granicus.if.org Git - postgresql/commit

author	Alvaro Herrera <alvherre@alvh.no-ip.org>
	Wed, 18 Dec 2013 16:31:27 +0000 (13:31 -0300)
committer	Alvaro Herrera <alvherre@alvh.no-ip.org>
	Wed, 18 Dec 2013 16:31:27 +0000 (13:31 -0300)
commit	db1014bc46de21a6de1751b807ea084e607104ad
tree	6d2e5bbf0f8407dd8207e7c7411065c635a2cc05	tree \| snapshot
parent	8e9a16ab8f7f0e5813644975cc3f336e5b064b6e	commit \| diff

Don't ignore tuple locks propagated by our updates

If a tuple was locked by transaction A, and transaction B updated it,
the new version of the tuple created by B would be locked by A, yet
visible only to B; due to an oversight in HeapTupleSatisfiesUpdate, the
lock held by A wouldn't get checked if transaction B later deleted (or
key-updated) the new version of the tuple. This might cause referential
integrity checks to give false positives (that is, allow deletes that
should have been rejected).

This is an easy oversight to have made, because prior to improved tuple
locks in commit 0ac5ad5134f it wasn't possible to have tuples created by
our own transaction that were also locked by remote transactions, and so
locks weren't even considered in that code path.

It is recommended that foreign keys be rechecked manually in bulk after
installing this update, in case some referenced rows are missing with
some referencing row remaining.

Per bug reported by Daniel Wood in
CAPweHKe5QQ1747X2c0tA=5zf4YnS2xcvGf13Opd-1Mq24rF1cQ@mail.gmail.com

src/backend/access/transam/multixact.c		diff \| blob \| history
src/backend/utils/time/tqual.c		diff \| blob \| history
src/include/access/multixact.h		diff \| blob \| history
src/test/isolation/expected/propagate-lock-delete.out	[new file with mode: 0644]	blob
src/test/isolation/isolation_schedule		diff \| blob \| history
src/test/isolation/specs/propagate-lock-delete.spec	[new file with mode: 0644]	blob