Quick Links

Re: BUG #15540: Use after release in ExecuteTruncateGuts

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	bianpan2016(at)163(dot)com
Cc:	pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject:	Re: BUG #15540: Use after release in ExecuteTruncateGuts
Date:	2018-12-07 16:09:05
Message-ID:	31125.1544198945@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

=?utf-8?q?PG_Bug_reporting_form?= <noreply(at)postgresql(dot)org> writes:
> The function ExecuteTruncateGuts drops the reference to rel via
> relation_close when toast_relid is valid. However, after that, rel is passed
> to pgstat_count_truncate. This may result in a use-after-release bug.

... and, even more to the point, the truncation stats count is incorrectly
applied to the toast table not its parent.

> Maybe,
> rel should be re-declared on the branch that toast_relid is valid.

Yeah, seems like the right way. Will fix.

Are you using a static analyzer to find these? I'm curious how
you noticed them.

regards, tom lane

In response to

BUG #15540: Use after release in ExecuteTruncateGuts at 2018-12-07 10:34:28 from PG Bug reporting form

Responses

Re: BUG #15540: Use after release in ExecuteTruncateGuts at 2018-12-07 17:22:46 from Alvaro Herrera
Re: BUG #15540: Use after release in ExecuteTruncateGuts at 2018-12-09 00:56:17 from PanBian

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Alvaro Herrera	2018-12-07 17:22:46	Re: BUG #15540: Use after release in ExecuteTruncateGuts
Previous Message	Tom Lane	2018-12-07 16:04:19	Re: BUG #15539: Deadcode in OpenTableList