forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commita858327
committed
Fix 32-bit build dangling pointer issue in WindowAgg
9d9c02c added window "run conditions", which allows the evaluation ofmonotonic window functions to be skipped when the run condition is nolonger true. Prior to this commit, once the run condition was no longertrue and we stopped evaluating the window functions, we simply just leftthe ecxt_aggvalues[] and ecxt_aggnulls[] arrays alone to store whatevervalue was stored there the last time the window function was evaluated.Leaving a stale value in there isn't really a problem on 64-bit builds asall of the window functions which we recognize as monotonic all returnint8, which is passed by value on 64-bit builds. However, on 32-bitbuilds, this was a problem as the value stored in the ecxt_values[]element would be a by-ref value and it would be pointing to some memorywhich would get reset once the tuple context is destroyed. Since theWindowAgg node will output these values in the resulting tupleslot, thiscould be problematic for the top-level WindowAgg node which must look atthese values to filter out the rows that don't meet its filter condition.Here we fix this by just zeroing the ecxt_aggvalues[] and setting theecxt_aggnulls[] array to true when the run condition first becomes false.This results in the WindowAgg's output having NULLs for the WindowFunc'scolumns rather than the stale or pointer pointing to possibly freedmemory. These tuples with the NULLs can only make it as far as thetop-level WindowAgg node before they're filtered out. To ensure thatthese tuples *are* always filtered out, we now insist that OpExprs makingup the run condition are strict OpExprs. Currently, all the windowfunctions which the planner recognizes as monotonic return INT8 and theoperator which is used for the run condition must be a member of a btreeopclass. In reality, these restrictions exclude nothing that's built-into Postgres and are unlikely to exclude anyone's custom operators due tothe requirement that the operator is part of a btree opclass. It would beunusual if those were not strict.Reported-by: Sergey Shinderuk, using valgrindReviewed-by: Richard Guo, Sergey ShinderukDiscussion:https://postgr.es/m/29184c50-429a-ebd7-f1fb-0589c6723a35@postgrespro.ruBackpatch-through: 15, where9d9c02c was added1 parent83a1a1b commita858327
File tree
2 files changed
+32
-0
lines changed- src/backend
- executor
- optimizer/path
2 files changed
+32
-0
lines changedLines changed: 20 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2300 | 2300 | | |
2301 | 2301 | | |
2302 | 2302 | | |
| 2303 | + | |
2303 | 2304 | | |
| 2305 | + | |
| 2306 | + | |
| 2307 | + | |
| 2308 | + | |
| 2309 | + | |
| 2310 | + | |
| 2311 | + | |
| 2312 | + | |
| 2313 | + | |
| 2314 | + | |
| 2315 | + | |
| 2316 | + | |
| 2317 | + | |
| 2318 | + | |
| 2319 | + | |
| 2320 | + | |
| 2321 | + | |
| 2322 | + | |
| 2323 | + | |
2304 | 2324 | | |
2305 | 2325 | | |
2306 | 2326 | | |
| |||
Lines changed: 12 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2399 | 2399 | | |
2400 | 2400 | | |
2401 | 2401 | | |
| 2402 | + | |
| 2403 | + | |
| 2404 | + | |
| 2405 | + | |
| 2406 | + | |
| 2407 | + | |
| 2408 | + | |
| 2409 | + | |
| 2410 | + | |
| 2411 | + | |
| 2412 | + | |
| 2413 | + | |
2402 | 2414 | | |
2403 | 2415 | | |
2404 | 2416 | | |
| |||
0 commit comments
Comments
(0)