]> git.ipfire.org Git - thirdparty/postgresql.git/commit
projects / thirdparty / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 09532a7) | patch
aio: io_uring: Fix danger of completion getting reused before being read
authorAndres Freund <andres@anarazel.de>
Thu, 15 Jan 2026 15:17:51 +0000 (10:17 -0500)
committerAndres Freund <andres@anarazel.de>
Thu, 15 Jan 2026 16:09:49 +0000 (11:09 -0500)
commit7f1b3a4cea563d791d8a83e5c482f1ed8306ee6a
treefc23e01b73f24e027686ec35fbcd6e028283055dtree | snapshot
parent09532a78b8c6b49b5176bc1cd4671c571520a8c8commit | diff
aio: io_uring: Fix danger of completion getting reused before being read

We called io_uring_cqe_seen(..., cqe) before reading cqe->res. That allows the
completion to be reused, which in turn could lead to cqe->res being
overwritten. The window for that is very narrow and the likelihood of it
happening is very low, as we should never actually utilize all CQEs, but the
consequences would be bad.

This bug was reported to me privately.

Backpatch-through: 18
Discussion: https://postgr.es/m/bwo3e5lj2dgi2wzq4yvbyzu7nmwueczvvzioqsqo6azu6lm5oy@pbx75g2ach3p
src/backend/storage/aio/method_io_uring.c diff | blob | blame | history
Mirror of https://git.postgresql.org/git/postgresql.git