Skip to main content

Browse the archive

https://github.com/postgres/postgres
07 April 2024, 13:56:23 UTC
sort by:
Revision Author Date Message Commit Date
e1878cf Peter Eisentraut 12 August 2022, 06:17:30 UTC Fix _outConstraint() for "identity" constraints The set of fields printed by _outConstraint() in the CONSTR_IDENTITY case didn't match the set of fields actually used in that case. (The code was probably uncarefully copied from the CONSTR_DEFAULT case.) Fix that by using the right set of fields. Since there is no read support for this node type, this is really just for debugging output right now, so it doesn't affect anything important. 12 August 2022, 06:52:45 UTC
15014b8 Amit Kapila 12 August 2022, 05:58:54 UTC Back-Patch "Add wait_for_subscription_sync for TAP tests." This was originally done in commit 0c20dd33db for 16 only, to eliminate duplicate code and as an infrastructure that makes it easier to write future tests. However, it has been suggested that it would be good to back-patch this testing infrastructure to aid future tests in back-branches. Backpatch to all supported versions. Author: Masahiko Sawada Reviewed by: Amit Kapila, Shi yu Discussion: https://postgr.es/m/CAD21AoC-fvAkaKHa4t1urupwL8xbAcWRePeETvshvy80f6WV1A@mail.gmail.com Discussion: https://postgr.es/m/E1oJBIf-0006sw-SA@gemulon.postgresql.org 12 August 2022, 05:58:54 UTC
eeb1671 Peter Eisentraut 11 August 2022, 08:35:39 UTC Add missing space in _outA_Const() output Mistake introduced by 639a86e36aaecb84faaf941dcd0b183ba0aba9e9. 11 August 2022, 08:35:39 UTC
272248a Amit Kapila 11 August 2022, 04:26:49 UTC Fix catalog lookup with the wrong snapshot during logical decoding. Previously, we relied on HEAP2_NEW_CID records and XACT_INVALIDATION records to know if the transaction has modified the catalog, and that information is not serialized to snapshot. Therefore, after the restart, if the logical decoding decodes only the commit record of the transaction that has actually modified a catalog, we will miss adding its XID to the snapshot. Thus, we will end up looking at catalogs with the wrong snapshot. To fix this problem, this changes the snapshot builder so that it remembers the last-running-xacts list of the decoded RUNNING_XACTS record after restoring the previously serialized snapshot. Then, we mark the transaction as containing catalog changes if it's in the list of initial running transactions and its commit record has XACT_XINFO_HAS_INVALS. To avoid ABI breakage, we store the array of the initial running transactions in the static variables InitialRunningXacts and NInitialRunningXacts, instead of storing those in SnapBuild or ReorderBuffer. This approach has a false positive; we could end up adding the transaction that didn't change catalog to the snapshot since we cannot distinguish whether the transaction has catalog changes only by checking the COMMIT record. It doesn't have the information on which (sub) transaction has catalog changes, and XACT_XINFO_HAS_INVALS doesn't necessarily indicate that the transaction has catalog change. But that won't be a problem since we use snapshot built during decoding only to read system catalogs. On the master branch, we took a more future-proof approach by writing catalog modifying transactions to the serialized snapshot which avoids the above false positive. But we cannot backpatch it because of a change in the SnapBuild. Reported-by: Mike Oh Author: Masahiko Sawada Reviewed-by: Amit Kapila, Shi yu, Takamichi Osumi, Kyotaro Horiguchi, Bertrand Drouvot, Ahsan Hadi Backpatch-through: 10 Discussion: https://postgr.es/m/81D0D8B0-E7C4-4999-B616-1E5004DBDCD2%40amazon.com 11 August 2022, 04:26:49 UTC
f88798c Robert Haas 10 August 2022, 18:03:09 UTC Move basebackup code to new directory src/backend/backup Reviewed by David Steele and Justin Pryzby Discussion: http://postgr.es/m/CA+TgmoafqboATDSoXHz8VLrSwK_MDhjthK4hEpYjqf9_1Fmczw%40mail.gmail.com 10 August 2022, 18:03:09 UTC
ad3e07c Tom Lane 10 August 2022, 17:37:25 UTC Fix handling of R/W expanded datums that are passed to SQL functions. fmgr_sql must make expanded-datum arguments read-only, because it's possible that the function body will pass the argument to more than one callee function. If one of those functions takes the datum's R/W property as license to scribble on it, then later callees will see an unexpected value, leading to wrong answers. From a performance standpoint, it'd be nice to skip this in the common case that the argument value is passed to only one callee. However, detecting that seems fairly hard, and certainly not something that I care to attempt in a back-patched bug fix. Per report from Adam Mackler. This has been broken since we invented expanded datums, so back-patch to all supported branches. Discussion: https://postgr.es/m/WScDU5qfoZ7PB2gXwNqwGGgDPmWzz08VdydcPFLhOwUKZcdWbblbo-0Lku-qhuEiZoXJ82jpiQU4hOjOcrevYEDeoAvz6nR0IU4IHhXnaCA=@mackler.email Discussion: https://postgr.es/m/187436.1660143060@sss.pgh.pa.us 10 August 2022, 17:37:25 UTC
df64c24 Daniel Gustafsson 10 August 2022, 12:16:31 UTC Fix typo in test_oat_hooks README Discussion: https://postgr.es/m/3F066AFE-19F9-4DF5-A498-B09643857A39@yesql.se 10 August 2022, 12:16:31 UTC
c5d6788 Amit Kapila 10 August 2022, 11:00:59 UTC Improve the protocol message descriptions for 2PC logical replication. The messages were using 'two-phase transaction' at some places and 'prepared transaction' at other places. Make them consistently use 'prepared transaction'. Reported-by: Ekaterina Kiryanova Author: Peter Smith Reviewed by: Amit Kapila Backpatch-through: 15 Discussion: https://postgr.es/m/745414e7-efb2-a6ae-5b83-fcbdf35aabc8@postgrespro.ru 10 August 2022, 11:00:59 UTC
b876b7e Bruce Momjian 10 August 2022, 00:37:53 UTC doc: mention that COPY MATCH requires columns _in_ _order_ Question asked at SCaLE conference. Reported-by: doc suggestion by Stephen Frost Backpatch-through: 15 10 August 2022, 00:37:53 UTC
6778361 Tom Lane 08 August 2022, 20:42:02 UTC Stamp 15beta3. 08 August 2022, 20:42:02 UTC
2a4d82a Tom Lane 08 August 2022, 16:16:01 UTC Stabilize output of new regression test. Per buildfarm, the output order of \dx+ isn't consistent across locales. Apply NO_LOCALE to force C locale. There might be a more localized way, but I'm not seeing it offhand, and anyway there is nothing in this test module that particularly cares about locales. Security: CVE-2022-2625 08 August 2022, 16:16:01 UTC
cc7e0fe Tom Lane 08 August 2022, 15:12:31 UTC In extensions, don't replace objects not belonging to the extension. Previously, if an extension script did CREATE OR REPLACE and there was an existing object not belonging to the extension, it would overwrite the object and adopt it into the extension. This is problematic, first because the overwrite is probably unintentional, and second because we didn't change the object's ownership. Thus a hostile user could create an object in advance of an expected CREATE EXTENSION command, and would then have ownership rights on an extension object, which could be modified for trojan-horse-type attacks. Hence, forbid CREATE OR REPLACE of an existing object unless it already belongs to the extension. (Note that we've always forbidden replacing an object that belongs to some other extension; only the behavior for previously-free-standing objects changes here.) For the same reason, also fail CREATE IF NOT EXISTS when there is an existing object that doesn't belong to the extension. Our thanks to Sven Klemm for reporting this problem. Security: CVE-2022-2625 08 August 2022, 15:12:31 UTC
7fb8288 Alvaro Herrera 08 August 2022, 10:39:52 UTC Translation updates Source-Git-URL: ssh://git@git.postgresql.org/pgtranslation/messages.git Source-Git-Hash: 32d3177724e332eac673a46449d46a4ee8670147 08 August 2022, 10:39:52 UTC
501851d Tom Lane 07 August 2022, 19:53:34 UTC Doc: remove in-place tablespaces from v15 release notes. Now that these have been back-patched, they're no longer a new feature for v15. 07 August 2022, 19:53:34 UTC
9c30060 Alvaro Herrera 07 August 2022, 08:19:40 UTC Remove unportable use of timezone in recent test Per buildfarm member snapper Discussion: https://postgr.es/m/129951.1659812518@sss.pgh.pa.us 07 August 2022, 08:19:40 UTC
811203d Tom Lane 06 August 2022, 15:50:23 UTC Fix data-corruption hazard in WAL-logged CREATE DATABASE. RelationCopyStorageUsingBuffer thought it could skip copying empty pages, but of course that does not work at all, because subsequent blocks will be out of place. Also fix it to acquire share lock on the source buffer. It *might* be safe to not do that, but it's not very certain, and I don't think this code deserves any benefit of the doubt. Dilip Kumar, per complaint from me Discussion: https://postgr.es/m/3679800.1659654066@sss.pgh.pa.us 06 August 2022, 15:50:23 UTC
6390bc7 Alvaro Herrera 06 August 2022, 13:52:10 UTC Improve recently-added test reliability Commit 59be1c942a47 already tried to make src/test/recovery/t/033_replay_tsp_drops more reliable, but it wasn't enough. Try to improve on that by making this use of a replication slot to be more like others. Also, don't drop the slot. Make a few other stylistic changes while at it. It's still quite slow, which is another thing that we need to fix in this script. Backpatch to all supported branches. Discussion: https://postgr.es/m/349302.1659191875@sss.pgh.pa.us 06 August 2022, 13:52:10 UTC
6303df0 Tom Lane 05 August 2022, 19:57:46 UTC Partially undo commit 94da73281. On closer inspection, mcv.c isn't as broken for ScalarArrayOpExpr as I thought. The Var-on-right issue is real enough, but actually it does cope fine with a NULL array constant --- I was misled by an XXX comment suggesting it didn't. Undo that part of the code change, and replace the XXX comment with something less misleading. 05 August 2022, 19:57:46 UTC
43f76fb Tom Lane 05 August 2022, 19:00:03 UTC Fix handling of bare boolean expressions in mcv_get_match_bitmap. Since v14, the extended stats machinery will try to estimate for otherwise-unsupported boolean expressions if they match an expression available from an extended stats object. mcv.c did not get the memo about this, and would spit up with "unknown clause type". Fortunately the case is easy to handle, since we can expect the expression yields boolean. While here, replace some not-terribly-on-point assertions with simpler runtime tests for lookup failure. That seems appropriate so that we get an elog not a crash if we somehow get to the new it-should-be-a-bool-expression code with a subexpression that doesn't match any stats column. Per report from Danny Shemesh. Thanks to Justin Pryzby for preliminary investigation. Discussion: https://postgr.es/m/CAFZC=QqD6=27wQPOW1pbRa98KPyuyn+7cL_Ay_Ck-roZV84vHg@mail.gmail.com 05 August 2022, 19:00:03 UTC
b6d147b Tom Lane 05 August 2022, 17:58:37 UTC Fix non-bulletproof ScalarArrayOpExpr code for extended statistics. statext_is_compatible_clause_internal() checked that the arguments of a ScalarArrayOpExpr are one Var and one Const, but it would allow cases where the Const was on the left. Subsequent uses of the clause are not expecting that and would suffer assertion failures or core dumps. mcv.c also had not bothered to cope with the case of a NULL array constant, which seems really unacceptably sloppy of somebody. (Although our tools failed us there too, since AFAIK neither Coverity nor any compiler warned of the obvious use-of-uninitialized-variable condition.) It seems best to handle that by having statext_is_compatible_clause_internal() reject it. Noted while fixing bug #17570. Back-patch to v13 where the extended stats code grew some awareness of ScalarArrayOpExpr. 05 August 2022, 17:58:48 UTC
261f1a4 Alvaro Herrera 05 August 2022, 17:36:24 UTC Backpatch addition of .git-blame-ignore-revs This makes it more convenient for git config to contain the blame.ignoreRevsFile setting; otherwise current git versions complain if the file is not present. I constructed the file for each branch by scraping the file in branch master for commits that appear in that branch. Because a few additional pgindent commits have been added to the list in master since the list was first created, this also propagates those to branches 14 and 15 where the file already existed. Also, some entries appear to have been made using author-date rather than committer-date in the format string, so some timestamps are changed. Also remove bogus whitespace in the suggested `git log` format string. Backpatch to all supported branches. Discussion: https://postgr.es/m/20220711163138.o72evdeus5f5yy5z@alvherre.pgsql 05 August 2022, 17:36:24 UTC
7394028 Tom Lane 05 August 2022, 16:46:34 UTC Fix incorrect permissions-checking code for extended statistics. Commit a4d75c86b improved the extended-stats logic to allow extended stats to be collected on expressions not just bare Vars. To apply such stats, we first verify that the user has permissions to read all columns used in the stats. (If not, the query will likely fail at runtime, but the planner ought not do so.) That had to get extended to check permissions of columns appearing within such expressions, but the code for that was completely wrong: it applied pull_varattnos to the wrong pointer, leading to "unrecognized node type" failures. Furthermore, although you couldn't get to this because of that bug, it failed to account for the attnum offset applied by pull_varattnos. This escaped recognition so far because the code in question is not reached when the user has whole-table SELECT privilege (which is the common case), and because only subexpressions not specially handled by statext_is_compatible_clause_internal() are at risk. I think a large part of the reason for this bug is under-documentation of what statext_is_compatible_clause() is doing and what its arguments are, so do some work on the comments to try to improve that. Per bug #17570 from Alexander Kozhemyakin. Patch by Richard Guo; comments and other cosmetic improvements by me. (Thanks also to Japin Li for diagnosis.) Back-patch to v14 where the bug came in. Discussion: https://postgr.es/m/17570-f2f2e0f4bccf0965@postgresql.org 05 August 2022, 16:46:44 UTC
2cff302 Alvaro Herrera 05 August 2022, 16:00:17 UTC BRIN: mask BRIN_EVACUATE_PAGE for WAL consistency checking That bit is unlogged and therefore it's wrong to consider it in WAL page comparison. Add a test that tickles the case, as branch testing technology allows. This has been a problem ever since wal consistency checking was introduced (commit a507b86900f6 for pg10), so backpatch to all supported branches. Author: 王海洋 (Haiyang Wang) <wanghaiyang.001@bytedance.com> Reviewed-by: Kyotaro Horiguchi <horikyota.ntt@gmail.com> Discussion: https://postgr.es/m/CACciXAD2UvLMOhc4jX9VvOKt7DtYLr3OYRBhvOZ-jRxtzc_7Jg@mail.gmail.com Discussion: https://postgr.es/m/CACciXADOfErX9Bx0nzE_SkdfXr6Bbpo5R=v_B6MUTEYW4ya+cg@mail.gmail.com 05 August 2022, 16:00:17 UTC
aa24250 Alvaro Herrera 05 August 2022, 09:55:52 UTC regress: fix test instability Having additional triggers in a test table made the ORDER BY clauses in old queries underspecified. Add another column there for stability. Per sporadic buildfarm pink. 05 August 2022, 09:55:52 UTC
1d49db2 Etsuro Fujita 05 August 2022, 08:15:01 UTC postgres_fdw: Disable batch insertion when there are WCO constraints. When inserting a view referencing a foreign table that has WITH CHECK OPTION constraints, in single-insert mode postgres_fdw retrieves the data that was actually inserted on the remote side so that the WITH CHECK OPTION constraints are enforced with the data locally, but in batch-insert mode it cannot currently retrieve the data (except for the row first inserted through the view), resulting in enforcing the WITH CHECK OPTION constraints with the data passed from the core (except for the first-inserted row), which led to incorrect results when inserting into a view referencing a foreign table in which a remote BEFORE ROW INSERT trigger changes the rows inserted through the view so that they violate the view's WITH CHECK OPTION constraint. Also, the query inserting into the view caused an assertion failure in assert-enabled builds. Fix these by disabling batch insertion when inserting into such a view. Back-patch to v14 where batch insertion was added. Discussion: https://postgr.es/m/CAPmGK17LpbTZs4m4a_6THP54UBeK9fHvX8aVVA%2BC6yEZDZwQcg%40mail.gmail.com 05 August 2022, 08:15:01 UTC
e78fd90 Alvaro Herrera 04 August 2022, 18:02:02 UTC Fix ENABLE/DISABLE TRIGGER to handle recursion correctly Using ATSimpleRecursion() in ATPrepCmd() to do so as bbb927b4db9b did is not correct, because ATPrepCmd() can't distinguish between triggers that may be cloned and those that may not, so would wrongly try to recurse for the latter category of triggers. So this commit restores the code in EnableDisableTrigger() that 86f575948c77 had added to do the recursion, which would do it only for triggers that may be cloned, that is, row-level triggers. This also changes tablecmds.c such that ATExecCmd() is able to pass the value of ONLY flag down to EnableDisableTrigger() using its new 'recurse' parameter. This also fixes what seems like an oversight of 86f575948c77 that the recursion to partition triggers would only occur if EnableDisableTrigger() had actually changed the trigger. It is more apt to recurse to inspect partition triggers even if the parent's trigger didn't need to be changed: only then can we be certain that all descendants share the same state afterwards. Backpatch all the way back to 11, like bbb927b4db9b. Care is taken not to break ABI compatibility (and that no catversion bump is needed.) Co-authored-by: Amit Langote <amitlangote09@gmail.com> Reviewed-by: Dmitry Koval <d.koval@postgrespro.ru> Discussion: https://postgr.es/m/CA+HiwqG-cZT3XzGAnEgZQLoQbyfJApVwOTQaCaas1mhpf+4V5A@mail.gmail.com 05 August 2022, 07:47:15 UTC
270eb4b David Rowley 04 August 2022, 22:14:40 UTC Fix failure to set correct operator in window run condition This was a simple omission in 9d9c02ccd where the code didn't correctly set the operator to use in the run condition OpExpr when the window function was both monotonically increasing and decreasing. Bug discovered by Julien Roze, although he did not report it. Reported-by: Phil Florent Discussion: https://postgr.es/m/PA4P191MB160009A09B9D0624359278CFBA9F9@PA4P191MB1600.EURP191.PROD.OUTLOOK.COM Backpatch-through: 15, where 9d9c02ccd was added 04 August 2022, 22:14:40 UTC
6f7e7d0 Robert Haas 04 August 2022, 19:17:14 UTC Revert recent changes to 002_pg_upgrade.pl. The test is proving to be unreliable in the buildfarm, and we neither agree on how best to fix it nor have time to do so before the upcoming release. So for now, put things back to the way they were before commit d498e052b4b84ae21b3b68d5b3fda6ead65d1d4d. Discussion: http://postgr.es/m/3628089.1659640252@sss.pgh.pa.us 04 August 2022, 19:26:24 UTC
3419d51 Tom Lane 04 August 2022, 18:16:26 UTC Fix check_exclusion_or_unique_constraint for UNIQUE NULLS NOT DISTINCT. Adjusting this function was overlooked in commit 94aa7cc5f. The only visible symptom (so far) is that INSERT ... ON CONFLICT could go into an endless loop when inserting a null that has a conflict. Richard Guo and Tom Lane, per bug #17558 from Andrew Kesper Discussion: https://postgr.es/m/17558-3f6599ffcf52fd4a@postgresql.org 04 August 2022, 18:16:26 UTC
4c7b163 Tom Lane 04 August 2022, 18:10:06 UTC Add CHECK_FOR_INTERRUPTS in ExecInsert's speculative insertion loop. Ordinarily the functions called in this loop ought to have plenty of CFIs themselves; but we've now seen a case where no such CFI is reached, making the loop uninterruptible. Even though that's from a recently-introduced bug, it seems prudent to install a CFI at the loop level in all branches. Per discussion of bug #17558 from Andrew Kesper (an actual fix for that bug will follow). Discussion: https://postgr.es/m/17558-3f6599ffcf52fd4a@postgresql.org 04 August 2022, 18:10:06 UTC
11e7d62 Tom Lane 04 August 2022, 15:11:22 UTC Add proper regression test for the recent SRFs-in-pathkeys problem. Remove the test case added by commit fac1b470a, which never actually worked to expose the problem it claimed to test. Replace it with a case that does expose the problem, and also covers the SRF-not- at-the-top deficiency repaired in 1aa8dad41. Richard Guo, with some editorialization by me Discussion: https://postgr.es/m/17564-c7472c2f90ef2da3@postgresql.org 04 August 2022, 15:11:22 UTC
b25566a John Naylor 04 August 2022, 08:59:32 UTC Fix assorted doc typos Erik Rijkers and Justin Pryzby Backpatch to v14 Discussion: https://www.postgresql.org/message-id/b79bfeff-d0e3-29a3-2576-0e325848dede%40xs4all.nl 04 August 2022, 09:09:51 UTC
0436f34 John Naylor 04 August 2022, 08:29:25 UTC Clarify DROP EXTENSION docs regarding explicitly dependent routines Per suggestion from Robert Haas Backpatch to v14 Discussion: https://www.postgresql.org/message-id/CA%2BTgmoZ1QvHquYHLkMy1oHKqz4-E7QQctj6e0ocq_GP1B5%2B9bA%40mail.gmail.com 04 August 2022, 08:49:25 UTC
14168d5 Tom Lane 03 August 2022, 21:33:42 UTC Fix incorrect tests for SRFs in relation_can_be_sorted_early(). Commit fac1b470a thought we could check for set-returning functions by testing only the top-level node in an expression tree. This is wrong in itself, and to make matters worse it encouraged others to make the same mistake, by exporting tlist.c's special-purpose IS_SRF_CALL() as a widely-visible macro. I can't find any evidence that anyone's taken the bait, but it was only a matter of time. Use expression_returns_set() instead, and stuff the IS_SRF_CALL() genie back in its bottle, this time with a warning label. I also added a couple of cross-reference comments. After a fair amount of fooling around, I've despaired of making a robust test case that exposes the bug reliably, so no test case here. (Note that the test case added by fac1b470a is itself broken, in that it doesn't notice if you remove the code change. The repro given by the bug submitter currently doesn't fail either in v15 or HEAD, though I suspect that may indicate an unrelated bug.) Per bug #17564 from Martijn van Oosterhout. Back-patch to v13, as the faulty patch was. Discussion: https://postgr.es/m/17564-c7472c2f90ef2da3@postgresql.org 03 August 2022, 21:33:42 UTC
c628ca3 Tom Lane 03 August 2022, 15:14:55 UTC Reduce test runtime of src/test/modules/snapshot_too_old. The sto_using_cursor and sto_using_select tests were coded to exercise every permutation of their test steps, but AFAICS there is no value in exercising more than one. This matters because each permutation costs about six seconds, thanks to the "pg_sleep(6)". Perhaps we could reduce that, but the useless permutations seem worth getting rid of in any case. (Note that sto_using_hash_index got it right already.) While here, clean up some other sloppiness such as an unused table. This doesn't make too much difference in interactive testing, since the wasted time is typically masked by parallelization with other tests. However, the buildfarm runs this as a serial step, which means we can expect to shave ~40 seconds from every buildfarm run. That makes it worth back-patching. Discussion: https://postgr.es/m/2515192.1659454702@sss.pgh.pa.us 03 August 2022, 15:14:55 UTC
82ebc70 Tom Lane 02 August 2022, 22:05:34 UTC Be more wary about 32-bit integer overflow in pg_stat_statements. We've heard a couple of reports of people having trouble with multi-gigabyte-sized query-texts files. It occurred to me that on 32-bit platforms, there could be an issue with integer overflow of calculations associated with the total query text size. Address that with several changes: 1. Limit pg_stat_statements.max to INT_MAX / 2 not INT_MAX. The hashtable code will bound it to that anyway unless "long" is 64 bits. We still need overflow guards on its use, but this helps. 2. Add a check to prevent extending the query-texts file to more than MaxAllocHugeSize. If it got that big, qtext_load_file would certainly fail, so there's not much point in allowing it. Without this, we'd need to consider whether extent, query_offset, and related variables shouldn't be off_t not size_t. 3. Adjust the comparisons in need_gc_qtexts() to be done in 64-bit arithmetic on all platforms. It appears possible that under duress those multiplications could overflow 32 bits, yielding a false conclusion that we need to garbage-collect the texts file, which could lead to repeatedly garbage-collecting after every hash table insertion. Per report from Bruno da Silva. I'm not convinced that these issues fully explain his problem; there may be some other bug that's contributing to the query-texts file becoming so large in the first place. But it did get that big, so #2 is a reasonable defense, and #3 could explain the reported performance difficulties. (See also commit 8bbe4cbd9, which addressed some related bugs. The second Discussion: link is the thread that led up to that.) This issue is old, and is primarily a problem for old platforms, so back-patch. Discussion: https://postgr.es/m/CAB+Nuk93fL1Q9eLOCotvLP07g7RAv4vbdrkm0cVQohDVMpAb9A@mail.gmail.com Discussion: https://postgr.es/m/5601D354.5000703@BlueTreble.com 02 August 2022, 22:05:34 UTC
c034b62 Tom Lane 02 August 2022, 14:29:35 UTC Change type "char"'s I/O format for non-ASCII characters. Previously, a byte with the high bit set was just transmitted as-is by charin() and charout(). This is problematic if the database encoding is multibyte, because the result of charout() won't be validly encoded, which breaks various stuff that expects all text strings to be validly encoded. We've previously decided to enforce encoding validity rather than try to individually harden each place that might have a problem with such strings, so it's time to do something about "char". To fix, represent high-bit-set characters as \ooo (backslash and three octal digits), following the ancient "escape" format for bytea. charin() will continue to accept the old way as well, though that is only reachable in single-byte encodings. Add some test cases just so there is coverage for this code. We'll otherwise leave this question undocumented as it was before, because we don't really want to encourage end-user use of "char". For the moment, back-patch into v15 so that this change appears in 15beta3. If there's not great pushback we should consider absorbing this change into the older branches. Discussion: https://postgr.es/m/2318797.1638558730@sss.pgh.pa.us 02 August 2022, 14:29:35 UTC
5b94d3c Michael Paquier 02 August 2022, 10:56:06 UTC doc: Fix typos in protocol.sgml Author: Ekaterina Kiryanova Discussion: https://postgr.es/m/745414e7-efb2-a6ae-5b83-fcbdf35aabc8@postgrespro.ru Backpatch-through: 15 02 August 2022, 10:56:06 UTC
572baf2 Amit Kapila 02 August 2022, 03:50:38 UTC Remove duplicated wait for subscription sync from 007_ddl.pl. An oversight in 8f2e2bbf14. Author: Masahiko Sawada Reviewed by: Amit Kapila Backpatch-through: 15, where it was introduced Discussion: https://postgr.es/m/CAD21AoC-fvAkaKHa4t1urupwL8xbAcWRePeETvshvy80f6WV1A@mail.gmail.com 02 August 2022, 03:50:38 UTC
adc3ae6 Tom Lane 01 August 2022, 16:22:35 UTC Check maximum number of columns in function RTEs, too. I thought commit fd96d14d9 had plugged all the holes of this sort, but no, function RTEs could produce oversize tuples too, either via long coldeflists or just from multiple functions in one RTE. (I'm pretty sure the other variants of base RTEs aren't a problem, because they ultimately refer to either a table or a sub-SELECT, whose widths are enforced elsewhere. But we explicitly allow join RTEs to be overwidth, as long as you don't try to form their tuple result.) Per further discussion of bug #17561. As before, patch all branches. Discussion: https://postgr.es/m/17561-80350151b9ad2ad4@postgresql.org 01 August 2022, 16:22:35 UTC
07abcd9 Michael Paquier 01 August 2022, 07:39:16 UTC Fix error reporting after ioctl() call with pg_upgrade --clone errno was not reported correctly after attempting to clone a file, leading to incorrect error reports. While scanning through the code, I have not noticed any similar mistakes. Error introduced in 3a769d8. Author: Justin Pryzby Discussion: https://postgr.es/m/20220731134135.GY15006@telsasoft.com Backpatch-through: 12 01 August 2022, 07:39:16 UTC
feae5c0 Andres Freund 01 August 2022, 00:40:42 UTC ci: remove minor version from freebsd image name This way .cirrus.yml does not need to be changed just because freebsd releases a new minor version. Discussion: https://postgr.es/m/20220728095704.ryywoaz4dqqrwstc@alap3.anarazel.de Backpatch: 15-, just like the CI support 01 August 2022, 00:41:53 UTC
6e37312 Tom Lane 31 July 2022, 20:58:20 UTC Remove test_oat_hooks.c's nodetag_to_string(). In the short time this function has existed, it's already proven to be a nontrivial maintenance burden, since it has to be updated whenever a node tag is added or removed. Although in principle we could now automate that, I see little justification for having such functionality here at all. The function is only being applied to utility statements, for which we already have infrastructure for obtaining string names. Moreover, that infrastructure produces already-familiar-to-users names, unlike nodetag_to_string(). So, remove this function and use the existing infrastructure instead. That saves over a thousand lines of largely-unreachable code. Back-patch to v15 where this code came in. Although it seems unlikely that v15's nodetag list will change anymore, we might as well keep the two branches looking and acting alike; otherwise back-patching any test-results changes in this area will be painful. Discussion: https://postgr.es/m/843818.1659218928@sss.pgh.pa.us 31 July 2022, 20:58:41 UTC
9c9fc20 Andres Freund 31 July 2022, 19:31:40 UTC ci: switch to freebsd 13.1 freebsd 13.0 is out of support, switch to 13.1. It might be a good idea to remove the minor version number from the image name, but there's not been a response to that so far... Discussion: https://postgr.es/m/20220728095704.ryywoaz4dqqrwstc@alap3.anarazel.de Backpatch: 15-, just like the CI support 31 July 2022, 19:31:40 UTC
d386b75 Tom Lane 31 July 2022, 17:43:17 UTC Fix trim_array() for zero-dimensional array argument. The code tried to access ARR_DIMS(v)[0] and ARR_LBOUND(v)[0] whether or not those values exist. This made the range check on the "n" argument unstable --- it might or might not fail, and if it did it would report garbage for the allowed upper limit. These bogus accesses would probably annoy Valgrind, and if you were very unlucky even lead to SIGSEGV. Report and fix by Martin Kalcher. Back-patch to v14 where this function was added. Discussion: https://postgr.es/m/baaeb413-b8a8-4656-5757-ef347e5ec11f@aboutsource.net 31 July 2022, 17:43:17 UTC
e65f949 Tom Lane 31 July 2022, 16:29:44 UTC Make new auto_explain test safe for log_error_verbosity = verbose. Allow for the possible presence of a SQLSTATE code in the expected warning message, similarly to b998196bb and 19408aae7 (although here I see no need to allow more than one specific SQLSTATE). Per gripe from Andrew Dunstan. Discussion: https://postgr.es/m/c550ac53-5db5-3958-1798-50bae3d9af71@dunslane.net 31 July 2022, 16:29:44 UTC
a3699c5 Tom Lane 30 July 2022, 17:05:15 UTC Fix incorrect is-this-the-topmost-join tests in parallel planning. Two callers of generate_useful_gather_paths were testing the wrong thing when deciding whether to call that function: they checked for being at the top of the current join subproblem, rather than being at the actual top join. This'd result in failing to construct parallel paths for a sub-join for which they might be useful. While set_rel_pathlist() isn't actively broken, it seems best to make its identical-in-intention test for this be like the other two. This has been wrong all along, but given the lack of field complaints I'm hesitant to back-patch into stable branches; we usually prefer to avoid non-bug-fix changes in plan choices in minor releases. It seems not too late for v15 though. Richard Guo, reviewed by Antonin Houska and Tom Lane Discussion: https://postgr.es/m/CAMbWs4-mH8Zf87-w+3P2J=nJB+5OyicO28ia9q_9o=Lamf_VHg@mail.gmail.com 30 July 2022, 17:05:15 UTC
d92f2bc Robert Haas 30 July 2022, 03:24:39 UTC Revise test case added in 43746996399541ecb5c7b188725a5f097c15ceae. Instead of using command_ok() to run psql, use safe_psql(). wrasse isn't happy, and it be because of failure to pass -X to the psql invocation, which safe_psql() will do automatically. Since safe_psql() returns standard output instead of writing it to a file, this requires some changes to the incantation for running 'diff'. Test against the 'regression' database rather than 'postgres' so we test more than just one table. That also means we need to record the horizons later, after the test does "VACUUM FULL pg_largeobject". Add an ORDER BY clause to the horizon query for stability. Patch by me, reviewed by Tom Lane. Discussion: http://postgr.es/m/CA+TgmoaGBbpzgu3=du1f9zDUbkfycO0y=_uWrLFy=KKEqXWeLQ@mail.gmail.com 30 July 2022, 03:26:03 UTC
2eb3f16 Andrew Dunstan 29 July 2022, 21:43:34 UTC Fix new recovery test for log_error_verbosity=verbose case The new test is from commit 9e4f914b5e. With this setting messages have SQL error numbers included, so that needs to be provided for in the pattern looked for. Backpatch to all live branches like the original. 29 July 2022, 22:17:17 UTC
5c9ea19 Robert Haas 29 July 2022, 20:31:57 UTC Fix brown paper bag bug in bbe08b8869bd29d587f24ef18eb45c7d4d14afca. We must issue the TRUNCATE command first and update relfrozenxid and relminmxid afterward; otherwise, TRUNCATE overwrites the previously-set values. Add a test case like I should have done the first time. Per buildfarm report from TestUpgradeXversion.pm, by way of Tom Lane. 29 July 2022, 20:32:07 UTC
e6e804a Tom Lane 29 July 2022, 17:30:50 UTC In transformRowExpr(), check for too many columns in the row. A RowExpr with more than MaxTupleAttributeNumber columns would fail at execution anyway, since we cannot form a tuple datum with more than that many columns. While heap_form_tuple() has a check for too many columns, it emerges that there are some intermediate bits of code that don't check and can be driven to failure with sufficiently many columns. Checking this at parse time seems like the most appropriate place to install a defense, since we already check SELECT list length there. While at it, make the SELECT-list-length error use the same errcode (TOO_MANY_COLUMNS) as heap_form_tuple does, rather than the generic PROGRAM_LIMIT_EXCEEDED. Per bug #17561 from Egor Chindyaskin. The given test case crashes in all supported branches (and probably a lot further back), so patch all. Discussion: https://postgr.es/m/17561-80350151b9ad2ad4@postgresql.org 29 July 2022, 17:31:11 UTC
665ca54 Robert Haas 29 July 2022, 15:20:07 UTC Fix mistake in bbe08b8869bd29d587f24ef18eb45c7d4d14afca. The earlier commit used pg_class.relfilenode where it should have used pg_class.oid. This could lead to emitting an UPDATE statement into the dump that would update nothing (or the wrong thing) when executed in the new cluster, resulting in relfrozenxid and relminmxid being improperly carried forward for pg_largeobject. Noticed by Dilip Kumar. Discussion: http://postgr.es/m/CAFiTN-ty1Gzs6stk2vt9BJiq0m0hzf=aPnh3a-4Z3Tk5GzoENw@mail.gmail.com 29 July 2022, 15:24:57 UTC
798d644 Alvaro Herrera 29 July 2022, 10:50:47 UTC Fix test instability On FreeBSD, the new test fails due to a WAL file being removed before the standby has had the chance to copy it. Fix by adding a replication slot to prevent the removal until after the standby has connected. Author: Kyotaro Horiguchi <horikyota.ntt@gmail.com> Reported-by: Matthias van de Meent <boekewurm+postgres@gmail.com> Discussion: https://postgr.es/m/CAEze2Wj5nau_qpjbwihvmXLfkAWOZ5TKdbnqOc6nKSiRJEoPyQ@mail.gmail.com 29 July 2022, 10:50:47 UTC
4ab5dae Robert Haas 28 July 2022, 19:32:24 UTC Use TRUNCATE to preserve relfilenode for pg_largeobject + index. Commit 9a974cbcba005256a19991203583a94b4f9a21a9 arranged to preserve the relfilenode of user tables across pg_upgrade, but failed to notice that pg_upgrade treats pg_largeobject as a user table and thus it needs the same treatment. Otherwise, large objects will appear to vanish after a pg_upgrade. Commit d498e052b4b84ae21b3b68d5b3fda6ead65d1d4d fixed this problem by teaching pg_dump to UPDATE pg_class.relfilenode for pg_largeobject and its index. However, because an UPDATE on the catalog rows doesn't change anything on disk, this can leave stray files behind in the new cluster. They will normally be empty, but it's a little bit untidy. Hence, this commit arranges to do the same thing using DDL. Specifically, it makes TRUNCATE work for the pg_largeobject catalog when in binary-upgrade mode, and it then uses that command in binary-upgrade dumps as a way of setting pg_class.relfilenode for pg_largeobject and its index. That way, the old files are removed from the new cluster. Discussion: http://postgr.es/m/CA+TgmoYYMXGUJO5GZk1-MByJGu_bB8CbOL6GJQC8=Bzt6x6vDg@mail.gmail.com 28 July 2022, 19:43:24 UTC
02e5c27 Alvaro Herrera 28 July 2022, 16:21:56 UTC doc: avoid saying "inheritance" ... ... when it applies to partitioned relations. This is almost the opposite of 0c06534bd63b, which removed references to "partition" in favour of "child". Author: Justin Pryzby <pryzby@telsasoft.com> Reviewed-by: Ashutosh Bapat <ashutosh.bapat@enterprisedb.com> Reviewed-by: Amit Langote <amitlangote09@gmail.com> Discussion: https://postgr.es/m/20220525013248.GO19626@telsasoft.com 28 July 2022, 16:21:56 UTC
8348413 Alvaro Herrera 28 July 2022, 06:26:05 UTC Fix replay of create database records on standby Crash recovery on standby may encounter missing directories when replaying database-creation WAL records. Prior to this patch, the standby would fail to recover in such a case; however, the directories could be legitimately missing. Consider the following sequence of commands: CREATE DATABASE DROP DATABASE DROP TABLESPACE If, after replaying the last WAL record and removing the tablespace directory, the standby crashes and has to replay the create database record again, crash recovery must be able to continue. A fix for this problem was already attempted in 49d9cfc68bf4, but it was reverted because of design issues. This new version is based on Robert Haas' proposal: any missing tablespaces are created during recovery before reaching consistency. Tablespaces are created as real directories, and should be deleted by later replay. CheckRecoveryConsistency ensures they have disappeared. The problems detected by this new code are reported as PANIC, except when allow_in_place_tablespaces is set to ON, in which case they are WARNING. Apart from making tests possible, this gives users an escape hatch in case things don't go as planned. Author: Kyotaro Horiguchi <horikyota.ntt@gmail.com> Author: Asim R Praveen <apraveen@pivotal.io> Author: Paul Guo <paulguo@gmail.com> Reviewed-by: Anastasia Lubennikova <lubennikovaav@gmail.com> (older versions) Reviewed-by: Fujii Masao <masao.fujii@oss.nttdata.com> (older versions) Reviewed-by: Michaël Paquier <michael@paquier.xyz> Diagnosed-by: Paul Guo <paulguo@gmail.com> Discussion: https://postgr.es/m/CAEET0ZGx9AvioViLf7nbR_8tH9-=27DN5xWJ2P9-ROH16e4JUA@mail.gmail.com 28 July 2022, 06:26:05 UTC
fc4e5af Thomas Munro 28 July 2022, 02:13:37 UTC Fix get_dirent_type() for symlinks on MinGW/MSYS. On Windows with MSVC, get_dirent_type() was recently made to return DT_LNK for junction points by commit 9d3444dc, which fixed some defective dirent.c code. On Windows with Cygwin, get_dirent_type() already worked for symlinks, as it does on POSIX systems, because Cygwin has its own fake symlinks that behave like POSIX (on closer inspection, Cygwin's dirent has the BSD d_type extension but it's probably always DT_UNKNOWN, so we fall back to lstat(), which understands Cygwin symlinks with S_ISLNK()). On Windows with MinGW/MSYS, we need extra code, because the MinGW runtime has its own readdir() without d_type, and the lstat()-based fallback has no knowledge of our convention for treating junctions as symlinks. Back-patch to 14, where get_dirent_type() landed. Reported-by: Andrew Dunstan <andrew@dunslane.net> Discussion: https://postgr.es/m/b9ddf605-6b36-f90d-7c30-7b3e95c46276%40dunslane.net 28 July 2022, 02:27:28 UTC
1d01d19 Tom Lane 27 July 2022, 22:58:20 UTC Fix new auto_explain test case for Windows. In commit 7c34555f8, I overlooked the need to configure SSPI on Windows to allow login as the non-superuser role. Fix that by adding auth_extra/--create-role incantation (which, oddly enough, doesn't actually create the role). Per buildfarm. While here, upgrade the mechanism for temporarily setting $ENV{PGUSER}, as per recommendation from ilmari. Discussion: https://postgr.es/m/87edy7j1zz.fsf@wibble.ilmari.org 27 July 2022, 22:58:20 UTC
a0c632c Tom Lane 26 July 2022, 17:07:03 UTC Force immediate commit after CREATE DATABASE etc in extended protocol. We have a few commands that "can't run in a transaction block", meaning that if they complete their processing but then we fail to COMMIT, we'll be left with inconsistent on-disk state. However, the existing defenses for this are only watertight for simple query protocol. In extended protocol, we didn't commit until receiving a Sync message. Since the client is allowed to issue another command instead of Sync, we're in trouble if that command fails or is an explicit ROLLBACK. In any case, sitting in an inconsistent state while waiting for a client message that might not come seems pretty risky. This case wasn't reachable via libpq before we introduced pipeline mode, but it's always been an intended aspect of extended query protocol, and likely there are other clients that could reach it before. To fix, set a flag in PreventInTransactionBlock that tells exec_execute_message to force an immediate commit. This seems to be the approach that does least damage to existing working cases while still preventing the undesirable outcomes. While here, add some documentation to protocol.sgml that explicitly says how to use pipelining. That's latent in the existing docs if you know what to look for, but it's better to spell it out; and it provides a place to document this new behavior. Per bug #17434 from Yugo Nagata. It's been wrong for ages, so back-patch to all supported branches. Discussion: https://postgr.es/m/17434-d9f7a064ce2a88a3@postgresql.org 26 July 2022, 17:07:03 UTC
7977ac1 Michael Paquier 26 July 2022, 06:57:33 UTC Fix path reference when parsing pg_ident.conf for pg_ident_file_mappings Since a2c8499, HbaFileName (default pg_hba.conf) was getting used instead of IdentFileName (default pg_ident.conf) as the parent file to use as reference when parsing the contents of pg_ident.conf, with pg_ident.conf correctly opened, when feeding this information to pg_ident_file_mappings. This had two consequences: - On an I/O error when reading pg_ident.conf, the user would get an ERROR message referring to pg_hba.conf and not pg_ident.conf. - When reading an external file with a relative path using '@' in pg_ident.conf, the directory used to look at the file to load would be the base directory of pg_hba.conf rather than the one of pg_ident.conf, leading to errors in pg_ident_file_mappings inconsistent with what gets loaded at startup when pg_ident.conf and pg_hba.conf are located in different directories. This error only impacted the SQL view pg_ident_file_mappings that uses a logic new to v15 to fill the view with the parsed information, not the code paths loading these authentication files at startup. Author: Julien Rouhaud Discussion: https://postgr.es/m/20220726050402.vsr6fmz7rsgpmdz3@jrouhaud Backpatch-through: 15 26 July 2022, 06:57:33 UTC
e1bd499 Tom Lane 25 July 2022, 19:45:24 UTC Add test for session_preload_libraries and parameter permissions checks. We weren't exercising the session_preload_libraries option in any meaningful way. auto_explain is a good testbed for doing so, since it's one of the primary use-cases for session_preload_libraries. Hence, adjust its TAP test to load the library via session_preload_libraries not shared_preload_libraries. While at it, feed test-specific settings to the backend via PGOPTIONS rather than tediously rewriting postgresql.conf. Also, since auto_explain has some PGC_SUSET parameters, we can use it to provide a test case for the permissions-checking bug just fixed by commit b35617de3. Back-patch to v15 so that we have coverage for the permissions issue in that branch too. To do that, I back-patched the refactoring recently done by commit 550bc0a6c. Dagfinn Ilmari Mannsåker and Tom Lane Discussion: https://postgr.es/m/CABwTF4VEpwTHhRQ+q5MiC5ucngN-whN-PdcKeufX7eLSoAfbZA@mail.gmail.com 25 July 2022, 19:45:24 UTC
31ed3cf Tom Lane 25 July 2022, 14:27:43 UTC Process session_preload_libraries within InitPostgres's transaction. Previously we did this after InitPostgres, at a somewhat randomly chosen place within PostgresMain. However, since commit a0ffa885e doing this outside a transaction can cause a crash, if we need to check permissions while replacing a placeholder GUC. (Besides which, a preloaded library could itself want to do database access within _PG_init.) To avoid needing an additional transaction start/end in every session, move the process_session_preload_libraries call to within InitPostgres's transaction. That requires teaching the code not to call it when InitPostgres is called from somewhere other than PostgresMain, since we don't want session_preload_libraries to affect background workers. The most future-proof solution here seems to be to add an additional flag parameter to InitPostgres; fortunately, we're not yet very worried about API stability for v15. Doing this also exposed the fact that we're currently honoring session_preload_libraries in walsenders, even those not connected to any database. This seems, at minimum, a POLA violation: walsenders are not interactive sessions. Let's stop doing that. (All these comments also apply to local_preload_libraries, of course.) Per report from Gurjeet Singh (thanks also to Nathan Bossart and Kyotaro Horiguchi for review). Backpatch to v15 where a0ffa885e came in. Discussion: https://postgr.es/m/CABwTF4VEpwTHhRQ+q5MiC5ucngN-whN-PdcKeufX7eLSoAfbZA@mail.gmail.com 25 July 2022, 14:27:43 UTC
19f8232 Heikki Linnakangas 25 July 2022, 05:48:38 UTC Fix ReadRecentBuffer for local buffers. It incorrectly used GetBufferDescriptor instead of GetLocalBufferDescriptor, causing it to not find the correct buffer in most cases, and performing an out-of-bounds memory read in the corner case that temp_buffers > shared_buffers. It also bumped the usage-count on the buffer, even if it was previously pinned. That won't lead to crashes or incorrect results, but it's different from what the shared-buffer case does, and different from the usual code in LocalBufferAlloc. Fix that too, and make the code ordering match LocalBufferAlloc() more closely, so that it's easier to verify that it's doing the same thing. Currently, ReadRecentBuffer() is only used with non-temp relations, in WAL redo, so the broken code is currently dead code. However, it could be used by extensions. Backpatch-through: 14 Discussion: https://www.postgresql.org/message-id/2d74b46f-27c9-fb31-7f99-327a87184cc0%40iki.fi Reviewed-by: Thomas Munro, Zhang Mingli, Richard Guo 25 July 2022, 05:53:03 UTC
bd6cfbf Tom Lane 23 July 2022, 23:00:30 UTC Doc: improve documentation about random(). We didn't explicitly say that random() uses a randomly-chosen seed if you haven't called setseed(). Do so. Also, remove ref/set.sgml's no-longer-accurate (and never very relevant) statement that the seed value is multiplied by 2^31-1. Back-patch to v12 where set.sgml's claim stopped being true. The claim that we use a source of random bits as seed was debatable before 4203842a1, too, so v12 seems like a good place to stop. Per question from Carl Sopchak. Discussion: https://postgr.es/m/f37bb937-9d99-08f0-4de7-80c91a3cfc2e@sopchak.me 23 July 2022, 23:00:30 UTC
44d0e41 Tom Lane 23 July 2022, 20:10:14 UTC Doc: update recovery/README. Commit e2f65f425 added contrib/pg_prewarm to the prerequisites for running the src/test/recovery suite, but did not bother to update the documentation about that. 23 July 2022, 20:10:38 UTC
3b474a2 Tom Lane 23 July 2022, 16:12:42 UTC Increase minimum supported GNU make version to 3.81. We've long held the minimum at 3.80, but that's required more than one workaround. Commit 0f39b70a6 broke it again, because it turns out that exporting a target-specific variable didn't work in 3.80. Considering that 3.81 is now old enough to get a driver's license, and that the only remaining buildfarm member testing 3.80 (prairiedog) is likely to be retired soon, let's just stop supporting 3.80. Adjust docs and Makefile.global's minimum-version check to match. There are a couple of comments in the Makefiles suggesting that random things could be done differently after we desupport 3.80, but I couldn't get excited about changing any of them right now. Back-patch to v15, as 0f39b70a6 was. Discussion: https://postgr.es/m/20220720172321.GL12702@telsasoft.com 23 July 2022, 16:12:42 UTC
1846202 Alvaro Herrera 22 July 2022, 18:15:11 UTC Fix [install]check in interfaces/libpq/Makefile The common recipe when TAP tests are disabled doesn't work, because the libpq-specific recipe wants to define the PATH environment variable, so the starting '@' is misinterpreted as part of the command instead of silencing said command. Fix by setting the environment variable in a way that doesn't interfere with the recipe. Reported-by: Justin Pryzby <pryzby@telsasoft.com> Discussion: https://postgr.es/m/20220720172321.GL12702@telsasoft.com 22 July 2022, 18:15:11 UTC
c2fa113 Tom Lane 22 July 2022, 16:46:42 UTC Close old gap in dependency checks for functions returning composite. The dependency logic failed to register a column-level dependency when a view or rule contains a reference to a specific column of the result of a function-returning-composite. That meant you could drop the column from the composite type, causing trouble for future executions of the view. We've known about this for years, but never summoned the energy to actually fix it, instead installing various low-level defenses to prevent crashing on references to dropped columns. We had to do that to plug the hole in stable branches, where there might be pre-existing broken references; but let's fix the root cause today. To do that, add some logic (borrowed from get_rte_attribute_is_dropped) to find_expr_references_walker, to check whether a Var referencing an RTE_FUNCTION RTE is referencing a column of a composite type, and if so add the proper dependency. However ... it seems mighty unwise to remove said low-level defenses, since there could be other bugs now or in the future that allow reaching them. By the same token, letting those defenses go untested seems unwise. Hence, rather than just dropping the associated test cases, hack them to continue working by the expedient of manually dropping the pg_depend entries that this fix installs. Back-patch into v15. I don't want to risk changing this behavior in stable branches, but it seems not too late for v15. (Since we have already forced initdb for beta3, we can be sure that all production v15 installations will have these added dependencies.) Discussion: https://postgr.es/m/182492.1658431155@sss.pgh.pa.us 22 July 2022, 16:46:42 UTC
00cf403 Tom Lane 22 July 2022, 14:53:26 UTC Fix minor memory leaks in psql's tab completion. Tang Haiying and Tom Lane Discussion: https://postgr.es/m/OS0PR01MB6113EA19F05E217C823B4CCAFB909@OS0PR01MB6113.jpnprd01.prod.outlook.com 22 July 2022, 14:53:26 UTC
202b56b Thomas Munro 22 July 2022, 05:37:39 UTC Remove unnecessary Windows-specific basebackup code. Commit c6f2f016 added an explicit check for a Windows "junction point". That turned out to be needed only because get_dirent_type() was busted on Windows. It's been fixed by commit 9d3444dc, so remove it. Add a TAP-test to demonstrate that in-place tablespaces are copied by pg_basebackup. This exercises the codepath that would fail before c6f2f016 on Windows, and shows that it still doesn't fail now that we're using get_dirent_type() on both Windows and Unix. Back-patch to 15, where in-place tablespaces arrived and caused this problem (ie directories where previously only symlinks were expected). Reviewed-by: Michael Paquier <michael@paquier.xyz> Discussion: https://postgr.es/m/CA%2BhUKGLzLK4PUPx0_AwXEWXOYAejU%3D7XpxnYE55Y%2Be7hB2N3FA%40mail.gmail.com 22 July 2022, 05:42:22 UTC
6d306ab Thomas Munro 22 July 2022, 04:57:12 UTC Fix get_dirent_type() for Windows junction points. Commit 87e6ed7c8 added code that intended to report Windows "junction points" as DT_LNK (the same way we report symlinks on Unix). Windows junction points are *also* directories according to the Windows attributes API, and we were reporting them as as DT_DIR. Change the order we check the attribute flags, to prioritize DT_LNK. If at some point we start using Windows' recently added real symlinks and need to distinguish them from junction points, we may need to rethink this, but for now this continues the tradition of wrapper functions that treat junction points as symlinks. Back-patch to 14, where get_dirent_type() landed. Reviewed-by: Michael Paquier <michael@paquier.xyz> Reviewed-by: Alvaro Herrera <alvherre@alvh.no-ip.org> Discussion: https://postgr.es/m/CA%2BhUKGLzLK4PUPx0_AwXEWXOYAejU%3D7XpxnYE55Y%2Be7hB2N3FA%40mail.gmail.com Discussion: https://postgr.es/m/20220721111751.x7hod2xgrd76xr5c%40alvherre.pgsql 22 July 2022, 04:57:36 UTC
63a8c68 Fujii Masao 21 July 2022, 13:52:50 UTC postgres_fdw: Fix bug in checking of return value of PQsendQuery(). When postgres_fdw begins an asynchronous data fetch, it submits FETCH query by using PQsendQuery(). If PQsendQuery() fails and returns 0, postgres_fdw should report an error. But, previously, postgres_fdw reported an error only when the return value is less than 0, though PQsendQuery() never return the values other than 0 and 1. Therefore postgres_fdw could not handle the failure to send FETCH query in an asynchronous data fetch. This commit fixes postgres_fdw so that it reports an error when PQsendQuery() returns 0. Back-patch to v14 where asynchronous execution was supported in postgres_fdw. Author: Fujii Masao Reviewed-by: Japin Li, Tom Lane Discussion: https://postgr.es/m/b187a7cf-d4e3-5a32-4d01-8383677797f3@oss.nttdata.com 22 July 2022, 03:01:31 UTC
d5623c4 Bruce Momjian 21 July 2022, 18:55:23 UTC doc: use wording "restore" instead of "reload" of dumps Reported-by: axel.kluener@gmail.com Discussion: https://postgr.es/m/164736074430.660.3645615289283943146@wrigleys.postgresql.org Backpatch-through: 11 21 July 2022, 18:55:23 UTC
97f6e4d Bruce Momjian 21 July 2022, 17:58:20 UTC doc: clarify that auth. names are lower case and case-sensitive This is true even for acronyms that are usually upper case, like LDAP. Reported-by: Alvaro Herrera Discussion: https://postgr.es/m/202205141521.2nodjabmsour@alvherre.pgsql Backpatch-through: 10 21 July 2022, 17:58:42 UTC
c1d1e84 Tom Lane 21 July 2022, 17:56:02 UTC Fix ruleutils issues with dropped cols in functions-returning-composite. Due to lack of concern for the case in the dependency code, it's possible to drop a column of a composite type even though stored queries have references to the dropped column via functions-in-FROM that return the composite type. There are "soft" references, namely FROM-clause aliases for such columns, and "hard" references, that is actual Vars referring to them. The right fix for hard references is to add dependencies preventing the drop; something we've known for many years and not done (and this commit still doesn't address it). A "soft" reference shouldn't prevent a drop though. We've been around on this before (cf. 9b35ddce9, 2c4debbd0), but nobody had noticed that the current behavior can result in dump/reload failures, because ruleutils.c can print more column aliases than the underlying composite type now has. So we need to rejigger the column-alias-handling code to treat such columns as dropped and not print aliases for them. Rather than writing new code for this, I used expandRTE() which already knows how to figure out which function result columns are dropped. I'd initially thought maybe we could use expandRTE() in all cases, but that fails for EXPLAIN's purposes, because the planner strips a lot of RTE infrastructure that expandRTE() needs. So this patch just uses it for unplanned function RTEs and otherwise does things the old way. If there is a hard reference (Var), then removing the column alias causes us to fail to print the Var, since there's no longer a name to print. Failing seems less desirable than printing a made-up name, so I made it print "?dropped?column?" instead. Per report from Timo Stolz. Back-patch to all supported branches. Discussion: https://postgr.es/m/5c91267e-3b6d-5795-189c-d15a55d61dbb@nullachtvierzehn.de 21 July 2022, 17:56:05 UTC
c69616c Bruce Momjian 21 July 2022, 17:43:13 UTC relnotes: improve PG 15 schema permission change wording Reported-by: Noah Misch Discussion: https://postgr.es/m/20220630050808.GC2257984@rfd.leadboat.com Backpatch-through: 15 only 21 July 2022, 17:43:13 UTC
8957234 John Naylor 14 July 2022, 02:38:06 UTC Correct some uses of e.g. and i.e. in message strings and documentation E.g. means "for example" and i.e. means "that is". Fix a couple uses that don't match the intended meaning. Kyotaro Horiguchi Reviewed by Junwang Zhao and Aleksander Alekseev, with one addition by me Discussion: https://www.postgresql.org/message-id/flat/20220713.180943.589079824955875739.horikyota.ntt%40gmail.com This is a backpatch of 82785effc0 to v15 21 July 2022, 05:22:51 UTC
eac3e00 Michael Paquier 21 July 2022, 01:42:07 UTC Fix various memory leaks in psql's describe commands \d* Most of these have been introduced in d2d3547 with the new pattern validation logic, and would leak memory worth an amount of one PQExpBuffer each time (as of 256 bytes at minimum, possibly more). Most of the patch has been written by Tang Haiying, with a few tweaks coming from Álvaro Herrera. Reported-by: Tang Haiying Author: Tang Haiying, Álvaro Herrera Reviewed-by: Mark Dilger, Andres Freund, Álvaro Herrera, Tom Lane, Japin Li, Michael Paquier, Junwang Zhao Backpatch-through: 15 21 July 2022, 01:42:07 UTC
2103266 Jeff Davis 15 July 2022, 19:24:10 UTC Process shared_preload_libraries in single-user mode. Without processing shared_preload_libraries, it's impossible to recover if custom WAL resource managers are needed. It may also pose a problem running VACUUM on a table with a custom AM, if the module implementing the AM is expecting to be loaded by shared_preload_libraries. The reason this wasn't done before was just the general principle to do fewer things in single-user mode. But it's easy enough to just set shared_preload_libraries to empty, for the same effect. Discussion: https://postgr.es/m/9decc18a42634f8a2f15c97a385a0f51a752f396.camel%40j-davis.com Reviewed-by: Tom Lane, Andres Freund Backpatch-through: 15 20 July 2022, 16:37:00 UTC
0829cc4 Fujii Masao 12 July 2022, 02:53:29 UTC Fix assertion failure and segmentation fault in backup code. When a non-exclusive backup is canceled, do_pg_abort_backup() is called and resets some variables set by pg_backup_start (pg_start_backup in v14 or before). But previously it forgot to reset the session state indicating whether a non-exclusive backup is in progress or not in this session. This issue could cause an assertion failure when the session running BASE_BACKUP is terminated after it executed pg_backup_start and pg_backup_stop (pg_stop_backup in v14 or before). Also it could cause a segmentation fault when pg_backup_stop is called after BASE_BACKUP in the same session is canceled. This commit fixes the issue by making do_pg_abort_backup reset that session state. Back-patch to all supported branches. Author: Fujii Masao Reviewed-by: Kyotaro Horiguchi, Masahiko Sawada, Michael Paquier, Robert Haas Discussion: https://postgr.es/m/3374718f-9fbf-a950-6d66-d973e027f44c@oss.nttdata.com 20 July 2022, 00:57:07 UTC
286793b Fujii Masao 12 July 2022, 00:31:57 UTC Prevent BASE_BACKUP in the middle of another backup in the same session. Multiple non-exclusive backups are able to be run conrrently in different sessions. But, in the same session, only one non-exclusive backup can be run at the same moment. If pg_backup_start (pg_start_backup in v14 or before) is called in the middle of another non-exclusive backup in the same session, an error is thrown. However, previously, in logical replication walsender mode, even if that walsender session had already called pg_backup_start and started a non-exclusive backup, it could execute BASE_BACKUP command and start another non-exclusive backup. Which caused subsequent pg_backup_stop to throw an error because BASE_BACKUP unexpectedly reset the session state marked by pg_backup_start. This commit prevents BASE_BACKUP command in the middle of another non-exclusive backup in the same session. Back-patch to all supported branches. Author: Fujii Masao Reviewed-by: Kyotaro Horiguchi, Masahiko Sawada, Michael Paquier, Robert Haas Discussion: https://postgr.es/m/3374718f-9fbf-a950-6d66-d973e027f44c@oss.nttdata.com 20 July 2022, 00:56:52 UTC
535f1fc Michael Paquier 20 July 2022, 00:50:57 UTC Tweak detail and hint messages to be consistent with project policy Detail and hint messages should be full sentences and should end with a period, but some of the messages newly-introduced in v15 did not follow that. Author: Justin Pryzby Reviewed-by: Álvaro Herrera Discussion: https://postgr.es/m/20220719120948.GF12702@telsasoft.com Backpatch-through: 15 20 July 2022, 00:50:57 UTC
a2944d8 Tom Lane 19 July 2022, 21:22:03 UTC Fix missed corner cases for grantable permissions on GUCs. We allow users to set the values of not-yet-loaded extension GUCs, remembering those values in "placeholder" GUC entries. When/if the extension is loaded later in the session, we need to verify that the user had permissions to set the GUC. That was done correctly before commit a0ffa885e, but as of that commit, we'd check the permissions of the active role when the LOAD happens, not the role that had set the value. (This'd be a security bug if it had made it into a released version.) In principle this is simple enough to fix: we just need to remember the exact role OID that set each GUC value, and use that not GetUserID() when verifying permissions. Maintaining that data in the guc.c data structures is slightly tedious, but fortunately it's all basically just copy-n-paste of the logic for tracking the GucSource of each setting, as we were already doing. Another oversight is that validate_option_array_item() hadn't been taught to check for granted GUC privileges. This appears to manifest only in that ALTER ROLE/DATABASE RESET ALL will fail to reset settings that the user should be allowed to reset. Patch by myself and Nathan Bossart, per report from Nathan Bossart. Back-patch to v15 where the faulty code came in. Discussion: https://postgr.es/m/20220706224727.GA2158260@nathanxps13 19 July 2022, 21:22:31 UTC
795ccd4 Bruce Momjian 19 July 2022, 20:45:25 UTC relnotes: clarify pg_basebackup compression options Also, a few wording improvements Reported-by: Justin Pryzby Discussion: https://postgr.es/m/20220719181307.GG12702@telsasoft.com Backpatch-through: 15 only 19 July 2022, 20:45:25 UTC
15ff26d Bruce Momjian 19 July 2022, 17:35:00 UTC relnotes: improve wording of several PG 15 items Reported-by: Justin Pryzby Discussion: https://postgr.es/m/20220719012322.GD12702@telsasoft.com Backpatch-through: 15 only 19 July 2022, 17:35:00 UTC
c91a216 Andres Freund 19 July 2022, 00:06:34 UTC Use STDOUT/STDERR_FILENO in most of syslogger. This fixes problems on windows when logging collector is used in a service, failing with: FATAL: could not redirect stderr: Bad file descriptor This is triggered by 76e38b37a5. The problem is that STDOUT/STDERR_FILENO aren't defined on windows, which lead us to use _fileno(stdout) etc, but that doesn't work if stdout/stderr are closed. Author: Andres Freund <andres@anarazel.de> Reported-By: Sandeep Thakkar <sandeep.thakkar@enterprisedb.com> Message-Id: 20220520164558.ozb7lm6unakqzezi@alap3.anarazel.de (on pgsql-packagers) Backpatch: 15-, where 76e38b37a5 came in 19 July 2022, 00:22:36 UTC
92f4786 Andres Freund 19 July 2022, 00:06:34 UTC windows: msvc: Define STDIN/OUT/ERR_FILENO. Because they are not available we've used _fileno(stdin) in some places, but that doesn't reliably work, because stdin might be closed. This is the prerequisite of the subsequent commit, fixing a failure introduced in 76e38b37a5. Author: Andres Freund <andres@anarazel.de> Reported-By: Sandeep Thakkar <sandeep.thakkar@enterprisedb.com> Message-Id: 20220520164558.ozb7lm6unakqzezi@alap3.anarazel.de (on pgsql-packagers) Backpatch: 15-, where 76e38b37a5 came in 19 July 2022, 00:22:35 UTC
1ab0719 Andres Freund 18 July 2022, 17:14:43 UTC Deal with paths containing \ and spaces in basebackup_to_shell tests As $gzip is embedded in postgresql.conf \ needs to be escaped, otherwise guc.c will take it as a string escape. Similarly, if "$gzip" contains spaces, the prior incantation will fail. Both of these are common on windows. Reviewed-by: Peter Eisentraut <peter.eisentraut@enterprisedb.com> Discussion: https://postgr.es/m/ce1b6eb3-5736-6f38-9775-b7020128b8d8@enterprisedb.com Backpatch: 15-, where the test was added in 027fa0fd726 18 July 2022, 17:21:55 UTC
9a01ea7 Peter Eisentraut 18 July 2022, 12:53:00 UTC pg_upgrade: Adjust quoting style in message to match guidelines 18 July 2022, 12:53:26 UTC
b681ca7 Peter Eisentraut 18 July 2022, 12:26:43 UTC Add another SQL/JSON error code A code comment said that the standard does not define a number for ERRCODE_SQL_JSON_ITEM_CANNOT_BE_CAST_TO_TARGET_TYPE, but this was fixed in a later draft version of the standard, so use that number now. 18 July 2022, 12:27:53 UTC
96dbbf8 Tom Lane 17 July 2022, 21:43:28 UTC Fix omissions in support for the "regcollation" type. The patch that added regcollation doesn't seem to have been too thorough about supporting it everywhere that other reg* types are supported. Fix that. (The find_expr_references omission is moderately serious, since it could result in missing expression dependencies. The others are less exciting.) Noted while fixing bug #17483. Back-patch to v13 where regcollation was added. Discussion: https://postgr.es/m/1423433.1652722406@sss.pgh.pa.us 17 July 2022, 21:43:28 UTC
b8032f4 Tom Lane 17 July 2022, 21:27:50 UTC postgres_fdw: set search_path to 'pg_catalog' while deparsing constants. The motivation for this is to ensure successful transmission of the values of constants of regconfig and other reg* types. The remote will be reading them with search_path = 'pg_catalog', so schema qualification is necessary when referencing objects in other schemas. Per bug #17483 from Emmanuel Quincerot. Back-patch to all supported versions. (There's some other stuff to do here, but it's less back-patchable.) Discussion: https://postgr.es/m/1423433.1652722406@sss.pgh.pa.us 17 July 2022, 21:27:50 UTC
91377a4 Thomas Munro 15 July 2022, 22:59:52 UTC Make dsm_impl_posix_resize more future-proof. Commit 4518c798 blocks signals for a short region of code, but it assumed that whatever called it had the signal mask set to UnBlockSig on entry. That may be true today (or may even not be, in extensions in the wild), but it would be better not to make that assumption. We should save-and-restore the caller's signal mask. The PG_SETMASK() portability macro couldn't be used for that, which is why it wasn't done before. But... considering that commit a65e0864 established back in 9.6 that supported POSIX systems have sigprocmask(), and that this is POSIX-only code, there is no reason not to use standard sigprocmask() directly to achieve that. Back-patch to all supported releases, like 4518c798 and 80845b7c. Reviewed-by: Alvaro Herrera <alvherre@alvh.no-ip.org> Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> Discussion: https://postgr.es/m/CA%2BhUKGKx6Biq7_UuV0kn9DW%2B8QWcpJC1qwhizdtD9tN-fn0H0g%40mail.gmail.com 16 July 2022, 00:23:03 UTC
8c297dd David Rowley 15 July 2022, 03:27:14 UTC Fix inconsistent parameter names between prototype and declaration Noticed while working in this area. This code was introduced in PG15, which is still in beta, so backpatch to there for consistency. Backpatch-through: 15 15 July 2022, 03:27:14 UTC
b32a588 John Naylor 01 July 2022, 04:41:36 UTC Clarify that pg_dump takes ACCESS SHARE lock Add link to the description of lock levels to avoid confusing "shared locks" with SHARE locks. Florin Irion Reviewed-by: Álvaro Herrera, Tom Lane, and Nathan Bossart Discussion: https://www.postgresql.org/message-id/flat/d0f30cc2-3c76-1d43-f291-7c4b2872d653@gmail.com This is a backpatch of 4e2e8d71f, applied through version 14 15 July 2022, 01:18:44 UTC
ad8c8ee Bruce Momjian 15 July 2022, 00:01:11 UTC docs: make monitoring "phases" table titles consistent Reported-by: Nitin Jadhav Discussion: https://postgr.es/m/CAMm1aWbmTHwHKC2PERH0CCaFVPoxrtLeS8=wNuoge94qdSp3vA@mail.gmail.com Author: Nitin Jadhav Backpatch-through: 13 15 July 2022, 00:01:11 UTC
8ef2859 Bruce Momjian 14 July 2022, 21:41:03 UTC doc: clarify how dropping of extensions affects dependent objs. Clarify that functions/procedures are dropped when any extension that depends on them is dropped. Reported-by: David G. Johnston Discussion: https://postgr.es/m/CAKFQuwbPSHMDGkisRUmewopweC1bFvytVqB=a=X4GFg=4ZWxPA@mail.gmail.com Backpatch-through: 13 14 July 2022, 21:41:03 UTC
e24ea2a Bruce Momjian 14 July 2022, 20:34:30 UTC pg_upgrade doc: mention that replication slots must be recreated Reported-by: Nikhil Shetty Discussion: https://postgr.es/m/CAFpL5Vxastip0Jei-K-=7cKXTg=5sahSe5g=om=x68NOX8+PUA@mail.gmail.com Backpatch-through: 10 14 July 2022, 20:34:30 UTC
fc130b8 Bruce Momjian 14 July 2022, 20:19:45 UTC doc: add documentation about ecpg Oracle-compatibility mode Reported-by: Takeshi Ideriha Discussion: https://postgr.es/m/TYCPR01MB7041A157067208327D8DAAF9EAA59@TYCPR01MB7041.jpnprd01.prod.outlook.com Backpatch-through: 11 14 July 2022, 20:19:45 UTC
5766443 Bruce Momjian 14 July 2022, 20:07:12 UTC doc: move system views section to its own chapter Previously it was inside the system catalogs chapter. Reported-by: Peter Smith Discussion: https://postgr.es/m/CAHut+PsMc18QP60D+L0hJBOXrLQT5m88yVaCDyxLq34gfPHsow@mail.gmail.com Backpatch-through: 15 14 July 2022, 20:07:12 UTC
back to top