoint is paced to happen at the same
      leisurily speed, determined by checkpoint_completion_target, as checkpoints,
      but because they are started later, max_wal_size can be exceeded by upto
      one checkpoint cycle's worth of WAL, depending on
      checkpoint_completion_target. But that seems better than not trying at all,
      and max_wal_size is a soft limit anyway.
      
      The documentation already claimed that max_wal_size is obeyed in recovery,
      so this just fixes the behaviour to match the docs. However, add some
      weasel-words there to mention that max_wal_size may well be exceeded by
      some amount in recovery.
      d661532e
    • Heikki Linnakangas's avatar
      Fix markup in docs. · 6ab4d38a
      Heikki Linnakangas authored
      Oops. I could swear I built the docs before pushing, but I guess not..
      6ab4d38a
    • Heikki Linnakangas's avatar
      Promote the assertion that XLogBeginInsert() is not called twice into ERROR. · a32c3ec8
      Heikki Linnakangas authored
      Seems like cheap insurance for WAL bugs. A spurious call to
      XLogBeginInsert() in itself would be fairly harmless, but if there is any
      data registered and the insertion is not completed/cancelled properly, there
      is a risk that the data ends up in a wrong WAL record.
      
      Per Jeff Janes's suggestion.
      a32c3ec8
    • Heikki Linnakangas's avatar
      Fix double-XLogBeginInsert call in GIN page splits. · a45c70ac
      Heikki Linnakangas authored
      If data checksums or wal_log_hints is on, and a GIN page is split, the code
      to find a new, empty, block was called after having already called
      XLogBeginInsert(). That causes an assertion failure or PANIC, if finding the
      new block involves updating a FSM page that had not been modified since last
      checkpoint, because that update is WAL-logged, which calls XLogBeginInsert
      again. Nested XLogBeginInsert calls are not supported.
      
      To fix, rearrange GIN code so that XLogBeginInsert is called later, after
      finding the victim buffers.
      
      Reported by Jeff Janes.
      a45c70ac
    • Heikki Linnakangas's avatar
      Don't choke on files that are removed while pg_rewind runs. · b36805f3
      Heikki Linnakangas authored
      If a file is removed from the source server, while pg_rewind is running, the
      invocation of pg_read_binary_file() will fail. Use the just-added missing_ok
      option to that function, to have it return NULL instead, and handle that
      gracefully. And similarly for pg_ls_dir and pg_stat_file.
      
      Reported by Fujii Masao, fix by Michael Paquier.
      b36805f3
    • Heikki Linnakangas's avatar
      Add missing_ok option to the SQL functions for reading files. · cb2acb10
      Heikki Linnakangas authored
      This makes it possible to use the functions without getting errors, if there
      is a chance that the file might be removed or renamed concurrently.
      pg_rewind needs to do just that, although this could be useful for other
      purposes too. (The changes to pg_rewind to use these functions will come in
      a separate commit.)
      
      The read_binary_file() function isn't very well-suited for extensions.c's
      purposes anymore, if it ever was. So bite the bullet and make a copy of it
      in extension.c, tailored for that use case. This seems better than the
      accidental code reuse, even if it's a some more lines of code.
      
      Michael Paquier, with plenty of kibitzing by me.
      cb2acb10
    • Kevin Grittner's avatar
      Fix comment for GetCurrentIntegerTimestamp(). · cca8ba95
      Kevin Grittner authored
      The unit of measure is microseconds, not milliseconds.
      
      Backpatch to 9.3 where the function and its comment were added.
      cca8ba95
    • Tatsuo Ishii's avatar
  3. 27 Jun, 2015 4 commits
    • Tom Lane's avatar
      Avoid passing NULL to memcmp() in lookups of zero-argument functions. · 0a52d378
      Tom Lane authored
      A few places assumed they could pass NULL for the argtypes array when
      looking up functions known to have zero arguments.  At first glance
      it seems that this should be safe enough, since memcmp() is surely not
      allowed to fetch any bytes if its count argument is zero.  However,
      close reading of the C standard says that such calls have undefined
      behavior, so we'd probably best avoid it.
      
      Since the number of places doing this is quite small, and some other
      places looking up zero-argument functions were already passing dummy
      arrays, let's standardize on the latter solution rather than hacking
      the function lookup code to avoid calling memcmp() in these cases.
      I also added Asserts to catch any future violations of the new rule.
      
      Given the utter lack of any evidence that this actually causes any
      problems in the field, I don't feel a need to back-patch this change.
      
      Per report from Piotr Stefaniak, though this is not his patch.
      0a52d378
    • Andres Freund's avatar
      Fix test_decoding's handling of nonexistant columns in old tuple versions. · d47a1136
      Andres Freund authored
      test_decoding used fastgetattr() to extract column values. That's wrong
      when decoding updates and deletes if a table's replica identity is set
      to FULL and new columns have been added since the old version of the
      tuple was created. Due to the lack of a crosscheck with the datum's
      natts values an invalid value will be output, leading to errors or
      worse.
      
      Bug: #13470
      Reported-By: Krzysztof Kotlarski
      Discussion: 20150626100333.3874.90852@wrigleys.postgresql.org
      
      Backpatch to 9.4, where the feature, including the bug, was added.
      d47a1136
    • Kevin Grittner's avatar
      Add opaque declaration of HTAB to tqual.h. · 604e9939
      Kevin Grittner authored
      Commit b89e1510 added the
      ResolveCminCmaxDuringDecoding declaration to tqual.h, which uses an
      HTAB parameter, without declaring HTAB.  It accidentally fails to
      fail to build with current sources because a declaration happens to
      be included, directly or indirectly, in all source files that
      currently use tqual.h before tqual.h is first included, but we
      shouldn't count on that.  Since an opaque declaration is enough
      here, just use that, as was done in snapmgr.h.
      
      Backpatch to 9.4, where the HTAB reference was added to tqual.h.
      604e9939
    • Heikki Linnakangas's avatar
      Fix typo in comment · 7845db2a
      Heikki Linnakangas authored
      Etsuro Fujita
      7845db2a
  4. 26 Jun, 2015 13 commits
    • Simon Riggs's avatar
      Avoid hot standby cancels from VAC FREEZE · 66fbcb0d
      Simon Riggs authored
      VACUUM FREEZE generated false cancelations of standby queries on an
      otherwise idle master. Caused by an off-by-one error on cutoff_xid
      which goes back to original commit.
      
      Backpatch to all versions 9.0+
      
      Analysis and report by Marco Nenciarini
      
      Bug fix by Simon Riggs
      66fbcb0d
    • Alvaro Herrera's avatar
      Fix DDL command collection for TRANSFORM · 7d60b2af
      Alvaro Herrera authored
      Commit b488c580, which added the DDL command collection feature,
      neglected to update the code that commit cac76582 had previously
      added two weeks earlier for the TRANSFORM feature.
      
      Reported by Michael Paquier.
      7d60b2af
    • Alvaro Herrera's avatar
      Fix BRIN xlog replay · 40282224
      Alvaro Herrera authored
      There was a confusion about which block number to use when storing an
      item's pointer in the revmap -- the revmap page's blkno was being used,
      not the data page's blkno.
      
      Spotted-by: Jeff Janes
      40282224
    • Robert Haas's avatar
      Fix grammar. · 7c02d48e
      Robert Haas authored
      Reported by Peter Geoghegan.
      7c02d48e
    • Robert Haas's avatar
      Be more conservative about removing tablespace "symlinks". · 8f15f74a
      Robert Haas authored
      Don't apply rmtree(), which will gleefully remove an entire subtree,
      and don't even apply unlink() unless it's symlink or a directory,
      the only things that we expect to find.
      
      Amit Kapila, with minor tweaks by me, per extensive discussions
      involving Andrew Dunstan, Fujii Masao, and Heikki Linnakangas,
      at least some of whom also reviewed the code.
      8f15f74a
    • Robert Haas's avatar
      release notes: Add entry for commit 5ea86e6e. · c66bc72e
      Robert Haas authored
      Peter Geoghegan and Robert Haas
      c66bc72e
    • Robert Haas's avatar
      Remove unnecessary NULL test. · 8a8c581a
      Robert Haas authored
      Spotted by Coverity and reported by Michael Paquier.  Per discussion,
      we don't necessarily care about making Coverity happy in all such
      instances, but we can go ahead and change them where it otherwise
      seems to improve the code.
      8a8c581a
    • Robert Haas's avatar
      release notes: Combine items for pg_upgrade and pg_upgrade_support moves. · 31c018ec
      Robert Haas authored
      Per suggestions from Amit Langote and Álvaro Herrera.
      31c018ec
    • Robert Haas's avatar
      Don't warn about creating temporary or unlogged hash indexes. · 9043ef39
      Robert Haas authored
      Warning people that no WAL-logging will be done doesn't make sense
      in this case.
      
      Michael Paquier
      9043ef39
    • Robert Haas's avatar
      Reduce log level for background worker events from LOG to DEBUG1. · 91118f1a
      Robert Haas authored
      Per discussion, LOG is just too chatty for something that will happen
      as routinely as this.
      
      Pavel Stehule
      91118f1a
    • Andres Freund's avatar
      Fix the fallback memory barrier implementation to be reentrant. · 1b468a13
      Andres Freund authored
      This was essentially "broken" since 0c8eda62; but until more
      recently (14e8803f) barriers usage in signal handlers was infrequent.
      
      The failure to be reentrant was noticed because the test_shm_mq, which
      uses memory barriers at a high frequency, occasionally got stuck on some
      solaris buildfarm animals. Turns out, those machines use sun studio
      12.1, which doesn't yet have efficient memory barrier support. A machine
      with a newer sun studio did not fail.  Forcing the barrier fallback to
      be used on x86 allows to reproduce the problem.
      
      The new fallback is to use kill(PostmasterPid, 0) based on the theory
      that that'll always imply a barrier due to checking the liveliness of
      PostmasterPid on systems old enough to need fallback support. It's hard
      to come up with a good and performant fallback.
      
      I'm not backpatching this for now - the problem isn't active in the back
      branches, and we haven't backpatched barrier changes for
      now. Additionally master looks entirely different than the back branches
      due to the new atomics abstraction. It seems better to let this rest in
      master, where the non-reentrancy actively causes a problem, and then
      consider backpatching.
      
      Found-By: Robert Haas
      Discussion: 55626265.3060800@dunslane.net
      1b468a13
    • Robert Haas's avatar
      Improve handling of CustomPath/CustomPlan(State) children. · 5ca61184
      Robert Haas authored
      Allow CustomPath to have a list of paths, CustomPlan a list of plans,
      and CustomPlanState a list of planstates known to the core system, so
      that custom path/plan providers can more reasonably use this
      infrastructure for nodes with multiple children.
      
      KaiGai Kohei, per a design suggestion from Tom Lane, with some
      further kibitzing by me.
      5ca61184
    • Heikki Linnakangas's avatar
      Fix a couple of bugs with wal_log_hints. · 4b8e24b9
      Heikki Linnakangas authored
      1. Replay of the WAL record for setting a bit in the visibility map
      contained an assertion that a full-page image of that record type can only
      occur with checksums enabled. But it can also happen with wal_log_hints, so
      remove the assertion. Unlike checksums, wal_log_hints can be changed on the
      fly, so it would be complicated to figure out if it was enabled at the time
      that the WAL record was generated.
      
      2. wal_log_hints has the same effect on the locking needed to read the LSN
      of a page as data checksums. BufferGetLSNAtomic() didn't get the memo.
      
      Backpatch to 9.4, where wal_log_hints was added.
      4b8e24b9
  5. 25 Jun, 2015 3 commits
    • Robert Haas's avatar
      Allow background workers to connect to no particular database. · f7bb7f06
      Robert Haas authored
      The documentation claims that this is supported, but it didn't
      actually work.  Fix that.
      
      Reported by Pavel Stehule; patch by me.
      f7bb7f06
    • Tom Lane's avatar
      Fix the logic for putting relations into the relcache init file. · 5d1ff6bd
      Tom Lane authored
      Commit f3b5565d was a couple of bricks shy
      of a load; specifically, it missed putting pg_trigger_tgrelid_tgname_index
      into the relcache init file, because that index is not used by any
      syscache.  However, we have historically nailed that index into cache for
      performance reasons.  The upshot was that load_relcache_init_file always
      decided that the init file was busted and silently ignored it, resulting
      in a significant hit to backend startup speed.
      
      To fix, reinstantiate RelationIdIsInInitFile() as a wrapper around
      RelationSupportsSysCache(), which can know about additional relations
      that should be in the init file despite being unknown to syscache.c.
      
      Also install some guards against future mistakes of this type: make
      write_relcache_init_file Assert that all nailed relations get written to
      the init file, and make load_relcache_init_file emit a WARNING if it takes
      the "wrong number of nailed relations" exit path.  Now that we remove the
      init files during postmaster startup, that case should never occur in the
      field, even if we are starting a minor-version update that added or removed
      rels from the nailed set.  So the warning shouldn't ever be seen by end
      users, but it will show up in the regression tests if somebody breaks this
      logic.
      
      Back-patch to all supported branches, like the previous commit.
      5d1ff6bd
    • Tom Lane's avatar
      Docs: fix claim that to_char('FM') removes trailing zeroes. · d759b7eb
      Tom Lane authored
      Of course, what it removes is leading zeroes.  Seems to have been a thinko
      in commit ffe92d15.  Noted by Hubert Depesz
      Lubaczewski.
      d759b7eb
  6. 24 Jun, 2015 1 commit
  7. 23 Jun, 2015 4 commits