Commit Graph

30610 Commits

Author SHA1 Message Date
Tom Lane
6d0877fc5e Fix ancient typo in user-defined-aggregates documentation.
The description of the initcond value for the built-in avg(float8)
aggregate has been wrong since it was written.  Noted by Disc Magnet.
2011-03-23 12:33:40 -04:00
Simon Riggs
9bb1ddec4c Prevent intermittent hang in recovery from bgwriter interaction.
Startup process waited for cleanup lock but when hot_standby = off
the pid was not registered, so that the bgwriter would not wake
the waiting process as intended.
2011-03-23 13:32:37 +00:00
Tom Lane
3cb2f2ae4c Avoid potential deadlock in InitCatCachePhase2().
Opening a catcache's index could require reading from that cache's own
catalog, which of course would acquire AccessShareLock on the catalog.
So the original coding here risks locking index before heap, which could
deadlock against another backend trying to get exclusive locks in the
normal order.  Because InitCatCachePhase2 is only called when a backend
has to start up without a relcache init file, the deadlock was seldom seen
in the field.  (And by the same token, there's no need to worry about any
performance disadvantage; so not much point in trying to distinguish
exactly which catalogs have the risk.)

Bug report, diagnosis, and patch by Nikhil Sontakke.  Additional commentary
by me.  Back-patch to all supported branches.
2011-03-22 13:01:04 -04:00
Alvaro Herrera
38e5124574 Fix PL/Python memory leak involving array slices
Report and patch from Daniel Popowich, bug #5842
(with some debugging help from Alex Hunsaker)
2011-03-17 12:32:46 -03:00
Andrew Dunstan
7ae983d94d Use correct PATH separator for Cygwin in pg_regress.c.
This has been broken for years, and I'm not sure why it has not been
noticed before, but now a very modern Cygwin breaks on it, and the fix
is clearly correct. Backpatching to all live branches.
2011-03-17 00:11:01 -04:00
Tom Lane
f6b2ab7d95 On further reflection, we'd better do the same in int.c.
We previously heard of the same problem in int24div(), so there's not a
good reason to suppose the problem is confined to cases involving int8.
2011-03-11 19:04:05 -05:00
Tom Lane
03aab8262a Put in some more safeguards against executing a division-by-zero.
Add dummy returns before every potential division-by-zero in int8.c,
because apparently further "improvements" in gcc's optimizer have
enabled it to break functions that weren't broken before.

Aurelien Jarno, via Martin Pitt
2011-03-11 18:18:59 -05:00
Heikki Linnakangas
2f418e8a17 In ecpg preprocessor, don't try to look up constants in the test for
variable hiding. A constant is not a variable. It worked in most cases by
accident, because we add constants to the global list of variables (why?),
but float constants like 1.23 were interpreted as struct field references,
and not found.

Backpatch to 9.0, where the test for variable hiding was added.
2011-03-11 17:23:31 +02:00
Heikki Linnakangas
b42225c101 Don't throw a warning if vacuum sees PD_ALL_VISIBLE flag set on a page that
contains newly-inserted tuples that according to our OldestXmin are not
yet visible to everyone. The value returned by GetOldestXmin() is conservative,
and it can move backwards on repeated calls, so if we see that contradiction
between the PD_ALL_VISIBLE flag and status of tuples on the page, we have to
assume it's because an earlier vacuum calculated a higher OldestXmin value,
and all the tuples really are visible to everyone.

We have received several reports of this bug, with the "PD_ALL_VISIBLE flag
was incorrectly set in relation ..." warning appearing in logs. We were
finally able to hunt it down with David Gould's help to run extra diagnostics
in an environment where this happened frequently.

Also reword the warning, per Robert Haas' suggestion, to not imply that the
PD_ALL_VISIBLE flag is necessarily at fault, as it might also be a symptom
of corruption on a tuple header.

Backpatch to 8.4, where the PD_ALL_VISIBLE flag was introduced.
2011-03-08 20:29:43 +02:00
Tom Lane
2ff092bcd8 In initialize_SSL, don't fail unnecessarily when home dir is unavailable.
Instead, just act as though the certificate file(s) are not present.
There is only one case where this need be a hard failure condition: when
sslmode is verify-ca or verify-full, not having a root cert file is an
error.  Change the logic so that we complain only in that case, and
otherwise fall through cleanly.  This is how it used to behave pre-9.0,
but my patch 4ed4b6c54e of 2010-05-26 broke
the case.  Per report from Christian Kastner.
2011-03-04 11:39:14 -05:00
Tom Lane
a48fb0b598 Correct mistaken claims about EXPLAIN ANALYZE's handling of triggers.
Time spent executing AFTER triggers is not included in the runtime of the
associated ModifyTable node; in my patch of yesterday I confused queuing of
these triggers with their actual execution.  Spotted by Marko Tiikkaja.
2011-03-02 11:17:07 -05:00
Tom Lane
82a0e35222 Update discussion of EXPLAIN to reflect existence of ModifyTable nodes.
Back-patch to 9.0, since this was changed then.
2011-03-01 11:36:09 -05:00
Tom Lane
15907c3623 Fix dangling-pointer problem in before-row update trigger processing.
ExecUpdate checked for whether ExecBRUpdateTriggers had returned a new
tuple value by seeing if the returned tuple was pointer-equal to the old
one.  But the "old one" was in estate->es_junkFilter's result slot, which
would be scribbled on if we had done an EvalPlanQual update in response to
a concurrent update of the target tuple; therefore we were comparing a
dangling pointer to a live one.  Given the right set of circumstances we
could get a false match, resulting in not forcing the tuple to be stored in
the slot we thought it was stored in.  In the case reported by Maxim Boguk
in bug #5798, this led to "cannot extract system attribute from virtual
tuple" failures when trying to do "RETURNING ctid".  I believe there is a
very-low-probability chance of more serious errors, such as generating
incorrect index entries based on the original rather than the
trigger-modified version of the row.

In HEAD, change all of ExecBRInsertTriggers, ExecIRInsertTriggers,
ExecBRUpdateTriggers, and ExecIRUpdateTriggers so that they continue to
have similar APIs.  In the back branches I just changed
ExecBRUpdateTriggers, since there is no bug in the ExecBRInsertTriggers
case.
2011-02-21 21:18:13 -05:00
Tom Lane
b22e2d6b02 Fix parallel pg_restore to handle comments on POST_DATA items correctly.
The previous coding would try to process all SECTION_NONE items in the
initial sequential-restore pass, which failed if they were dependencies of
not-yet-restored items.  Fix by postponing such items into the parallel
processing pass once we have skipped any non-PRE_DATA item.

Back-patch into 9.0; the original parallel-restore coding in 8.4 did not
have this bug, so no need to change it.

Report and diagnosis by Arnd Hannemann.
2011-02-18 13:11:50 -05:00
Tom Lane
848cd3289e Fix tsmatchsel() to account properly for null rows.
ts_typanalyze.c computes MCE statistics as fractions of the non-null rows,
which seems fairly reasonable, and anyway changing it in released versions
wouldn't be a good idea.  But then ts_selfuncs.c has to account for that.
Failure to do so results in overestimates in columns with a significant
fraction of null documents.  Back-patch to 8.4 where this stuff was
introduced.

Jesper Krogh
2011-02-17 19:00:54 -05:00
Tom Lane
7422e0081d Fix bogus test for hypothetical indexes in get_actual_variable_range().
That function was supposing that indexoid == 0 for a hypothetical index,
but that is not likely to be true in any non-toy implementation of an index
adviser, since assigning a fake OID is the only way to know at EXPLAIN time
which hypothetical index got selected.  Fix by adding a flag to
IndexOptInfo to mark hypothetical indexes.  Back-patch to 9.0 where
get_actual_variable_range() was added.

Gurjeet Singh
2011-02-16 19:24:50 -05:00
Tom Lane
8e4b147312 Add CheckTableNotInUse calls in DROP TABLE and DROP INDEX.
Recent releases had a check on rel->rd_refcnt in heap_drop_with_catalog,
but failed to cover the possibility of pending trigger events at DROP time.
(Before 8.4 we didn't even check the refcnt.)  When the trigger events were
eventually fired, you'd get "could not open relation with OID nnn" errors,
as in recent report from strk.  Better to throw a suitable error when the
DROP is attempted.

Also add a similar check in DROP INDEX.

Back-patch to all supported branches.
2011-02-15 15:49:59 -05:00
Bruce Momjian
888fda8092 Clarify documentation for libpq's PQescapeBytea to mention the new hex
format.

Modify PQescapeStringConn() docs to be consisent with other escaping
functions.

Add mention problems with pre-9.0 versions of libpq using not understanding
bytea hex format to the 9.0 release notes.

Backpatch to 9.0 docs.
2011-02-13 09:48:19 -05:00
Tom Lane
d5478c3391 Fix improper matching of resjunk column names for FOR UPDATE in subselect.
Flattening of subquery range tables during setrefs.c could lead to the
rangetable indexes in PlanRowMark nodes not matching up with the column
names previously assigned to the corresponding resjunk ctid (resp. tableoid
or wholerow) columns.  Typical symptom would be either a "cannot extract
system attribute from virtual tuple" error or an Assert failure.  This
wasn't a problem before 9.0 because we didn't support FOR UPDATE below the
top query level, and so the final flattening could never renumber an RTE
that was relevant to FOR UPDATE.  Fix by using a plan-tree-wide unique
number for each PlanRowMark to label the associated resjunk columns, so
that the number need not change during flattening.

Per report from David Johnston (though I'm darned if I can see how this got
past initial testing of the relevant code).  Back-patch to 9.0.
2011-02-09 23:27:16 -05:00
Magnus Hagander
5dfc66b3d0 Fix typo.
Thom Brown
2011-02-03 11:25:34 +01:00
Magnus Hagander
1c4c264aa5 Undefine setlocale() macro on Win32
New versions of libintl redefine setlocale() to a macro
which causes problems when the backend and libintl are
linked against different versions of the runtime, which
is often the case in msvc builds.

Hiroshi Inoue, slightly updated comment by me
2011-02-01 13:22:22 +01:00
Simon Riggs
d6c1dc176a Create new errcode for recovery conflict caused by db drop on master.
Previously reported as ERRCODE_ADMIN_SHUTDOWN, this case is now
reported as ERRCODE_DATABASE_DROPPED. No message text change.
Unlikely to happen on most servers, so low impact change to allow
session poolers to correctly handle this situation.

Tatsuo Ishii and Simon Riggs
2011-02-01 08:49:58 +00:00
Itagaki Takahiro
9a01285289 Fix wrong error reports in 'number of array dimensions exceeds the
maximum allowed' messages, that have reported one-less dimensions.

Alexey Klyukin
2011-02-01 15:23:55 +09:00
Simon Riggs
6bfa6b0867 Fix error code for canceling statement due to conflict with recovery.
All retryable conflict errors now have an error code that indicates that
a retry is possible, correcting my incomplete fix of 2010/05/12

Tatsuo Ishii and Simon Riggs, input from Robert Haas and Florian Pflug
2011-01-31 19:24:29 +00:00
Tom Lane
1df57f63f3 Make reduce_outer_joins() smarter about semijoins.
reduce_outer_joins() mistakenly treated a semijoin like a left join for
purposes of deciding whether not-null constraints created by the join's
quals could be passed down into the join's left-hand side (possibly
resulting in outer-join simplification there).  Actually, semijoin works
like inner join for this purpose, ie, we do not need to see any rows that
can't possibly satisfy the quals.  Hence, two-line fix to treat semi and
inner joins alike.  Per observation by Andres Freund about a performance
gripe from Yazan Suleiman.

Back-patch to 8.4, since this oversight has been there since the current
handling of semijoins was implemented.
2011-01-30 17:05:15 -05:00
Marc G. Fournier
2fb64d8570 Tag 9.0.3 2011-01-27 22:21:31 -04:00
Tom Lane
aefb8d9198 Update release notes.
Security: CVE-2010-4015
2011-01-27 17:47:15 -05:00
Tom Lane
d6d145673f Prevent buffer overrun while parsing an integer in a "query_int" value.
contrib/intarray's gettoken() uses a fixed-size buffer to collect an
integer's digits, and did not guard against overrunning the buffer.
This is at least a backend crash risk, and in principle might allow
arbitrary code execution.  The code didn't check for overflow of the
integer value either, which while not presenting a crash risk was still
bad.

Thanks to Apple Inc's security team for reporting this issue and supplying
the fix.

Security: CVE-2010-4015
2011-01-27 17:43:07 -05:00
Tom Lane
67dbe720f6 Don't include <asm/ia64regs.h> unnecessarily.
We only need that header when compiling with icc, since the gcc variant of
ia64_get_bsp() uses in-line assembly code.  Per report from Frank Brendel,
the header doesn't exist on all IA64 platforms; so don't include it unless
we need it.
2011-01-27 16:29:44 -05:00
Peter Eisentraut
7f2d75408b Translation updates for release 9.0.3 2011-01-27 23:13:33 +02:00
Tom Lane
af9e2ed29b Update release notes for releases 9.0.3, 8.4.7, 8.3.14, and 8.2.20. 2011-01-27 16:09:51 -05:00
Robert Haas
2c3e292998 Correct ALTER TYPE -> SET DATA TYPE in ALTER TABLE documentation.
The latter is the correct name of the operation to change the data type
of a column.

Noah Misch
2011-01-25 18:52:03 -05:00
Robert Haas
39b5e5f337 Make ALTER TABLE revalidate uniqueness and exclusion constraints.
Failure to do so can lead to constraint violations.  This was broken by
commit 1ddc2703a9 on 2010-02-07, so
back-patch to 9.0.

Noah Misch.  Regression test by me.
2011-01-20 22:48:29 -05:00
Robert Haas
ba3afc88d2 Document that WITH queries are also called Common Table Expressions.
Peter Geoghegan, reviewed by Stephen Frost
2011-01-19 21:21:33 -05:00
Tom Lane
d8b0495f96 Fix miscalculation of itemsafter in array_set_slice().
If the slice to be assigned to was before the existing array lower bound
(requiring at least one null element to spring into existence to fill the
gap), the code miscalculated how many entries needed to be copied from
the old array's null bitmap.  This could result in trashing the array's
data area (as seen in bug #5840 from Karsten Loesing), or worse.

This has been broken since we first allowed the behavior of assigning to
non-adjacent slices, in 8.2.  Back-patch to all affected versions.
2011-01-17 12:40:13 -05:00
Alvaro Herrera
051096d06e Increment Py_None refcount for NULL array elements
Per bug #5835 by Julien Demoor
Author: Alex Hunsaker
2011-01-17 13:01:04 -03:00
Heikki Linnakangas
1435a8554c Before exiting walreceiver, fsync() all the WAL received.
Otherwise WAL recovery will replay the un-flushed WAL after walreceiver has
exited, which can lead to a non-recoverable standby if the system crashes hard
at that point.
2011-01-17 12:29:15 +02:00
Heikki Linnakangas
a08363d70c Fix the logic in libpqrcv_receive() to determine if there's any incoming data
that can be read without blocking. It used to conclude that there isn't, even
though there was data in the socket receive buffer. That lead walreceiver to
flush the WAL after every received chunk, potentially causing big performance
issues.

Backpatch to 9.0, because the performance impact can be very significant.
2011-01-13 18:00:37 +02:00
Tom Lane
fed8dcdb84 Fix PlanRowMark/ExecRowMark structures to handle inheritance correctly.
In an inherited UPDATE/DELETE, each target table has its own subplan,
because it might have a column set different from other targets.  This
means that the resjunk columns we add to support EvalPlanQual might be
at different physical column numbers in each subplan.  The EvalPlanQual
rewrite I did for 9.0 failed to account for this, resulting in possible
misbehavior or even crashes during concurrent updates to the same row,
as seen in a recent report from Gordon Shannon.  Revise the data structure
so that we track resjunk column numbers separately for each subplan.

I also chose to move responsibility for identifying the physical column
numbers back to executor startup, instead of assuming that numbers derived
during preprocess_targetlist would stay valid throughout subsequent
massaging of the plan.  That's a bit slower, so we might want to consider
undoing it someday; but it would complicate the patch considerably and
didn't seem justifiable in a bug fix that has to be back-patched to 9.0.
2011-01-12 20:47:09 -05:00
Magnus Hagander
a1ed4cf6ca Typo fix
Josh Kupershmidt
2011-01-11 10:46:08 +01:00
Magnus Hagander
628a6b7564 Ensure the directory for gram.h is created on win32
Result of bad testing of my last commit.
2011-01-09 17:02:03 +01:00
Magnus Hagander
763072ba8f Properly install gram.h on MSVC builds
This file is now needed by pgAdmin builds, which started
failing since it was missing in the installer builds.
2011-01-09 15:33:42 +01:00
Michael Meskes
1b2b96c423 In ecpg's parser removed a fixed length limit for constants defining an array dimension. 2011-01-08 23:02:23 +01:00
Robert Haas
e445f9f8b5 Remove bogus claims regarding createuser defaults.
Josh Kupershmidt
2011-01-08 06:13:53 -05:00
Bruce Momjian
8b3790916d Update documentation to say that \lo_import sets :LASTOID, not
lo_insert.
2011-01-05 21:32:13 -05:00
Bruce Momjian
9a22ea242b In pg_upgrade, copy pg_largeobject_metadata and its index for 9.0+
servers because, like pg_largeobject, it is a system table whose
contents are not dumped by pg_dump --schema-only.
2011-01-04 23:35:52 -05:00
Bruce Momjian
845626f506 In pg_upgrade, fix backward logging display of link operations. 2011-01-04 21:33:37 -05:00
Tom Lane
ee718c2310 Improve pg_upgrade's checks for required executables.
Don't insist on pg_dumpall and psql being present in the old cluster,
since they are not needed.  Do insist on pg_resetxlog being present
(in both old and new), since we need it.  Also check for pg_config,
but only in the new cluster.  Remove the useless attempt to call
pg_config in the old cluster; we don't need to know the old value of
--pkglibdir.  (In the case of a stripped-down migration installation
there might be nothing there to look at anyway, so any future change
that might reintroduce that need would have to be considered carefully.)

Per my attempts to build a minimal previous-version installation to support
pg_upgrade.
2010-12-29 13:43:58 -05:00
Tom Lane
0fdf735d97 Avoid unexpected conversion overflow in planner for distant date values.
The "date" type supports a wider range of dates than int64 timestamps do.
However, there is pre-int64-timestamp code in the planner that assumes that
all date values can be converted to timestamp with impunity.  Fortunately,
what we really need out of the conversion is always a double (float8)
value; so even when the date is out of timestamp's range it's possible to
produce a sane answer.  All we need is a code path that doesn't try to
force the result into int64.  Per trouble report from David Rericha.

Back-patch to all supported versions.  Although this is surely a corner
case, there's not much point in advertising a date range wider than
timestamp's if we will choke on such values in unexpected places.
2010-12-28 22:50:19 -05:00
Robert Haas
a45e2e141d Correct spelling: longjump() -> longjmp(). 2010-12-24 22:23:13 -05:00