On 04.05.2017 22:16, Tom Lane wrote:
> Nikita Glukhov <n.gluhov@postgrespro.ru> writes:
>> In gistrescan() IndexScanDesc.xs_hitup is not reset after MemoryContextReset() of
>> so->queueCxt in which xs_hitup was allocated, then getNextNearest() tries to pfree()
>> dangling xs_hitup, which results in the reuse of this pointer and the subsequent crash.
> Right. I already did something about this, about an hour ago --- a
> bit differently from your patch, but same idea.
>
> regards, tom lane
Sorry that I'm not monitoring pgsql-bugs.
It might be interesting that I found this bug back in July 2016 when I
was experimenting with my KNN-btree implementation, but I failed to report
it because I could reproduce it only manually by a calling in a loop
gistrescan() and gistgettuple().
--
Nikita Glukhov
Postgres Professional:http://www.postgrespro.com
The Russian Postgres Company
