Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit fa675af

Browse filesBrowse files
petergeogheganpetergeoghegan
committed
Harden nbtree deduplication posting split code.
Add a defensive "can't happen" error to code that handles nbtree posting list splits (promote an existing assertion). This avoids a segfault in the event of an insertion of a newitem that is somehow identical to an existing non-pivot tuple in the index. An nbtree index should never have two index tuples with identical TIDs. This scenario is not particular unlikely in the event of any kind of corruption that leaves the index in an inconsistent state relative to the heap relation that is indexed. There are two known reports of preventable hard crashes. Doing nothing seems unacceptable given the general expectation that nbtree will cope reasonably well with corrupt data. Discussion: https://postgr.es/m/CAH2-Wz=Jr_d-dOYEEmwz0-ifojVNWho01eAqewfQXgKfoe114w@mail.gmail.com Backpatch: 13-, where nbtree deduplication was introduced.
1 parent 6a4c071 commit fa675af
Copy full SHA for fa675af

File tree

Expand file treeCollapse file tree

1 file changed

+13
-1
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+13
-1
lines changed

‎src/backend/access/nbtree/nbtdedup.c

Copy file name to clipboardExpand all lines: src/backend/access/nbtree/nbtdedup.c
+13-1Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -781,7 +781,19 @@ _bt_swap_posting(IndexTuple newitem, IndexTuple oposting, int postingoff)
781781

782782
nhtids = BTreeTupleGetNPosting(oposting);
783783
Assert(_bt_posting_valid(oposting));
784-
Assert(postingoff > 0 && postingoff < nhtids);
784+
785+
/*
786+
* The postingoff argument originated as a _bt_binsrch_posting() return
787+
* value. It will be 0 in the event of corruption that makes a leaf page
788+
* contain a non-pivot tuple that's somehow identical to newitem (no two
789+
* non-pivot tuples should ever have the same TID). This has been known
790+
* to happen in the field from time to time.
791+
*
792+
* Perform a basic sanity check to catch this case now.
793+
*/
794+
if (!(postingoff > 0 && postingoff < nhtids))
795+
elog(ERROR, "posting list tuple with %d items cannot be split at offset %d",
796+
nhtids, postingoff);
785797

786798
/*
787799
* Move item pointers in posting list to make a gap for the new item's

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.