Home > mailing lists

Bug in batch tuplesort memory CLUSTER case (9.6 only) - Mailing list pgsql-hackers

From	Peter Geoghegan
Subject	Bug in batch tuplesort memory CLUSTER case (9.6 only)
Date	June 27, 2016 07:14:18
Msg-id	CAM3SWZR8x=e=o3o+tH6Y1Eae3kpdK4dyod8D6MYT=yC4+O7U7Q@mail.gmail.com Whole thread Raw
Responses	Re: Bug in batch tuplesort memory CLUSTER case (9.6 only) (Noah Misch <noah@leadboat.com>)
List	pgsql-hackers

Tree view

In general, moving tuplesort.c batch memory caller tuples around
happens when batch memory needs to be recycled, or freed outright with
pfree().

I failed to take into account that CLUSTER tuplesorts need an extra
step when moving caller tuples to a new location (i.e. when moving
HeapTuple caller tuples using memmove()), because their particular
variety of caller tuple happens to itself contain a pointer to
palloc()'d memory. Attached patch fixes this use-after-free bug.

--
Peter Geoghegan

Attachment

0001-Fix-bug-in-batch-tuplesort-memory-with-CLUSTER.patch

pgsql-hackers by date:

From: Noah Misch
Date: 27 June 2016, 05:45:28
Subject: Re: primary_conninfo missing from pg_stat_wal_receiver

From: Amit Kapila
Date: 27 June 2016, 07:51:54
Subject: Re: Rename max_parallel_degree?

Bug in batch tuplesort memory CLUSTER case (9.6 only) - Mailing list pgsql-hackers

Attachment

Previous

Next