On 13.11.2022 20:59, Pavel Stehule wrote:
> fresh rebase
Hello,
Sorry, I haven't been following this thread, but I'd like to report a
memory management bug. I couldn't apply the latest patches, so I tested
with v20221104-1-* patches applied atop of commit b0284bfb1db.
postgres=# create variable s text default 'abc';
create function f() returns text as $$
begin
return g(s);
end;
$$ language plpgsql;
create function g(t text) returns text as $$
begin
let s = 'BOOM!';
return t;
end;
$$ language plpgsql;
select f();
CREATE VARIABLE
CREATE FUNCTION
CREATE FUNCTION
server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.
LOG: server process (PID 55307) was terminated by signal 11:
Segmentation fault
DETAIL: Failed process was running: select f();
I believe it's a use-after-free error, triggered by assigning a new
value to s in g(), thus making t a dangling pointer.
After reconnecting I get a scary error:
postgres=# select f();
ERROR: compressed pglz data is corrupt
Best regards,
--
Sergey Shinderuk https://postgrespro.com/
