| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Noah Misch <noah(at)leadboat(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Chad Wagner <chad(dot)wagner(at)gmail(dot)com> |
| Subject: | Re: Preventing tuple-table leakage in plpgsql |
| Date: | 2013-07-23 02:02:30 |
| Message-ID: | 17675.1374544950@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Noah Misch <noah(at)leadboat(dot)com> writes:
> On Sun, Jul 21, 2013 at 12:40:38PM -0400, Tom Lane wrote:
>> Hmm ... good point. The other plan I'd been considering was to add
>> explicit tracking inside spi.c of all tuple tables created within the
>> current procedure, and then have AtEOSubXact_SPI flush any that were
>> created inside a failed subxact.
> Is there reason to believe we wouldn't eventually find a half dozen other
> allocations calling for similar bespoke treatment? Does something make tuple
> tables special among memory allocations, or are they just the garden-variety
> allocation that happens to bother the test case at hand?
It's hard to speculate about the memory management habits of third-party
SPI-using code. But in plpgsql, the convention is that random bits of
memory should be allocated in a short-term context separate from the SPI
procCxt --- typically, the estate->eval_econtext expression context,
which exec_stmt_block already takes care to clean up when catching an
exception. So the problem is that that doesn't work for tuple tables,
which have procCxt lifespan. The fact that they tend to be big (at
least 8K apiece) compounds the issue.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Smith | 2013-07-23 02:17:38 | Re: [9.4 CF 1] And then there were 5 |
| Previous Message | Noah Misch | 2013-07-23 01:38:35 | Re: Preventing tuple-table leakage in plpgsql |