Tom Lane [Fri, 17 Mar 2006 19:38:21 +0000 (19:38 +0000)]
Fix bug introduced into mergejoin logic by performance improvement patch of
2005-05-13. When we find that a new inner tuple can't possibly match any
outer tuple (because it contains a NULL), we can't immediately skip the
tuple when we are in NEXTINNER state. Doing so can lead to emitting
multiple copies of the tuple in FillInner mode, because we may rescan the
tuple after returning to a previous marked tuple. Instead, proceed to
NEXTOUTER state the same as we used to do. After we've found that there's
no need to return to the marked position, we can go to SKIPINNER_ADVANCE
state instead of SKIP_TEST when the inner tuple is unmatchable; this
preserves the performance improvement. Per bug report from Bruce.
I also made a couple of cosmetic code rearrangements and added a regression
test for the problem.
Tom Lane [Fri, 10 Mar 2006 01:51:34 +0000 (01:51 +0000)]
Add a CHECK_FOR_INTERRUPTS() to the loop in ExecMakeTableFunctionResult.
Otherwise you can't cancel queries like select ... from generate_series(1,1000000).
Bruce Momjian [Mon, 6 Mar 2006 17:59:42 +0000 (17:59 +0000)]
* Stephen Frost (sfrost@snowman.net) wrote:
> I've now tested this patch at home w/ 8.2HEAD and it seems to fix the
> bug. I plan on testing it under 8.1.2 at work tommorow with
> mod_auth_krb5, etc, and expect it'll work there. Assuming all goes
> well and unless someone objects I'll forward the patch to -patches.
> It'd be great to have this fixed as it'll allow us to use Kerberos to
> authenticate to phppgadmin and other web-based tools which use
> Postgres.
While playing with this patch under 8.1.2 at home I discovered a
mistake in how I manually applied one of the hunks to fe-auth.c.
Basically, the base code had changed and so the patch needed to be
modified slightly. This is because the code no longer either has a
freeable pointer under 'name' or has 'name' as NULL.
The attached patch correctly frees the string from pg_krb5_authname
(where it had been strdup'd) if and only if pg_krb5_authname returned
a string (as opposed to falling through and having name be set using
name = pw->name;). Also added a comment to this effect.
Tom Lane [Thu, 2 Mar 2006 21:49:19 +0000 (21:49 +0000)]
Fix ancient error in large objects usage example: overwrite() subroutine
was opening with INV_READ flag and then writing. Prior to 8.1 the backend
did not reject this, but now it does.
> True, but they're not being used where you'd expect. This seems to be
> something to do with the fact that it's not pg_authid which is being
> accessed, but rather the view pg_roles.
I looked into this and it seems the problem is that the view doesn't
get flattened into the main query because of the has_nullable_targetlist
limitation in prepjointree.c. That's triggered because pg_roles has
'********'::text AS rolpassword
which isn't nullable, meaning it would produce wrong behavior if
referenced above the outer join.
Ultimately, the reason this is a problem is that the planner deals only
in simple Vars while processing joins; it doesn't want to think about
expressions. I'm starting to think that it may be time to fix this,
because I've run into several related restrictions lately, but it seems
like a nontrivial project.
In the meantime, reducing the LEFT JOIN to pg_roles to a JOIN as per
Peter's suggestion seems like the best short-term workaround.
Tom Lane [Thu, 2 Mar 2006 05:34:17 +0000 (05:34 +0000)]
Fix possible crash at transaction end when a plpgsql function is used and
then modified within the same transaction. The code was using a linked list
of active PLpgSQL_expr structs, which was OK when it was written because
plpgsql never released any parse data structures for the life of the backend.
But since Neil fixed plpgsql's memory management, elements of the linked list
could be freed, leading to crash when the list is chased. Per report and test
case from Kris Jurka.
Tom Lane [Tue, 21 Feb 2006 18:01:41 +0000 (18:01 +0000)]
Fix old pg_dump oversight: default values for domains really need to be dumped
by decompiling the typdefaultbin expression, not just printing the typdefault
text which may be out-of-date or assume the wrong schema search path. (It's
the same hazard as for adbin vs adsrc in column defaults.) The catalogs.sgml
spec for pg_type implies that the correct procedure is to look to
typdefaultbin first and consider typdefault only if typdefaultbin is NULL.
I made dumping of both domains and base types do that, even though in the
current backend code typdefaultbin is always correct for domains and
typdefault for base types --- might as well try to future-proof it a little.
Per bug report from Alexander Galler.
Neil Conway [Mon, 20 Feb 2006 20:10:41 +0000 (20:10 +0000)]
Fix three Python reference leaks in PLy_traceback(). This would result
in leaking memory when invoking a PL/Python procedure that raises an
exception. Unfortunately this still leaks memory, but at least the
largest leak has been plugged.
This patch also fixes a reference counting mistake in PLy_modify_tuple()
for 8.0, 8.1 and HEAD: we don't actually own a reference to `platt', so
we shouldn't Py_DECREF() it.
Neil Conway [Sat, 18 Feb 2006 20:48:53 +0000 (20:48 +0000)]
Patch from Marko Kreen:
pgcrypto crypt()/md5 and hmac() leak memory when compiled against
OpenSSL as openssl.c digest ->reset will do two DigestInit calls
against a context. This happened to work with OpenSSL 0.9.6
but not with 0.9.7+.
Reason for the messy code was that I tried to avoid creating
wrapper structure to transport algorithm info and tried to use
OpenSSL context for it. The fix is to create wrapper structure.
It also uses newer digest API to avoid memory allocations
on reset with newer OpenSSLs.
Tom Lane [Tue, 14 Feb 2006 17:20:10 +0000 (17:20 +0000)]
Move btbulkdelete's vacuum_delay_point() call to a place in the loop where
we are not holding a buffer content lock; where it was, InterruptHoldoffCount
is positive and so we'd not respond to cancel signals as intended. Also
add missing vacuum_delay_point() call in btvacuumcleanup. This should fix
complaint from Evgeny Gridasov about failure to respond to SIGINT/SIGTERM
in a timely fashion (bug #2257).
Tom Lane [Mon, 13 Feb 2006 16:22:29 +0000 (16:22 +0000)]
Fix qual_is_pushdown_safe to not try to push down quals involving a whole-row
Var referencing the subselect output. While this case could possibly be made
to work, it seems not worth expending effort on. Per report from Magnus
Naeslund(f).
Tom Lane [Sun, 12 Feb 2006 22:32:57 +0000 (22:32 +0000)]
Fix bug that allowed any logged-in user to SET ROLE to any other database user
id (CVE-2006-0553). Also fix related bug in SET SESSION AUTHORIZATION that
allows unprivileged users to crash the server, if it has been compiled with
Asserts enabled. The escalation-of-privilege risk exists only in 8.1.0-8.1.2.
However, the Assert-crash risk exists in all releases back to 7.3.
Thanks to Akio Ishida for reporting this problem.
Bruce Momjian [Sun, 12 Feb 2006 19:02:28 +0000 (19:02 +0000)]
> Actually, if you submit a patch that says either "SCROLL is the
default"
> or "NO SCROLL is the default", it will be rejected as incorrect. The
> reason is that the default behavior is different from either of these,
> as is explained in the NOTES section.
Ok, so *that's* where the bit about the query plan being simple enough.
Based on that, ISTM that it should be premissable for us to decide that
a cursor requiring a sort isn't "simple enough" to support SCROLL.
In any case, here's a patch that makes the non-standard behavior easier
for people to find.
Tom Lane [Fri, 10 Feb 2006 19:01:22 +0000 (19:01 +0000)]
Change search for default operator classes so that it examines all opclasses
regardless of the current schema search path. Since CREATE OPERATOR CLASS
only allows one default opclass per datatype regardless of schemas, this
should have minimal impact, and it fixes problems with failure to find a
desired opclass while restoring dump files. Per discussion at
http://archives.postgresql.org/pgsql-hackers/2006-02/msg00284.php.
Remove now-redundant-or-unused code in typcache.c and namespace.c,
and backpatch as far as 8.0.
Tom Lane [Sun, 5 Feb 2006 20:58:57 +0000 (20:58 +0000)]
Fix pg_restore to properly discard COPY data when trying to continue
after an error in a COPY statement. Formerly it thought the COPY data
was SQL commands, and got quite confused.
Bruce Momjian [Wed, 1 Feb 2006 00:32:06 +0000 (00:32 +0000)]
Set progname early in the postmaster/postgres binary, rather than doing
it later. This fixes a problem where EXEC_BACKEND didn't have progname
set, causing a segfault if log_min_messages was set below debug2 and our
own snprintf.c was being used.
Tom Lane [Mon, 30 Jan 2006 16:19:04 +0000 (16:19 +0000)]
Fix ALTER COLUMN TYPE bug: it sometimes tried to drop UNIQUE or PRIMARY KEY
constraints before FOREIGN KEY constraints that depended on them. Originally
reported by Neil Conway on 29-Jun-2005. Patch by Nakano Yoshihisa.
Tom Lane [Sun, 29 Jan 2006 18:55:55 +0000 (18:55 +0000)]
When building a bitmap scan, must copy the bitmapqualorig expression tree
to avoid sharing substructure with the lower-level indexquals. This is
currently only an issue if there are SubPlans in the indexquals, which is
uncommon but not impossible --- see bug #2218 reported by Nicholas Vinen.
We use the same kluge for indexqual vs indexqualorig in the index scans
themselves ... would be nice to clean this up someday.
Tom Lane [Sun, 29 Jan 2006 17:27:50 +0000 (17:27 +0000)]
Fix code that checks to see if an index can be considered to match the query's
requested sort order. It was assuming that build_index_pathkeys always
generates a pathkey per index column, which was not true if implied equality
deduction had determined that two index columns were effectively equated to
each other. Simplest fix seems to be to install an option that causes
build_index_pathkeys to support this behavior as well as the original one.
Per report from Brian Hirt.
Andrew Dunstan [Sat, 28 Jan 2006 16:21:33 +0000 (16:21 +0000)]
Undo perl's nasty locale setting on Windows. Since we can't do that as
elsewhere by setting the environment appropriately, we make perl do it
right after interpreter startup by calling its POSIX::setlocale().
Neil Conway [Sat, 28 Jan 2006 03:28:19 +0000 (03:28 +0000)]
Per a bug report from Theo Schlossnagle, plperl_return_next() leaks
memory in the executor's per-query memory context. It also inefficient:
it invokes get_call_result_type() and TupleDescGetAttInMetadata() for
every call to return_next, rather than invoking them once (per PL/Perl
function call) and memoizing the result.
This patch makes the following changes:
- refactor the code to include all the "per PL/Perl function call" data
inside a single struct, "current_call_data". This means we don't need to
save and restore N pointers for every recursive call into PL/Perl, we
can just save and restore one.
- lookup the return type metadata needed by plperl_return_next() once,
and then stash it in "current_call_data", so as to avoid doing the
lookup for every call to return_next.
- create a temporary memory context in which to evaluate the return
type's input functions. This memory context is reset for each call to
return_next.
The patch appears to fix the memory leak, and substantially reduces
the overhead imposed by return_next.
Tom Lane [Thu, 26 Jan 2006 17:08:26 +0000 (17:08 +0000)]
Fix display of whole-row Var appearing at the top level of a SELECT list.
While we normally prefer the notation "foo.*" for a whole-row Var, that does
not work at SELECT top level, because in that context the parser will assume
that what is wanted is to expand the "*" into a list of separate target
columns, yielding behavior different from a whole-row Var. We have to emit
just "foo" instead in that context. Per report from Sokolov Yura.
Tom Lane [Wed, 25 Jan 2006 20:44:49 +0000 (20:44 +0000)]
Remove unnecessary PQconsumeInput call from PQputCopyData; it's redundant
because pqSendSome will absorb input data anytime it'd be forced to block.
Avoiding a kernel call per PQputCopyData call helps COPY speed materially.
Tom Lane [Sat, 21 Jan 2006 04:38:27 +0000 (04:38 +0000)]
Repair longstanding bug in slru/clog logic: it is possible for two backends
to try to create a log segment file concurrently, but the code erroneously
specified O_EXCL to open(), resulting in a needless failure. Before 7.4,
it was even a PANIC condition :-(. Correct code is actually simpler than
what we had, because we can just say O_CREAT to start with and not need a
second open() call. I believe this accounts for several recent reports of
hard-to-reproduce "could not create file ...: File exists" errors in both
pg_clog and pg_subtrans.
Tom Lane [Fri, 20 Jan 2006 22:46:40 +0000 (22:46 +0000)]
Replace bitwise looping with bytewise looping in hemdistsign and
sizebitvec of tsearch2, as well as identical code in several other
contrib modules. This provided about a 20X speedup in building a
large tsearch2 index ... didn't try to measure its effects for other
operations. Thanks to Stephan Vollmer for providing a test case.
Tom Lane [Fri, 20 Jan 2006 15:17:13 +0000 (15:17 +0000)]
Fix thinko in autovacuum's test to skip temp tables: want to skip any
temp table not only our own process' tables. It's not real important
since vacuum.c will skip temp tables anyway, but might as well make the
code do what it claims to do.
Tom Lane [Thu, 19 Jan 2006 20:28:48 +0000 (20:28 +0000)]
Avoid crashing if relcache flush occurs while trying to load data into an
index's support-function cache (in index_getprocinfo). Since none of that
data can change for an index that's in active use, it seems sufficient to
treat all open indexes the same way we were treating "nailed" system indexes
--- that is, just re-read the pg_class row and leave the rest of the relcache
entry strictly alone. The pg_class re-read might not be strictly necessary
either, but since the reltablespace and relfilenode can change in normal
operation it seems safest to do it. (We don't support changing any of the
other info about an index at all, at the moment.)
Back-patch as far as 8.0. It might be possible to adapt the patch to 7.4,
but it would take more work than I care to expend for such a low-probability
problem. 7.3 is out of luck for sure.
Tom Lane [Thu, 19 Jan 2006 04:45:47 +0000 (04:45 +0000)]
It turns out that TablespaceCreateDbspace fails badly if a relcache flush
occurs when it tries to heap_open pg_tablespace. When control returns to
smgrcreate, that routine will be holding a dangling pointer to a closed
SMgrRelation, resulting in mayhem. This is of course a consequence of
the violation of proper module layering inherent in having smgr.c call
a tablespace command routine, but the simplest fix seems to be to change
the locking mechanism. There's no real need for TablespaceCreateDbspace
to touch pg_tablespace at all --- it's only opening it as a way of locking
against a parallel DROP TABLESPACE command. A much better answer is to
create a special-purpose LWLock to interlock these two operations.
This drops TablespaceCreateDbspace quite a few layers down the food chain
and makes it something reasonably safe for smgr to call.
Tom Lane [Thu, 19 Jan 2006 00:27:27 +0000 (00:27 +0000)]
Fix a tiny memory leak (one List header) in RelationCacheInvalidate().
This is utterly insignificant in normal operation, but it becomes a
problem during cache inval stress testing. The original coding in fact
had no leak --- the 8.0 List rewrite created the issue. I wonder whether
list_concat should pfree the discarded header?
Tom Lane [Wed, 18 Jan 2006 20:35:16 +0000 (20:35 +0000)]
Modify pgstats code to reduce performance penalties from oversized stats data
files: avoid creating stats hashtable entries for tables that aren't being
touched except by vacuum/analyze, ensure that entries for dropped tables are
removed promptly, and tweak the data layout to avoid storing useless struct
padding. Also improve the performance of pgstat_vacuum_tabstat(), and make
sure that autovacuum invokes it exactly once per autovac cycle rather than
multiple times or not at all. This should cure recent complaints about 8.1
showing much higher stats I/O volume than was seen in 8.0. It'd still be a
good idea to revisit the design with an eye to not re-writing the entire
stats dataset every half second ... but that would be too much to backpatch,
I fear.
Tom Lane [Tue, 17 Jan 2006 17:33:23 +0000 (17:33 +0000)]
Repair problems with the result of lookup_rowtype_tupdesc() possibly being
discarded by cache flush while still in use. This is a minimal patch that
just copies the tupdesc anywhere it could be needed across a flush. Applied
to back branches only; Neil Conway is working on a better long-term solution
for HEAD.
Neil Conway [Sun, 15 Jan 2006 22:47:10 +0000 (22:47 +0000)]
When using GCC on AMD64 and PPC, ECPGget_variable() takes a va_list *, not
a va_list. Christof Petig's previous patch made this change, but neglected
to update ecpglib/descriptor.c, resulting in a compiler warning (and a
likely runtime crash) on AMD64 and PPC.
Tom Lane [Thu, 12 Jan 2006 21:49:07 +0000 (21:49 +0000)]
Repair "Halloween problem" in EvalPlanQual: a tuple that's been inserted by
our own command (or more generally, xmin = our xact and cmin >= current
command ID) should not be seen as good. Else we may try to update rows
we already updated. This error was inserted last August while fixing the
even bigger problem that the old coding wouldn't see *any* tuples inserted
by our own transaction as good. Per report from Euler Taveira de Oliveira.
Tom Lane [Thu, 12 Jan 2006 19:23:41 +0000 (19:23 +0000)]
Use a more bulletproof test for whether finite() and isinf() are present.
It seems that recent gcc versions can optimize away calls to these functions
even when the functions do not exist on the platform, resulting in a bogus
positive result. Avoid this by using a non-constant argument and ensuring
that the function result is not simply discarded. Per report from
François Laupretre.
Neil Conway [Tue, 10 Jan 2006 00:33:30 +0000 (00:33 +0000)]
In PLy_function_build_args(), the code loops repeatedly, constructing
one argument at a time and then inserting the argument into a Python
list via PyList_SetItem(). This "steals" the reference to the argument:
that is, the reference to the new list member is now held by the Python
list itself. This works fine, except if an elog occurs. This causes the
function's PG_CATCH() block to be invoked, which decrements the
reference counts on both the current argument and the list of arguments.
If the elog happens to occur during the second or subsequent iteration
of the loop, the reference count on the current argument will be
decremented twice.
The fix is simple: set the local pointer to the current argument to NULL
immediately after adding it to the argument list. This ensures that the
Py_XDECREF() in the PG_CATCH() block doesn't double-decrement.
Tom Lane [Mon, 9 Jan 2006 21:16:25 +0000 (21:16 +0000)]
Fix pg_dump to add the required OPERATOR() decoration to schema-qualified
operator names. This is needed when dumping operator definitions that have
COMMUTATOR (or similar) links to operators in other schemas.
Apparently Daniel Whitter is the first person ever to try this :-(
Tom Lane [Sat, 7 Jan 2006 22:45:53 +0000 (22:45 +0000)]
Add RelationOpenSmgr() calls to ensure rd_smgr is valid when we try to
use it. While it normally has been opened earlier during btree index
build, testing shows that it's possible for the link to be closed again
if an sinval reset occurs while the index is being built.
Tom Lane [Sat, 7 Jan 2006 21:16:44 +0000 (21:16 +0000)]
During CatCacheRemoveCList, we must now remove any members that are
dead and have become unreferenced. Before 8.1, such members were left
for AtEOXact_CatCache() to clean up, but now AtEOXact_CatCache isn't
supposed to have anything to do. In an assert-enabled build this bug
leads to an assertion failure at transaction end, but in a non-assert
build the dead member is effectively just a small memory leak.
Per report from Jeremy Drake.
projects / postgresql / log