Fix possible page corruption by ALTER TABLE .. SET TABLESPACE.

If a zeroed page is present in the heap, ALTER TABLE .. SET TABLESPACE will
set the LSN and TLI while copying it, which is wrong, and heap_xlog_newpage()
will do the same thing during replay, so the corruption propagates to any
standby.  Note, however, that the bug can't be demonstrated unless archiving
is enabled, since in that case we skip WAL logging altogether, and the LSN/TLI
are not set.

Back-patch to 8.0; prior releases do not have tablespaces.

Analysis and patch by Jeff Davis.  Adjustments for back-branches and minor
wordsmithing by me.

diff --git a/src/backend/access/heap/heapam.c b/src/backend/access/heap/heapam.c
index e87e0964190c61212af6ee8b50e358c485fbd1f1..5294f30016fd7e48549601525f1d93f47c92d71f 100644 (file)
--- a/src/backend/access/heap/heapam.c
+++ b/src/backend/access/heap/heapam.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/access/heap/heapam.c,v 1.277.2.2 2010/05/02 22:28:11 tgl Exp $
+ *       $PostgreSQL: pgsql/src/backend/access/heap/heapam.c,v 1.277.2.3 2010/07/29 16:14:55 rhaas Exp $
  *
  *
  * INTERFACE ROUTINES
@@ -4059,8 +4059,15 @@ log_newpage(RelFileNode *rnode, ForkNumber forkNum, BlockNumber blkno,
 
        recptr = XLogInsert(RM_HEAP_ID, XLOG_HEAP_NEWPAGE, rdata);
 
-       PageSetLSN(page, recptr);
-       PageSetTLI(page, ThisTimeLineID);
+       /*
+        * The page may be uninitialized. If so, we can't set the LSN
+        * and TLI because that would corrupt the page.
+        */
+       if (!PageIsNew(page))
+       {
+               PageSetLSN(page, recptr);
+               PageSetTLI(page, ThisTimeLineID);
+       }
 
        END_CRIT_SECTION();
 
@@ -4204,8 +4211,16 @@ heap_xlog_newpage(XLogRecPtr lsn, XLogRecord *record)
        Assert(record->xl_len == SizeOfHeapNewpage + BLCKSZ);
        memcpy(page, (char *) xlrec + SizeOfHeapNewpage, BLCKSZ);
 
-       PageSetLSN(page, lsn);
-       PageSetTLI(page, ThisTimeLineID);
+       /*
+        * The page may be uninitialized. If so, we can't set the LSN
+        * and TLI because that would corrupt the page.
+        */
+       if (!PageIsNew(page))
+       {
+               PageSetLSN(page, lsn);
+               PageSetTLI(page, ThisTimeLineID);
+       }
+
        MarkBufferDirty(buffer);
        UnlockReleaseBuffer(buffer);
 }