po 14. 11. 2022 v 8:00 odesÃlatel Sergey Shinderuk < s.shinde...@postgrespro.ru> napsal:
> On 13.11.2022 20:59, Pavel Stehule wrote: > > fresh rebase > > Hello, > > Sorry, I haven't been following this thread, but I'd like to report a > memory management bug. I couldn't apply the latest patches, so I tested > with v20221104-1-* patches applied atop of commit b0284bfb1db. > > > postgres=# create variable s text default 'abc'; > > create function f() returns text as $$ > begin > return g(s); > end; > $$ language plpgsql; > > create function g(t text) returns text as $$ > begin > let s = 'BOOM!'; > return t; > end; > $$ language plpgsql; > > select f(); > CREATE VARIABLE > CREATE FUNCTION > CREATE FUNCTION > server closed the connection unexpectedly > This probably means the server terminated abnormally > before or while processing the request. > > LOG: server process (PID 55307) was terminated by signal 11: > Segmentation fault > DETAIL: Failed process was running: select f(); > > > I believe it's a use-after-free error, triggered by assigning a new > value to s in g(), thus making t a dangling pointer. > > After reconnecting I get a scary error: > > postgres=# select f(); > ERROR: compressed pglz data is corrupt > I am able to reproduce it, and I have a quick fix, but I need to investigate i this fix will be correct It's a good example so I have to always return a copy of value. Regards Pavel > > Best regards, > > -- > Sergey Shinderuk https://postgrespro.com/ > >
