| From: | David Rowley <dgrowleyml(at)gmail(dot)com> |
|---|---|
| To: | Yuri Zamyatin <yuri(at)yrz(dot)am> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, Amit Langote <amitlangote09(at)gmail(dot)com>, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #19078: Segfaults in tts_minimal_store_tuple() following pg_upgrade |
| Date: | 2025-10-17 21:45:06 |
| Message-ID: | CAApHDvo0T2BeC7o81sTKiZHr9f__KLu-DVRgcg=d-J9zpsb7UA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Sat, 18 Oct 2025 at 10:25, David Rowley <dgrowleyml(at)gmail(dot)com> wrote:
> If this fails then maybe we're using the wrong iterator somewhere in
> nodeAgg.c. I can't see any other way for the iterator's 'end' field to
> be bigger than the table's size.
I started looking for places that this could happen and quickly found
the following code:
/*
* Switch to next grouping set, reinitialize, and restart the
* loop.
*/
select_current_set(aggstate, nextset, true);
perhash = &aggstate->perhash[aggstate->current_set];
ResetTupleHashIterator(hashtable, &perhash->hashiter);
The hash table and the iterator for each set are meant to be in the
same AggStatePerHash, but the above code moves to the next set,
changes the "perhash" then resets the next iterator using the previous
hash table.
I think that line needs to be:
ResetTupleHashIterator(perhash->hashtable, &perhash->hashiter);
David
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Yuri Zamyatin | 2025-10-17 22:03:19 | Re: BUG #19078: Segfaults in tts_minimal_store_tuple() following pg_upgrade |
| Previous Message | David Rowley | 2025-10-17 21:25:25 | Re: BUG #19078: Segfaults in tts_minimal_store_tuple() following pg_upgrade |