Skip site navigation (1) Skip section navigation (2)

Re: Postgresql 8.3 beta crash

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Heikki Linnakangas <heikki(at)enterprisedb(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org, Sheikh Amjad <sheikhamjad(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>
Subject: Re: Postgresql 8.3 beta crash
Date: 2007-10-31 23:41:32
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
Heikki Linnakangas <heikki(at)enterprisedb(dot)com> writes:
> So my current theory is:

> In xmlelement(), we use ExecEvalExpr(), which in turn calls xml_parse. 
> xml_parse calls xmlCleanupParser(). But when we call ExecEvalExpr(), 
> we're in the middle of constructing an xml buffer, so calling 
> xmlCleanupBuffer() probably frees something we still need.

No, your first theory is closer to the mark.  What is happening is that
xmlelement neglects to call xml_init, therefore the various stuff
allocated by libxml is allocated using malloc().  Then xml_parse is
called, and it *does* do xml_init(), which calls xmlMemSetup.  Then
when we return to xmlelement and start freeing stuff, libxml tries
to use xml_pfree to free something it got from malloc().

I think that (1) we need a call to xml_init here, and hence also a
PG_TRY block; (2) there is a lot of stuff in xml_init that should be
one-time-only, why does it not have an "already done" flag?

			regards, tom lane

In response to


pgsql-hackers by date

Next:From: Tom LaneDate: 2007-10-31 23:44:16
Subject: Re: psql show dbsize?
Previous:From: Andrew DunstanDate: 2007-10-31 23:07:56
Subject: Re: psql show dbsize?

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group