upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-15 22:10:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Andres Freund 3c92f7e9d8 Fix corruption due to vacuum_defer_cleanup_age underflowing 64bit xids 
When vacuum_defer_cleanup_age is bigger than the current xid, including the
epoch, the subtraction of vacuum_defer_cleanup_age would lead to a wrapped
around xid. While that normally is not a problem, the subsequent conversion to
a 64bit xid results in a 64bit-xid very far into the future. As that xid is
used as a horizon to detect whether rows versions are old enough to be
removed, that allows removal of rows that are still visible (i.e. corruption).

If vacuum_defer_cleanup_age was never changed from the default, there is no
chance of this bug occurring.

This bug was introduced in dc7420c2c9.  A lesser version of it exists in
12-13, introduced by fb5344c969, affecting only GiST.

The 12-13 version of the issue can, in rare cases, lead to pages in a gist
index getting recycled too early, potentially causing index entries to be
found multiple times.

The fix is fairly simple - don't allow vacuum_defer_cleanup_age to retreat
further than FirstNormalTransactionId.

Patches to make similar bugs easier to find, by adding asserts to the 64bit
xid infrastructure, have been proposed, but are not suitable for backpatching.

Currently there are no tests for vacuum_defer_cleanup_age. A patch introducing
infrastructure to make writing a test easier has been posted to the list.

Reported-by: Michail Nikolaev <michail.nikolaev@gmail.com>
Reviewed-by: Matthias van de Meent <boekewurm+postgres@gmail.com>
Author: Andres Freund <andres@anarazel.de>
Discussion: https://postgr.es/m/20230108002923.cyoser3ttmt63bfn@awork3.anarazel.de
Backpatch: 12-, but impact/fix is smaller for 12-13
2023-03-07 21:36:52 -08:00
..
backend Fix corruption due to vacuum_defer_cleanup_age underflowing 64bit xids 2023-03-07 21:36:52 -08:00
bin Make EXEC_BACKEND more convenient on Linux and FreeBSD. 2023-02-08 13:09:52 +09:00
common Make EXEC_BACKEND more convenient on Linux and FreeBSD. 2023-02-08 13:09:52 +09:00
fe_utils Clean up assorted failures under clang's -fsanitize=undefined checks. 2022-03-03 18:13:24 -05:00
include Fix MULTIEXPR_SUBLINK with partitioned target tables, yet again. 2023-02-25 14:44:14 -05:00
interfaces Fix handling of SCRAM-SHA-256's channel binding with RSA-PSS certificates 2023-02-15 10:12:38 +09:00
makefiles Select CFLAGS_SL at configure time, not in platform-specific Makefiles. 2019-10-21 12:32:35 -04:00
pl Translation updates 2023-02-06 12:21:32 +01:00
port Stamp 12.14. 2023-02-06 16:45:00 -05:00
template On NetBSD, force dynamic symbol resolution at postmaster start. 2022-08-30 17:29:13 -04:00
test Fix more bugs caused by adding columns to the end of a view. 2023-03-07 18:21:37 -05:00
timezone Update time zone data files to tzdata release 2022g. 2023-01-31 17:37:28 -05:00
tools Don't force SQL_ASCII/no-locale for installcheck in vcregress.pl 2023-02-26 06:52:09 -05:00
tutorial Doc: sync src/tutorial/basics.source with SGML documentation. 2022-11-19 13:09:14 -05:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Fix partial-build problems introduced by having more generated headers. 2018-04-09 16:42:10 -04:00
Makefile.global.in Prevent port collisions between concurrent TAP tests 2022-11-22 10:52:42 -05:00
Makefile.shlib Fix pkg-config files for static linking 2021-09-06 09:43:18 +02:00
nls-global.mk NLS: Fix backend gettext triggers 2019-09-23 09:05:50 +02:00