On 13.11.2022 20:59, Pavel Stehule wrote: > fresh rebase
Hello,
Sorry, I haven't been following this thread, but I'd like to report a memory management bug. I couldn't apply the latest patches, so I tested with v20221104-1-* patches applied atop of commit b0284bfb1db.
postgres=# create variable s text default 'abc';
create function f() returns text as $$ begin return g(s); end; $$ language plpgsql;
create function g(t text) returns text as $$ begin let s = 'BOOM!'; return t; end; $$ language plpgsql;
select f(); CREATE VARIABLE CREATE FUNCTION CREATE FUNCTION server closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request.
LOG: server process (PID 55307) was terminated by signal 11: Segmentation fault DETAIL: Failed process was running: select f();
I believe it's a use-after-free error, triggered by assigning a new value to s in g(), thus making t a dangling pointer.
After reconnecting I get a scary error:
postgres=# select f(); ERROR: compressed pglz data is corrupt
I am able to reproduce it, and I have a quick fix, but I need to investigate i this fix will be correct
It's a good example so I have to always return a copy of value.
