diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2011-02-21 21:18:19 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2011-02-21 21:18:19 -0500 |
| commit | 1118e83198678c3c9dfeb4abb318dad239d6590e (patch) | |
| tree | 4021c795fb800fb703252d8cdf7cb44bd6da2746 /src/backend/access/gist/gistproc.c | |
| parent | 2b3a0630b54ff9970a7cd2c78a686015f9a53c0c (diff) | |
| download | postgresql-1118e83198678c3c9dfeb4abb318dad239d6590e.tar.gz postgresql-1118e83198678c3c9dfeb4abb318dad239d6590e.zip | |
Fix dangling-pointer problem in before-row update trigger processing.
ExecUpdate checked for whether ExecBRUpdateTriggers had returned a new
tuple value by seeing if the returned tuple was pointer-equal to the old
one. But the "old one" was in estate->es_junkFilter's result slot, which
would be scribbled on if we had done an EvalPlanQual update in response to
a concurrent update of the target tuple; therefore we were comparing a
dangling pointer to a live one. Given the right set of circumstances we
could get a false match, resulting in not forcing the tuple to be stored in
the slot we thought it was stored in. In the case reported by Maxim Boguk
in bug #5798, this led to "cannot extract system attribute from virtual
tuple" failures when trying to do "RETURNING ctid". I believe there is a
very-low-probability chance of more serious errors, such as generating
incorrect index entries based on the original rather than the
trigger-modified version of the row.
In HEAD, change all of ExecBRInsertTriggers, ExecIRInsertTriggers,
ExecBRUpdateTriggers, and ExecIRUpdateTriggers so that they continue to
have similar APIs. In the back branches I just changed
ExecBRUpdateTriggers, since there is no bug in the ExecBRInsertTriggers
case.
Diffstat (limited to 'src/backend/access/gist/gistproc.c')
0 files changed, 0 insertions, 0 deletions