diff options
| author | Thomas Munro <tmunro@postgresql.org> | 2023-07-03 16:16:27 +1200 |
|---|---|---|
| committer | Thomas Munro <tmunro@postgresql.org> | 2023-07-04 09:20:55 +1200 |
| commit | 8f705d7b9d01a0b9ab350bca9fc17ded333faca9 (patch) | |
| tree | 31f8613905bc238290262bee11ce14412ad04f70 | |
| parent | 753f20c179f7be94a335e9dc67a5d58c6036d119 (diff) | |
| download | postgresql-8f705d7b9d01a0b9ab350bca9fc17ded333faca9.tar.gz postgresql-8f705d7b9d01a0b9ab350bca9fc17ded333faca9.zip | |
Fix race in SSI interaction with empty btrees.
When predicate-locking btrees, we have a special case for completely
empty btrees, since there is no page to lock. This was racy, because,
without buffer lock held, a matching key could be inserted between the
_bt_search() and the PredicateLockRelation() calls.
Fix, by rechecking _bt_search() after taking the relation-level SIREAD
lock, if using SERIALIZABLE isolation and an empty btree is discovered.
Back-patch to all supported releases. Fixes one aspect of bug #17949.
Reported-by: Artem Anisimov <artem.anisimov.255@gmail.com>
Reviewed-by: Dmitry Dolgov <9erthalion6@gmail.com>
Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
Discussion: https://postgr.es/m/17949-a0f17035294a55e2%40postgresql.org
| -rw-r--r-- | src/backend/access/nbtree/nbtsearch.c | 39 |
1 files changed, 26 insertions, 13 deletions
diff --git a/src/backend/access/nbtree/nbtsearch.c b/src/backend/access/nbtree/nbtsearch.c index 8b2aad4d2b2..318487c29bf 100644 --- a/src/backend/access/nbtree/nbtsearch.c +++ b/src/backend/access/nbtree/nbtsearch.c @@ -17,6 +17,7 @@ #include "access/nbtree.h" #include "access/relscan.h" +#include "access/xact.h" #include "miscadmin.h" #include "pgstat.h" #include "storage/predicate.h" @@ -1381,22 +1382,34 @@ _bt_first(IndexScanDesc scan, ScanDirection dir) { /* * We only get here if the index is completely empty. Lock relation - * because nothing finer to lock exists. + * because nothing finer to lock exists. Without a buffer lock, it's + * possible for another transaction to insert data between + * _bt_search() and PredicateLockRelation(). We have to try again + * after taking the relation-level predicate lock, to close a narrow + * window where we wouldn't scan concurrently inserted tuples, but the + * writer wouldn't see our predicate lock. */ - PredicateLockRelation(rel, scan->xs_snapshot); - - /* - * mark parallel scan as done, so that all the workers can finish - * their scan - */ - _bt_parallel_done(scan); - BTScanPosInvalidate(so->currPos); + if (IsolationIsSerializable()) + { + PredicateLockRelation(rel, scan->xs_snapshot); + stack = _bt_search(rel, &inskey, &buf, BT_READ, + scan->xs_snapshot); + _bt_freestack(stack); + } - return false; + if (!BufferIsValid(buf)) + { + /* + * Mark parallel scan as done, so that all the workers can finish + * their scan. + */ + _bt_parallel_done(scan); + BTScanPosInvalidate(so->currPos); + return false; + } } - else - PredicateLockPage(rel, BufferGetBlockNumber(buf), - scan->xs_snapshot); + + PredicateLockPage(rel, BufferGetBlockNumber(buf), scan->xs_snapshot); _bt_initialize_more_data(so, dir); |