| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: aio: io_uring: Fix danger of completion getting reused before be |
| Date: | 2026-01-15 16:10:37 |
| Message-ID: | E1vgPvg-000dZJ-11@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
aio: io_uring: Fix danger of completion getting reused before being read
We called io_uring_cqe_seen(..., cqe) before reading cqe->res. That allows the
completion to be reused, which in turn could lead to cqe->res being
overwritten. The window for that is very narrow and the likelihood of it
happening is very low, as we should never actually utilize all CQEs, but the
consequences would be bad.
This bug was reported to me privately.
Backpatch-through: 18
Discussion: https://postgr.es/m/bwo3e5lj2dgi2wzq4yvbyzu7nmwueczvvzioqsqo6azu6lm5oy@pbx75g2ach3p
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/8077649907d40b9831358d0c5121a8c58267a988
Modified Files
--------------
src/backend/storage/aio/method_io_uring.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bryan Green | 2026-01-15 16:21:50 | Re: pgsql: Enable Python Limited API for PL/Python on MSVC |
| Previous Message | Heikki Linnakangas | 2026-01-15 16:02:42 | pgsql: Wake up autovacuum launcher from postmaster when a worker exits |