From c28d96dfeb0884dff58b989fc0b869ee0f7806e5 Mon Sep 17 00:00:00 2001 From: Alvaro Herrera Date: Thu, 25 Nov 2021 16:19:42 -0300 Subject: [PATCH] Fix LSN in OVERWRITTEN_CONTRECORD If the record that was broken starts exactly at a page boundary, we write the byte position at which the record data appears (skipping the WAL page header), which isn't the actual LSN of the record. Repair. To avoid problems on production systems which might use the bogus code, change the test so that LSNs at page boundaries are also considered equal to the byte position for the record data. This means that if an unpatched server produces a bogus OVERWRITTEN_CONTRECORD, WAL replay can continue after upgrading to a server containing this patch. --- src/backend/access/transam/xlog.c | 9 ++++++++- src/backend/access/transam/xlogreader.c | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c index 5a8851a602..1f1ae23526 100644 --- a/src/backend/access/transam/xlog.c +++ b/src/backend/access/transam/xlog.c @@ -10706,7 +10706,14 @@ xlog_redo(XLogReaderState *record) static void VerifyOverwriteContrecord(xl_overwrite_contrecord *xlrec, XLogReaderState *state) { - if (xlrec->overwritten_lsn != state->overwrittenRecPtr) + /* + * 14.1 and sibling server versions wrote XLOG_OVERWRITE_CONTRECORD with a + * bogus recptr. See https://postgr.es/m/45597.1637694259@sss.pgh.pa.us for + * details. + */ + if (xlrec->overwritten_lsn != state->overwrittenRecPtr && + xlrec->overwritten_lsn - SizeOfXLogShortPHD != state->overwrittenRecPtr && + xlrec->overwritten_lsn - SizeOfXLogLongPHD != state->overwrittenRecPtr) elog(FATAL, "mismatching overwritten LSN %X/%X -> %X/%X", LSN_FORMAT_ARGS(xlrec->overwritten_lsn), LSN_FORMAT_ARGS(state->overwrittenRecPtr)); diff --git a/src/backend/access/transam/xlogreader.c b/src/backend/access/transam/xlogreader.c index f39f8044a9..4772cd1664 100644 --- a/src/backend/access/transam/xlogreader.c +++ b/src/backend/access/transam/xlogreader.c @@ -586,7 +586,7 @@ err: * in turn signal downstream WAL consumers that the broken WAL record * is to be ignored. */ - state->abortedRecPtr = RecPtr; + state->abortedRecPtr = state->currRecPtr; state->missingContrecPtr = targetPagePtr; } -- 2.30.2