From 701ec555796884f6bd5d3ce67d927f52707ef9e6 Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Thu, 23 Mar 2023 15:29:28 -0400 Subject: [PATCH] amcheck: Fix verify_heapam for tuples where xmin or xmax is 0. In such cases, get_xid_status() doesn't set its output parameter (the third argument), so we shouldn't fall through to code which will test the value of that parameter. There are five existing calls to get_xid_status(), three of which seem to already handle this case properly. This commit tries to fix the other two. If we're checking xmin and find that it is invalid (i.e. 0) just report that as corruption, similar to what's already done in the three cases that seem correct. If we're checking xmax and find that's invalid, that's fine: it just means that the tuple hasn't been updated or deleted. Thanks to Andres Freund and valgrind for finding this problem, and also to Andres for having a look at the patch. This bug seems to go all the way back to where verify_heapam was first introduced, but wasn't detected until recently, possibly because of the new test cases added for update chain verification. Back-patch to v14, where this code showed up. Discussion: http://postgr.es/m/CA+TgmoZAYzQZqyUparXy_ks3OEOfLD9-bEXt8N-2tS1qghX9gQ@mail.gmail.com --- contrib/amcheck/verify_heapam.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/contrib/amcheck/verify_heapam.c b/contrib/amcheck/verify_heapam.c index a211b8a641..1d186d1e4d 100644 --- a/contrib/amcheck/verify_heapam.c +++ b/contrib/amcheck/verify_heapam.c @@ -739,6 +739,9 @@ check_tuple_visibility(HeapCheckContext *ctx) switch (get_xid_status(xmin, ctx, &xmin_status)) { case XID_INVALID: + report_corruption(ctx, + pstrdup("xmin is invalid")); + return false; case XID_BOUNDS_OK: break; case XID_IN_FUTURE: @@ -1074,6 +1077,9 @@ check_tuple_visibility(HeapCheckContext *ctx) xmax = HeapTupleHeaderGetRawXmax(tuphdr); switch (get_xid_status(xmax, ctx, &xmax_status)) { + case XID_INVALID: + ctx->tuple_could_be_pruned = false; + return true; case XID_IN_FUTURE: report_corruption(ctx, psprintf("xmax %u equals or exceeds next valid transaction ID %u:%u", @@ -1096,7 +1102,6 @@ check_tuple_visibility(HeapCheckContext *ctx) XidFromFullTransactionId(ctx->oldest_fxid))); return false; /* corrupt */ case XID_BOUNDS_OK: - case XID_INVALID: break; }