Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-bugs-owner+archive@lists.postgresql.org>)
	id 1wbO1b-002VTt-2N
	for pgsql-bugs@arkaria.postgresql.org;
	Sun, 21 Jun 2026 19:40:11 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-bugs-owner+archive@lists.postgresql.org>)
	id 1wbO1Z-003ojf-1e
	for pgsql-bugs@arkaria.postgresql.org;
	Sun, 21 Jun 2026 19:40:09 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1wbO1Z-003ojT-0l
	for pgsql-bugs@lists.postgresql.org;
	Sun, 21 Jun 2026 19:40:09 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1wbO1X-00000001U20-255L
	for pgsql-bugs@lists.postgresql.org;
	Sun, 21 Jun 2026 19:40:07 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.18.1/8.18.1) with ESMTP id 65LJe4TQ381336;
	Sun, 21 Jun 2026 15:40:04 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: "Matheus Alcantara" <matheusssilv97@gmail.com>
cc: adoros@starfishstorage.com, pgsql-bugs@lists.postgresql.org
Subject: Re: BUG #19480: PL/Python SRF crashes (SIGSEGV) when function is
 replaced mid-iteration: use-after-free in PLy_funct
In-reply-to: <DJC60EHI0Y34.1ZTU7FGUMW6DQ@gmail.com>
References: <19480-f1f9fdce30462fc4@postgresql.org>
 <DIS405H05GE0.1OPMN9BEKKMS1@gmail.com> <982975.1779981146@sss.pgh.pa.us>
 <DIY2500FL0UW.Z4M7NYWMGGA4@gmail.com> <2868592.1780356411@sss.pgh.pa.us>
 <DJ1BFHKUC06G.1NO3D0WC9KBV6@gmail.com> <1149447.1781733399@sss.pgh.pa.us>
 <DJC60EHI0Y34.1ZTU7FGUMW6DQ@gmail.com>
Comments: In-reply-to "Matheus Alcantara" <matheusssilv97@gmail.com>
	message dated "Thu, 18 Jun 2026 09:13:57 -0300"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <381334.1782070804.1@sss.pgh.pa.us>
Date: Sun, 21 Jun 2026 15:40:04 -0400
Message-ID: <381335.1782070804@sss.pgh.pa.us>
List-Id: <pgsql-bugs.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-bugs@lists.postgresql.org>
List-Owner: <mailto:pgsql-bugs-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-bugs>
Archived-At: 
 <https://www.postgresql.org/message-id/381335.1782070804%40sss.pgh.pa.us>
Precedence: bulk

"Matheus Alcantara" <matheusssilv97@gmail.com> writes:
> Thanks for the review! I've tried to address all your points in the
> attached v2.

Pushed after a round of review.  I made some mostly-cosmetic changes,
such as rewriting comments (consolidating some stuff I thought was
duplicative).  The main thing I fixed that was an actual bug was
you were careless about lifespan of variables around PG_TRY blocks.
The rule of thumb is that if a variable is modified inside PG_TRY
and then used after that block (including in the PG_CATCH) then it
has to be marked volatile.  Where possible, I avoid using the
volatile marking by assigning the variable's value before PG_TRY.

> I've also added a regression test, not sure if there is a better way to
> exercise this fix but this test crash without this patch applied.

Kind of a hokey test, since it doesn't model the likely actual case
where the CREATE happens in another session, but this is as close as
we'll get without a much more complex test setup.  I kept it, and
also added another test that exercises the early-termination path,
since code coverage showed me that ShutdownPLyFunction() wasn't being
reached.

			regards, tom lane