Fix oversight in commit b5415e3c2187ab304390524f5ae66b4bd2c58279.

While rearranging code in tidpath.c, I overlooked the fact that we ought
to check restriction_is_securely_promotable when trying to use a join
clause as a TID qual.  Since tideq itself is leakproof, this wouldn't
really allow any interesting leak AFAICT, but it still seems like we
had better check it.

For consistency with the corresponding logic in indxpath.c, also
check rinfo->pseudoconstant.  I'm not sure right now that it's
possible for that to be set in a join clause, but if it were,
a match couldn't be made anyway.

diff --git a/src/backend/optimizer/path/tidpath.c b/src/backend/optimizer/path/tidpath.c
index 335de0a4c1d62029929d6c133dbc29366090cab5..4d39fa128d76e79849e097f4b212c722ba3fc425 100644 (file)
--- a/src/backend/optimizer/path/tidpath.c
+++ b/src/backend/optimizer/path/tidpath.c
@@ -329,9 +329,14 @@ BuildParameterizedTidPaths(PlannerInfo *root, RelOptInfo *rel, List *clauses)
         *
         * We currently consider only TidEqual join clauses.  In principle we
         * might find a suitable ScalarArrayOpExpr in the rel's joininfo list,
-        * but it seems unlikely to be worth checking for.
+        * but it seems unlikely to be worth expending the cycles to check.
+        * And we definitely won't find a CurrentOfExpr here.  Hence, we don't
+        * use TidQualFromRestrictInfo; but this must match that function
+        * otherwise.
         */
-       if (!IsTidEqualClause(rinfo, rel))
+       if (rinfo->pseudoconstant ||
+           !restriction_is_securely_promotable(rinfo, rel) ||
+           !IsTidEqualClause(rinfo, rel))
            continue;
 
        /*