Re: Are ctid chaining loops safe without relation size checks? - Mailing list pgsql-hackers

From Andres Freund
Subject Re: Are ctid chaining loops safe without relation size checks?
Date
Msg-id 20190515214720.yshh2ht3fzhok2lc@alap3.anarazel.de
Whole thread Raw
In response to Re: Are ctid chaining loops safe without relation size checks?  (Alvaro Herrera <alvherre@2ndquadrant.com>)
List pgsql-hackers
Hi,

On 2019-05-15 15:07:13 -0400, Alvaro Herrera wrote:
> On 2019-May-15, Andres Freund wrote:
> 
> > -    blk = ItemPointerGetBlockNumber(tid);
> > -    if (blk >= RelationGetNumberOfBlocks(relation))
> > -        elog(ERROR, "block number %u is out of range for relation \"%s\"",
> > -             blk, RelationGetRelationName(relation));
> > 
> > Which I dutifully rewrote. But I'm actually not sure it's safe at all
> > for heap to rely on t_ctid links to be valid. What prevents a ctid link
> > to point to a page that's since been truncated away?
> 
> Umm .. IIUC all index entries for truncated pages should have been
> removed prior to the truncation.  Otherwise, how would those index
> entries not become immediately data corruption the instant the heap is
> re-grown to cover those truncated pages?  So I think if the TID comes
> directly from user then this is a check worth doing, but if the TID
> comes from an index, then it isn't.

I'm not sure how indexes come into play here? For one, I don't think
heap_get_latest_tid() is called straight on a tuple returned from an
index scan. But also, I don't think that'd change much - it's not the
tid that's passed to heap_get_latest_tid() that's the problem, it's the
tuples it chains to via t_ctid.

Greetings,

Andres Freund



pgsql-hackers by date:

Previous
From: Thomas Munro
Date:
Subject: Re: pgsql: Compute XID horizon for page level index vacuum on primary.
Next
From: Tom Lane
Date:
Subject: Re: more message fixes