io_uring: Fix danger of completion getting reused before being read

From: Andres Freund <andres(at)anarazel(dot)de>
To: pgsql-hackers(at)postgresql(dot)org
Subject: io_uring: Fix danger of completion getting reused before being read
Date: 2026-01-15 15:38:43
Message-ID: bwo3e5lj2dgi2wzq4yvbyzu7nmwueczvvzioqsqo6azu6lm5oy@pbx75g2ach3p
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi,

I privately got a report about a bug in method_io_uring.c:

We are calling io_uring_cqe_seen(..., cqe) before reading cqe->res. That
allows the completion to be reused, which in turn could lead to cqe->res being
overwritten. The window for that is very narrow and the likelihood of it
happening is very low, as we should never actually utilize all CQEs, but the
consequences would be bad.

I plan to push the fix soon-ish.

Greetings,

Andres Freund

Attachment Content-Type Size
v1-0001-aio-io_uring-Fix-danger-of-completion-getting-reu.patch text/x-diff 1.5 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Movead 2026-01-15 15:38:53 Re: Can we change pg_rewind used without wal_log_hints and data_checksums
Previous Message Matheus Alcantara 2026-01-15 15:29:28 Re: support ALTER COLUMN SET EXPRESSION over virtual generated column with check constraint