box: forbid TCL statements in transactional triggers
User is not allowed to execute TCL statements in on_commit and on_rollback triggers - it is documented UB. However, this prohibition can be easily overseen: one could, for example, try to rollback current transaction if something is not OK in on_commit trigger. So let's check if TCL statements are not executed in transactional triggers. The commit introduces a new helper `txn_check_can_complete` - it is required because there are cases when transaction cannot be continued (txn_check_can_continue will return error) but it's allowed to try to commit or rollback it. Example: when MVCC aborts a transaction due to conflict, the result is not observed by user. So he cannot execute new statements in the transaction, but we cannot forbid to try to commit the transaction - only then the error will be observed and the transaction will be actually completed (rolled back due to conflict). But after the attempt to commit the transaction, we must forbid to try to complete it again - it will lead to UB. Along the way, the commit removes unnecessary check in function `box_txn_rollback`. Closes #7331 NO_DOC=bugfix
Showing
- changelogs/unreleased/gh-9186-7331-forbid-db-access-and-txn-control-in-txn-triggers.md 5 additions, 0 deletions...-7331-forbid-db-access-and-txn-control-in-txn-triggers.md
- src/box/txn.c 19 additions, 1 deletionsrc/box/txn.c
- src/box/txn.h 28 additions, 0 deletionssrc/box/txn.h
- test/box-luatest/gh_9186_7331_forbid_database_access_in_txn_triggers_test.lua 12 additions, 1 deletion...9186_7331_forbid_database_access_in_txn_triggers_test.lua
Loading
Please register or sign in to comment