| From: | andrew(at)tao11(dot)riddles(dot)org(dot)uk |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #14174: Expanded-datum bug accessing freed memory |
| Date: | 2016-06-03 12:46:28 |
| Message-ID: | 20160603124628.9932.41279@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 14174
Logged by: Andrew Gierth
Email address: andrew(at)tao11(dot)riddles(dot)org(dot)uk
PostgreSQL version: 9.5.3
Operating system: any
Description:
This is a testcase distilled from a problem reported on IRC:
create or replace function afn1(integer) returns int[] language plpgsql
as $f$ declare r int[]; begin select into r array[$1,$1]; return r; end;
$f$;
create or replace function afn2(int[]) returns integer language plpgsql
as $f$ begin return $1[1]; end; $f$;
create or replace view v_test as select i, a from (select afn1(1) as a
offset 0) s, lateral afn2(a) i;
create function tstfn(integer) returns setof v_test language plpgsql
as $f$ begin return query select * from v_test where i=$1; end; $f$;
select * from tstfn(1);
ERROR: cache lookup failed for type 2139062143
(2139062143 = 0x7f7f7f7f, and I'm testing this on a cassert build, so this
is accessing freed memory somewhere - the original reporter was getting
"cache lookup failed for type 0" or a segfault)
If the "return r;" in afn1() is changed to "return r || '{}';", or if the
lateral call to afn2 is omitted, the problem is not apparent.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | james.beck | 2016-06-03 13:31:57 | BUG #14175: RPM Conflicts Origination from pgdg94 |
| Previous Message | furstenheim | 2016-06-03 10:37:44 | BUG #14173: Not using partitions with ANY(ARRAY[...]) |