| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix list-manipulation bug in WITH RECURSIVE processing. |
| Date: | 2021-02-26 01:47:44 |
| Message-ID: | E1lFSEK-0007v6-JU@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix list-manipulation bug in WITH RECURSIVE processing.
makeDependencyGraphWalker and checkWellFormedRecursionWalker
thought they could hold onto a pointer to a list's first
cons cell while the list was modified by recursive calls.
That was okay when the cons cell was actually separately
palloc'd ... but since commit 1cff1b95a, it's quite unsafe,
leading to core dumps or incorrect complaints of faulty
WITH nesting.
In the field this'd require at least a seven-deep WITH nest
to cause an issue, but enabling DEBUG_LIST_MEMORY_USAGE
allows the bug to be seen with lesser nesting depths.
Per bug #16801 from Alexander Lakhin. Back-patch to v13.
Michael Paquier and Tom Lane
Discussion: https://postgr.es/m/16801-393c7922143eaa4d@postgresql.org
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/80ca8464fe02296c8efefd53746e6d6a3f456d1e
Modified Files
--------------
src/backend/parser/parse_cte.c | 12 ++++----
src/test/regress/expected/with.out | 59 ++++++++++++++++++++++++++++++++++++++
src/test/regress/sql/with.sql | 44 ++++++++++++++++++++++++++++
3 files changed, 109 insertions(+), 6 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2021-02-26 03:13:45 | pgsql: Revert "pg_collation_actual_version() -> pg_collation_current_ve |
| Previous Message | Peter Geoghegan | 2021-02-25 22:34:06 | pgsql: VACUUM VERBOSE: Count "newly deleted" index pages. |