Tom Lane [Fri, 24 Jul 2009 17:58:31 +0000 (17:58 +0000)]
Avoid extra system calls to block SIGPIPE if the platform provides either
sockopt(SO_NOSIGPIPE) or the MSG_NOSIGNAL flag to send().
We assume these features are available if (1) the symbol is defined at
compile time and (2) the kernel doesn't reject the call at runtime.
It might turn out that there are some platforms where (1) and (2) are
true and yet the signal isn't really blocked, in which case applications
would die on server crash. If that sort of thing gets reported, then
we'll have to add additional defenses of some kind.
Tom Lane [Thu, 23 Jul 2009 21:27:10 +0000 (21:27 +0000)]
Save a few cycles in EXPLAIN and related commands by not bothering to form
a physical tuple in do_tup_output(). A virtual tuple is easier to set up
and also easier for most tuple receivers to process. Per my comment on
Robert Haas' recent patch in this code.
Tom Lane [Thu, 23 Jul 2009 20:45:27 +0000 (20:45 +0000)]
In a non-hashed Agg node, reset the "aggcontext" at group boundaries, instead
of individually pfree'ing pass-by-reference transition values. This should
be at least as fast as the prior coding, and it has the major advantage of
clearing out any working data an aggregate function may have stored in or
underneath the aggcontext. This avoids memory leakage when an aggregate
such as array_agg() is used in GROUP BY mode. Per report from Chris Spotts.
Back-patch to 8.4. In principle the problem could arise in prior versions,
but since they didn't have array_agg the issue seems not critical.
Tom Lane [Thu, 23 Jul 2009 17:42:06 +0000 (17:42 +0000)]
Fix another thinko in join_is_legal's handling of semijoins: we have to test
for the case that the semijoin was implemented within either input by
unique-ifying its RHS before we test to see if it appears to match the current
join situation. The previous coding would select semijoin logic in situations
where we'd already unique-ified the RHS and joined it to some unrelated
relation(s), and then came to join it to the semijoin's LHS. That still gave
the right answer as far as the semijoin itself was concerned, but would lead
to incorrectly examining only an arbitrary one of the matchable rows from the
unrelated relation(s). The cause of this thinko was incorrect unification of
the pre-8.4 logic for IN joins and OUTER joins --- the comparable case for
outer joins can be handled after making the match test, but that's because
there is nothing like the unique-ification escape hatch for outer joins.
Per bug #4934 from Benjamin Reed.
Tom Lane [Wed, 22 Jul 2009 17:00:23 +0000 (17:00 +0000)]
Change do_tup_output() to take Datum/isnull arrays instead of a char * array,
so it doesn't go through BuildTupleFromCStrings. This is more or less a
wash for current uses, but will avoid inefficiency for planned changes to
EXPLAIN.
Tom Lane [Wed, 22 Jul 2009 01:21:22 +0000 (01:21 +0000)]
Tweak TOAST code so that columns marked with MAIN storage strategy are
not forced out-of-line unless that is necessary to make the row fit on a
page. Previously, they were forced out-of-line if needed to get the row
down to the default target size (1/4th page).
Peter Eisentraut [Tue, 21 Jul 2009 20:24:51 +0000 (20:24 +0000)]
Change pg_listener attribute number constants to match the usual pattern
It appears that, for no particularly good reason, pg_listener.h deviates from
the usual convention for declaring attribute number constants. Normally, it's
Tom Lane [Tue, 21 Jul 2009 19:53:12 +0000 (19:53 +0000)]
Speed up AllocSetFreeIndex, which is a significant cost in palloc and pfree,
by using a lookup table instead of a naive shift-and-count loop. Based on
code originally posted by Sean Eron Anderson at
http://graphics.stanford.edu/%7eseander/bithacks.html.
Greg Stark did the research and benchmarking to show that this is what
we should use. Jeremy Kerr first noticed that this is a hotspot that
could be optimized, though we ended up not using his suggestion of
platform-specific bit-searching code.
Tom Lane [Tue, 21 Jul 2009 02:02:44 +0000 (02:02 +0000)]
Fix another semijoin-ordering bug. We already knew that we couldn't
reorder a semijoin into or out of the righthand side of another semijoin,
but actually it doesn't work to reorder it into or out of the righthand
side of a left or antijoin, either. Per bug #4906 from Mathieu Fenniak.
This was sloppy thinking on my part. This identity does work:
( A left join B on (Pab) ) semijoin C on (Pac)
==
( A semijoin C on (Pac) ) left join B on (Pab)
but I failed to see that that doesn't mean this does:
( A left join B on (Pab) ) semijoin C on (Pbc)
!=
A left join ( B semijoin C on (Pbc) ) on (Pab)
Install src/include/utils/fmgroids.h on VPATH builds too.
The original coding was not dealing specially with this file being a symlink,
with the end result that it was not installed in VPATH builds. Oddly enough,
the clean target does know about it ...
Peter Eisentraut [Mon, 20 Jul 2009 08:01:07 +0000 (08:01 +0000)]
Use errcontext mechanism in PL/Python
Error messages from PL/Python now always mention the function name in the
CONTEXT: field. This also obsoletes the few places that tried to do the
same manually.
Regression test files are updated to work with Python 2.4-2.6. I don't have
access to older versions right now.
Tom Lane [Mon, 20 Jul 2009 00:24:30 +0000 (00:24 +0000)]
Teach simplify_boolean_equality to simplify the forms foo <> true and
foo <> false, along with its previous duties of simplifying foo = true
and foo = false. (All of these are equivalent to just foo or NOT foo
as the case may be.) It's not clear how often this is really useful;
but it costs almost nothing to do, and it seems some people think we
should be smart about such cases. Per recent bug report.
Tom Lane [Sun, 19 Jul 2009 21:00:43 +0000 (21:00 +0000)]
Rewrite GEQO's gimme_tree function so that it always finds a legal join
sequence, even when the input "tour" doesn't lead directly to such a sequence.
The stack logic that was added in 2004 only supported cases where relations
that had to be joined to each other (due to join order restrictions) were
adjacent in the tour. However, relying on a random search to figure that out
is tremendously inefficient in large join problems, and could even fail
completely (leading to "failed to make a valid plan" errors) if
random_init_pool ran out of patience. It seems better to make the
tour-to-plan transformation a little bit fuzzier so that every tour can form
a legal plan, even though this means that apparently different tours will
sometimes yield the same plan.
In the same vein, get rid of the logic that knew that tours (a,b,c,d,...)
are the same as tours (b,a,c,d,...), and therefore insisted the latter
are invalid. The chance of generating two tours that differ only in
this way isn't that high, and throwing out 50% of possible tours to
avoid such duplication seems more likely to waste valuable genetic-
refinement generations than to do anything useful.
This leaves us with no cases in which geqo_eval will deem a tour invalid,
so get rid of assorted kluges that tried to deal with such cases, in
particular the undocumented assumption that DBL_MAX is an impossible
plan cost.
This is all per testing of Robert Haas' lets-remove-the-collapse-limits
patch. That idea has crashed and burned, at least for now, but we still
got something useful out of it.
It's possible we should back-patch this change, since the "failed to make a
valid plan" error can happen in existing releases; but I'd rather not until
it has gotten more testing.
Tom Lane [Sun, 19 Jul 2009 20:32:48 +0000 (20:32 +0000)]
Fix a thinko in join_is_legal: when we decide we can implement a semijoin
by unique-ifying the RHS and then inner-joining to some other relation,
that is not grounds for violating the RHS of some other outer join.
Noticed while regression-testing new GEQO code, which will blindly follow
any path that join_is_legal says is legal, and then complain later if that
leads to a dead end.
I'm not certain that this can result in any visible failure in 8.4: the
mistake may always be masked by the fact that subsequent attempts to join
the rest of the RHS of the other join will fail. But I'm not certain it
can't, either, and it's definitely not operating as intended. So back-patch.
The added regression test depends on the new no-failures-allowed logic
that I'm about to commit in GEQO, so no point back-patching that.
Tom Lane [Sat, 18 Jul 2009 19:15:42 +0000 (19:15 +0000)]
Fix error cleanup failure caused by 8.4 changes in plpgsql to try to avoid
memory leakage in error recovery. We were calling FreeExprContext, and
therefore invoking ExprContextCallback callbacks, in both normal and error
exits from subtransactions. However this isn't very safe, as shown in
recent trouble report from Frank van Vugt, in which releasing a tupledesc
refcount failed. It's also unnecessary, since the resources that callbacks
might wish to release should be cleaned up by other error recovery mechanisms
(ie the resource owners). We only really want FreeExprContext to release
memory attached to the exprcontext in the error-exit case. So, add a bool
parameter to FreeExprContext to tell it not to call the callbacks.
A more general solution would be to pass the isCommit bool parameter on to
the callbacks, so they could do only safe things during error exit. But
that would make the patch significantly more invasive and possibly break
third-party code that registers ExprContextCallback callbacks. We might want
to do that later in HEAD, but for now I'll just do what seems reasonable to
back-patch.
Tom Lane [Fri, 17 Jul 2009 23:19:34 +0000 (23:19 +0000)]
Repair bug #4926 "too few pathkeys for mergeclauses". This example shows
that the sanity checking I added to create_mergejoin_plan() in 8.3 was a
few bricks shy of a load: the mergeclauses could reference pathkeys in a
noncanonical order such as x,y,x, not only cases like x,x,y which is all
that the code had allowed for. The odd cases only turn up when using
redundant clauses in an outer join condition, which is why no one had
noticed before.
Tom Lane [Thu, 16 Jul 2009 20:55:44 +0000 (20:55 +0000)]
Make GEQO's planning deterministic by having it start from a predictable
random number seed each time. This is how it used to work years ago, but
we got rid of the seed reset because it was resetting the main random()
sequence and thus having undesirable effects on the rest of the system.
To fix, establish a private random number state for each execution of
geqo(), and initialize the state using the new GUC variable geqo_seed.
People who want to experiment with different random searches can do so
by changing geqo_seed, but you'll always get the same plan for the same
value of geqo_seed (if holding all other planner inputs constant, of course).
The new state is kept in PlannerInfo by adding a "void *" field reserved
for use by join_search hooks. Most of the rather bulky code changes in
this commit are just arranging to pass PlannerInfo around to all the GEQO
functions (many of which formerly didn't receive it).
Tom Lane [Thu, 16 Jul 2009 17:43:52 +0000 (17:43 +0000)]
Add erand48() to the set of functions supported by our src/port/ library,
and extend configure to test for it properly instead of hard-wiring
an assumption that everybody but Windows has the rand48 functions.
(We do cheat to the extent of assuming that probing for erand48 will do
for the entire rand48 family.)
erand48() is unused as of this commit, but a followon patch will cause
GEQO to depend on it.
Peter Eisentraut [Thu, 16 Jul 2009 06:33:46 +0000 (06:33 +0000)]
Make backend header files C++ safe
This alters various incidental uses of C++ key words to use other similar
identifiers, so that a C++ compiler won't choke outright. You still
(probably) need extern "C" { }; around the inclusion of backend headers.
based on a patch by Kurt Harriman <harriman@acm.org>
Also add a script cpluspluscheck to check for C++ compatibility in the
future. As of right now, this passes without error for me.
Peter Eisentraut [Tue, 14 Jul 2009 22:16:38 +0000 (22:16 +0000)]
Rearrangement of the HTML docs build rules
Set up proper makefile dependencies in the documentation build rules,
especially around the HTML/index build. The problem we've had with all
previous solutions is that we have used the same file name, such as HTML.index
or bookindex.sgml, to mean different things at different stages of the build,
and make can't distinguish that. The solution here is that the first jade run
produces HTML.index, but does not require bookindex.sgml at all, and produces
no other html output (the latter an idea from Alvaro). The second jade run
includes bookindex.sgml, but does not recreate HTML.index. That way, when you
change an sgml file, jade is run twice and at the end all dependencies are
satisfied. Omitting the html output in the first stage also makes the full
build a lot faster.
When you run one of the print format targets, only the first jade run is run,
then the print target-specific commands. If an HTML build has completed
previously, the first jade run is skipped because the dependencies have
already been satisfied.
The draft and check targets for quick builds and syntax verification are still
there.
Tom Lane [Tue, 14 Jul 2009 20:24:10 +0000 (20:24 +0000)]
Tweak the core scanner so that it can be used by plpgsql too.
Changes:
Pass in the keyword lookup array instead of having it be hardwired.
(This incidentally allows elimination of some duplicate coding in ecpg.)
Re-order the token declarations in gram.y so that non-keyword tokens have
numbers that won't change when keywords are added or removed.
Add ".." and ":=" to the set of tokens recognized by scan.l. (Since these
combinations are nowhere legal in core SQL, this does not change anything
except the precise wording of the error you get when you write this.)
Tom Lane [Tue, 14 Jul 2009 15:37:50 +0000 (15:37 +0000)]
Do a conditional SPI_push/SPI_pop when replanning a query in
RevalidateCachedPlan. This is to avoid a "SPI_ERROR_CONNECT" failure when
the planner calls a SPI-using function and we are already inside one.
The alternative fix is to expect callers of RevalidateCachedPlan to do this,
which seems likely to result in additional hard-to-detect bugs of omission.
Per reports from Frank van Vugt and Marek Lewczuk.
Back-patch to 8.3. It's much harder to trigger the bug in 8.3, due to a
smaller set of cases in which plans can be invalidated, but it could happen.
(I think perhaps only a SI reset event could make 8.3 fail here, but that's
certainly within the realm of possibility.)
Tom Lane [Mon, 13 Jul 2009 03:11:12 +0000 (03:11 +0000)]
Although the flex documentation avers that yyalloc and yyrealloc take
size_t arguments, the emitted scanner actually prototypes them with
type yy_size_t, which is sometimes not the same thing depending on
flex version and platform. Easiest fix seems to be to use yy_size_t.
Per buildfarm results.
Tom Lane [Mon, 13 Jul 2009 02:02:20 +0000 (02:02 +0000)]
Convert the core lexer and parser into fully reentrant code, by making use
of features added to flex and bison since this code was originally written.
This change doesn't in itself offer any new capability, but it's needed
infrastructure for planned improvements in plpgsql.
Another feature now available in flex is the ability to make it use palloc
instead of malloc, so do that to avoid possible memory leaks. (We should
at some point change the other lexers likewise, but this commit doesn't
touch them.)
Tom Lane [Mon, 13 Jul 2009 01:51:56 +0000 (01:51 +0000)]
Advance the minimum required version of "flex" from 2.5.4 to 2.5.31, and
update documentation accordingly. This is required in order to have support
for a reentrant scanner. I'm committing this bit separately in order to have
an easy reference if we later decide to make the minimum something different
(like 2.5.33).
Tom Lane [Mon, 13 Jul 2009 00:42:18 +0000 (00:42 +0000)]
Fix up PGDLLIMPORT marking for standard_conforming_strings. Moving it
into a header file that plpgsql's scan.l can see broke the previous
kluge. Per buildfarm results.
Tom Lane [Sun, 12 Jul 2009 17:12:34 +0000 (17:12 +0000)]
Move some declarations in the raw-parser header files to create a clearer
distinction between the external API (parser.h) and declarations that only
need to be visible within the raw parser code (gramparse.h, which now is only
included by parser.c, gram.y, scan.l, and keywords.c). This is in preparation
for the upcoming change to a reentrant lexer, which will require referencing
YYSTYPE in the declarations of base_yylex and filtered_base_yylex, hence
gram.h will have to be included by gramparse.h. We don't want any more files
than absolutely necessary to depend on gram.h, so some cleanup is called for.
Tom Lane [Sat, 11 Jul 2009 04:09:33 +0000 (04:09 +0000)]
Fix set_rel_width() to do something reasonable with non-Var items in a
RelOptInfo targetlist. It used to be that the only possibility other than
a Var was a RowExpr representing a whole-row child Var, but as of 8.4's
expanded ability to flatten appendrel members, we can get arbitrary expressions
in there. Use the expression's type info and get_typavgwidth() to produce
an at-least-marginally-sane result. Note that get_typavgwidth()'s fallback
estimate (32 bytes) is the same as what was here before, so there will be
no behavioral change for RowExprs. Noted while looking at recent gripe
about constant quals pushed down to FunctionScan appendrel members ...
not only were we failing to recognize the constant qual, we were getting
the width estimate wrong :-(
Tom Lane [Fri, 10 Jul 2009 00:32:00 +0000 (00:32 +0000)]
Fix xslt_process() to ensure that it inserts a NULL terminator after the
last pair of parameter name/value strings, even when there are MAXPARAMS
of them. Aboriginal bug in contrib/xml2, noted while studying bug #4912
(though I'm not sure whether there's something else involved in that
report).
This might be thought a security issue, since it's a potential backend
crash; but considering that untrustworthy users shouldn't be allowed
to get their hands on xslt_process() anyway, it's probably not worth
getting excited about.
Tom Lane [Wed, 8 Jul 2009 18:55:35 +0000 (18:55 +0000)]
Remove no-longer-necessary transmission of postmaster's LC_COLLATE and
LC_CTYPE settings to children via BackendParameters. Per discussion,
the postmaster is now just using system defaults anyway, so we might as
well save a few cycles during backend startup.
Need to use pg_perm_setlocale when setting LC_CTYPE and LC_COLLATE at startup.
Otherwise, the LC_CTYPE/COLLATE setting gets reverted when using plperl, which
leads to incorrect query results and index corruption.
This was accidentally broken in the per-database locale patch in 8.4. Pointed
out by Andrew Gierth.
Tom Lane [Wed, 8 Jul 2009 17:21:55 +0000 (17:21 +0000)]
Add missing HOUR TO SECOND option to list of possible INTERVAL field sets,
as noted by Sebastien Flaesch. Also update the claim that we simply throw
away fields outside this set --- that got changed later to only discard
less-significant fields.
For servers older than 8.3, sort display of child tables by relname instead
of oid::regclass::text, because the cast from regclass to text did not work
back then. The older display may be slightly worse when different schemas
are involved, but that should be rare enough.
For character types with typmod, character_octet_length columns in the
information schema now show the maximum character length times the
maximum length of a character in the server encoding, instead of some
huge value as before.
Tom Lane [Tue, 7 Jul 2009 16:28:38 +0000 (16:28 +0000)]
Code review for patch to show definition of index columns in \d on index.
Safely schema-qualify the pg_get_indexdef call, make the query a bit
prettier in -E mode, remove useless join to pg_index, make it more obvious
that the header[] array is not overrun.
Tom Lane [Mon, 6 Jul 2009 20:29:23 +0000 (20:29 +0000)]
Use floor() not rint() when reducing precision of fractional seconds in
timestamp_trunc, timestamptz_trunc, and interval_trunc(). This change
only affects the float-datetime case; the integer-datetime case already
behaved like truncation instead of rounding. Per gripe from Mario Splivalo.
This is a pre-existing issue but I'm choosing not to backpatch, because
it's such a corner case and there have not been prior complaints. The
issue is largely moot anyway given the trend towards integer datetimes.
Fix ancient bug in handling of to_char modifier 'TH', when used with HH.
In what seems like an oversight, we used to treat 'TH' the same as lowercase
'th', but only with HH/HH12.
Tom Lane [Mon, 6 Jul 2009 18:26:30 +0000 (18:26 +0000)]
Fix set_append_rel_pathlist() to deal intelligently with cases where
substituting a child rel's output expressions into the appendrel's restriction
clauses yields a pseudoconstant restriction. We might be able to skip scanning
that child rel entirely (if we get constant FALSE), or generate a one-time
filter. 8.3 more or less accidentally generated plans that weren't completely
stupid in these cases, but that was only because an extra recursive level of
subquery_planner() always occurred and allowed const-simplification to happen.
8.4's ability to pull up appendrel members with non-Var outputs exposes the
fact that we need to work harder here. Per gripe from Sergey Burladyan.
This adds a column called "Definition" to the output of psql \d on an
index, which shows the full expression behind the index column. For indexes
on plain columns, this is redundant, but for expression indexes, this
reveals the real expression.
Tom Lane [Mon, 6 Jul 2009 02:58:40 +0000 (02:58 +0000)]
Per SQL spec (in particular, the grammar in SQL:2008 7.13) we should allow
parentheses around the <query expression body> that follows a WITH clause, eg
with cte(foo) as ( values(0) ) ((select foo from cte));
This seems to be just an oversight/thinko in gram.y. Noted while
experimenting with bug #4902.
Tom Lane [Mon, 6 Jul 2009 02:16:03 +0000 (02:16 +0000)]
Fix handling of changed-Param signaling for CteScan plan nodes. We were using
the "cteParam" as a proxy for the possibility that the underlying CTE plan
depends on outer-level variables or Params, but that doesn't work very well
because it sometimes causes calling subqueries to be treated as SubPlans when
they could be InitPlans. This is inefficient and also causes the outright
failure exhibited in bug #4902. Instead, leave the cteParam out of it and
copy the underlying CTE plan's extParams directly. Per bug #4902 from
Marko Tiikkaja.
This upgrades the configure infrastructure to the latest Autoconf version.
Some notable news are:
- The workaround for the broken fseeko() test is gone.
- Checking for unknown options is now provided by Autoconf itself.
- Fixes for Mac OS X
I wrote this one while chasing down some bugs in the closing days of 8.4. It
could be useful in the long run. This area of the code had no test coverage
at all before.
Tom Lane [Sat, 27 Jun 2009 21:06:46 +0000 (21:06 +0000)]
Revert addition of "o" to tar options. This was intended to fix bug #4883,
but the cure appears to be worse than the disease. It turns out that GNU
tar versions 1.14.x misinterpret -o as --same-owner, not --no-same-owner,
leading to exactly the wrong behavior for both root and nonroot users.
While that bug has been fixed for nearly five years, these tar versions
are still found in the wild, notably in OS X 10.4. Given that #4883 was
the first complaint we'd heard, it's definitely not worth fixing at the
risk of breaking things for other users. Perhaps revisit at a later date
when we're not up against a release deadline.
Tom Lane [Fri, 26 Jun 2009 20:29:04 +0000 (20:29 +0000)]
Cleanup and code review for the patch that made bgwriter active during
archive recovery. Invent a separate state variable and inquiry function
for XLogInsertAllowed() to clarify some tests and make the management of
writing the end-of-recovery checkpoint less klugy. Fix several places
that were incorrectly testing InRecovery when they should be looking at
RecoveryInProgress or XLogInsertAllowed (because they will now be executed
in the bgwriter not startup process). Clarify handling of bad LSNs passed
to XLogFlush during recovery. Use a spinlock for setting/testing
SharedRecoveryInProgress. Improve quite a lot of comments.
Tom Lane [Thu, 25 Jun 2009 23:07:15 +0000 (23:07 +0000)]
Add __attribute__((format_arg(1))) to the declaration of err_gettext(),
to restore gcc's ability to crosscheck format arguments within elog.c.
Noted in a test compilation with -Wformat-nonliteral enabled.
Fix some serious bugs in archive recovery, now that bgwriter is active
during it:
When bgwriter is active, the startup process can't perform mdsync() correctly
because it won't see the fsync requests accumulated in bgwriter's private
pendingOpsTable. Therefore make bgwriter responsible for the end-of-recovery
checkpoint as well, when it's active.
When bgwriter is active (= archive recovery), the startup process must not
accumulate fsync requests to its own pendingOpsTable, since bgwriter won't
see them there when it performs restartpoints. Make startup process drop its
pendingOpsTable when bgwriter is launched to avoid that.
Update minimum recovery point one last time when leaving archive recovery.
It won't be updated by the end-of-recovery checkpoint because XLogFlush()
sees us as out of recovery already.
The code to unlink dropped relations in FinishPreparedTransaction() was
acting like runs inside WAL recovery, but it doesn't. I must've copy-pasted
this from a redo-function in the relation forks patch. Noticed by Tom Lane
while he was looking through callers of smgrdounlink().
Disable pg_standby -l option because the backend doesn't expect the recovered
file to be a symlink. We tried to fix this issue with an earlier server-side
patch, but it didn't fix the whole issue.
The same bug is present in older releases as well, but the 8.4 train is
about to leave the station, and I'm not sure if have consensus on whether
we can remove the -l option in back-branches or do we need to attempt a
server-side fix to make symlinking safe.
Patch by Simon Riggs, per discussion on bug identified by Fujii Masao.
Tom Lane [Tue, 23 Jun 2009 16:25:02 +0000 (16:25 +0000)]
Fix an ancient error in dist_ps (distance from point to line segment), which
a number of other geometric operators also depend on. It miscalculated the
slope of the perpendicular to the given line segment anytime that slope was
other than 0, infinite, or +/-1. In some cases the error would be masked
because the true closest point on the line segment was one of its endpoints
rather than the intersection point, but in other cases it could give an
arbitrarily bad answer. Per bug #4872 from Nick Roosevelt.
Bug goes clear back to Berkeley days, so patch all supported branches.
Make a couple of cosmetic adjustments while at it.