| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | David Rowley <dgrowleyml(at)gmail(dot)com> |
| Cc: | kuzmin(dot)db4(at)gmail(dot)com, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #19438: segfault with temp_file_limit inside cursor |
| Date: | 2026-03-29 23:51:12 |
| Message-ID: | 1881853.1774828272@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
David Rowley <dgrowleyml(at)gmail(dot)com> writes:
> I looked at the code and tested. The only thing that I noted was
> GenerationFree(), where we do:
> /* Test for previously-freed chunk */
> if (unlikely(chunk->requested_size == InvalidAllocSize))
> elog(WARNING, "detected double pfree in %s %p",
> ((MemoryContext) block->context)->name, chunk);
> /* Test for someone scribbling on unused space in chunk */
> Assert(chunk->requested_size < chunksize);
> I expect you've likely thought of this, but if we do spit out the
> warning there, then the Assert is definitely going to fail, as
> InvalidAllocSize is defined as SIZE_MAX.
Yeah, I saw that after sending the patch. Not only would that
Assert fail, but without it, code below would go nuts too.
> I don't know if that means
> it's worth deviating from the similar WARNINGs you've added and making
> that one an ERROR. There's certainly no guarantee with the other
> context that we'll not crash sometime very soon after issuing the
> warning anyway, so maybe it's fine.
Seems like a reasonable answer. What do you think of making the
double-free cases ERRORs across the board? If we don't error out,
there will likely be cascading problems in all the mcxt types not
just this one.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Rowley | 2026-03-30 00:15:56 | Re: BUG #19438: segfault with temp_file_limit inside cursor |
| Previous Message | David Rowley | 2026-03-29 23:41:37 | Re: BUG #19438: segfault with temp_file_limit inside cursor |