Bump org.postgresql:postgresql from 42.5.1 to 42.5.5#1
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.1 to 42.5.5. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.5.1...REL42.5.5) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-version: 42.5.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Author
|
Superseded by #3. |
dependabot
Bot
deleted the
dependabot/maven/org.postgresql-postgresql-42.5.5
branch
fm4v
added a commit
to fm4v/sqlancer
that referenced
this pull request
May 19, 2026
Three structural issues surfaced during the first 25-oracle 15-minute run
and three regressions from W3 (ANY/SEMI join expansion) surfaced once the
existing TLP / NoREC / SEMR oracles started picking the new join types.
Fixes here are scope-minimal: each addresses one observed failure mode
with the smallest change that actually held up across a re-run.
* ClickHouseProvider.getDatabaseName(): when the comma-joined --oracle
list has 25 entries, the resulting database name plus the appended ".sql.tmp"
metadata suffix overflows the ext4 255-byte filename limit. ClickHouse
surfaces this as "Code: 458 CANNOT_UNLINK" on every DROP/CREATE DATABASE
and the worker thread dies. Substitute a stable short hash when the
suffix would push the name past 200 bytes; single-oracle runs keep the
readable suffix.
* ClickHouseProvider: max_execution_time lowered from 120s to 30s. With
the W3 JOIN-shape expansion the generator now emits multi-table FROM
clauses ("SELECT * FROM t1, t2, t3") regularly; at 120s the Cartesian
result can monopolise a worker thread for the full 2 minutes draining
the JDBC stream. 30s preserves the "clean TIMEOUT_EXCEEDED rather than
ambiguous socket_timeout" property of the original cap with bounded
per-thread blockage.
* ClickHouseExpressionGenerator.getRandomJoinClauses (both call sites):
restrict the random pick to DETERMINISTIC_JOIN_TYPES. ANY / SEMI break
TLP / NoREC / SEMR multiset equality by construction (their per-row
match choice is algorithm-dispatched); the dedicated JoinAlgorithm
oracle already filters these at oracle level. Caught as TLPWhere
"size of the result sets mismatch" with RIGHT ANY JOIN in run ClickHouse#1.
Plus three disk-pressure mitigations for the dev container (.claude/
clickhouse-config/). Without them, a 6-thread 15-minute run produces
~1 GB of /var/lib/clickhouse + /var/log/clickhouse-server cruft (>98%
observability, not user data); with them, ~150 MB:
- log_level.xml drops the server file logger from trace to warning.
Kills ~80% of system.text_log growth (the table-shaped mirror of the
file logger). File-log growth is dampened too but is dominated by
ERROR-level stack traces from sqlancer's malformed queries, which the
level cap can't touch.
- trace_log_disabled.xml uses <trace_log remove="remove"/> to remove the
table at config-merge time. On a fresh container the table does not
exist; on a retrofit the write pipeline is short-circuited and the
table sits at 0 rows.
- system_log_ttl.xml caps processors_profile_log retention at 1 hour via
the config-driven <ttl> element. ALTER TABLE ... MODIFY TTL is NOT
durable for system tables (observed on 26.5.1.805) -- the server
reapplies the config-defined engine on restart and the ALTER is lost.
clickhouse-disk-cleanup.sh is the manual sibling: idempotent, drops
orphan sqlancer databases + truncates system *_log tables + in-place
truncates the file logs. Used between long runs.
CLAUDE.md docker-run snippet updated to mount the three XML files
individually into /etc/clickhouse-server/config.d/ (subdirectory mounts
don't work -- ClickHouse's config processor scans flat *.xml only).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps org.postgresql:postgresql from 42.5.1 to 42.5.5.
Release notes
Sourced from org.postgresql:postgresql's releases.
... (truncated)
Changelog
Sourced from org.postgresql:postgresql's changelog.
... (truncated)
Commits
475e3e2Merge pull request from GHSA-24rp-q3w6-vc561b1d6b5Merge pull request from GHSA-24rp-q3w6-vc56051ae1bUpdate docs for Release 42.5.4 (#2812)3d13b43fix: fix testGetSQLTypeQueryCache by searching for xid type. We used to searc...24e9ce3Make sure that github CI runs tests on all PRs (#2809)9980a95Revert "fix: fix testGetSQLTypeQueryCache by searching for xid type. (#2805)"...fad8664fix: fix testGetSQLTypeQueryCache by searching for xid type. (#2805)1000ad4apply doc changes from PR #2743 to release/42.5.x (#2753)976b27bminor changes (#2752)d2f77a2update changelog and docs for release (#2751)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.