| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Avoid testing tuple visibility without buffer lock in RI_FKey_ch |
| Date: | 2016-10-23 19:02:38 |
| Message-ID: | E1byO2Y-00040q-1y@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Avoid testing tuple visibility without buffer lock in RI_FKey_check().
Despite the argumentation I wrote in commit 7a2fe85b0, it's unsafe to do
this, because in corner cases it's possible for HeapTupleSatisfiesSelf
to try to set hint bits on the target tuple; and at least since 8.2 we
have required the buffer content lock to be held while setting hint bits.
The added regression test exercises one such corner case. Unpatched, it
causes an assertion failure in assert-enabled builds, or otherwise would
cause a hint bit change in a buffer we don't hold lock on, which given
the right race condition could result in checksum failures or other data
consistency problems. The odds of a problem in the field are probably
pretty small, but nonetheless back-patch to all supported branches.
Report: <19391(dot)1477244876(at)sss(dot)pgh(dot)pa(dot)us>
Branch
------
REL9_1_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/d4fa18a551a11a4193bbe91d691952a82549bafc
Modified Files
--------------
src/backend/utils/adt/ri_triggers.c | 20 +++++++++-----------
src/test/regress/expected/foreign_key.out | 22 ++++++++++++++++++++++
src/test/regress/sql/foreign_key.sql | 23 +++++++++++++++++++++++
3 files changed, 54 insertions(+), 11 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2016-10-23 19:22:57 | Re: pgsql: Use OpenSSL EVP API for symmetric encryption in pgcrypto. |
| Previous Message | Magnus Hagander | 2016-10-23 16:06:05 | pgsql: Rename walmethod fsync method to sync |