public inbox for [email protected]
help / color / mirror / Atom feedFrom: Sami Imseih <[email protected]>
To: Alexander Lakhin <[email protected]>
Cc: Nathan Bossart <[email protected]>
Cc: Bharath Rupireddy <[email protected]>
Cc: Robert Treat <[email protected]>
Cc: [email protected]
Cc: pgsql-hackers <[email protected]>
Subject: Re: Add pg_stat_autovacuum_priority
Date: Wed, 8 Apr 2026 13:14:42 -0500
Message-ID: <CAA5RZ0vsO9ZtSwoQdug390sLyVhDku9ZLCAWeCdX4KP0rQ1Ghg@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <ac_vLKVgs4RYK1P-@nathan>
<CAA5RZ0sCRjH3xkHFdSXnKysdMZXFyaS_094+K-O_rr4Fkmwc=Q@mail.gmail.com>
<adB6FQeoUst6gHA0@nathan>
<CAA5RZ0t6bCR6Pasd_eWqXvyUmrNDWmHUy1yN_Po-c4+b9BtBqQ@mail.gmail.com>
<adEhRzu4YM7ztLXr@nathan>
<CAA5RZ0vxby2osMMaCuZ=680tmt583cF9n4rOzTGdsiS-1PJknA@mail.gmail.com>
<adE9RbcA7lhH_w2d@nathan>
<CAA5RZ0tYzPDeXbqz9uKacRV2xjD055qrg=s3w2PEQPK8EruuSg@mail.gmail.com>
<adFiCgN22xJ7Z-oR@nathan>
<CAA5RZ0vRP-W2wJD2OxEb-=VGj2sp5pMCqHQg9YJiuDVPhaY5jQ@mail.gmail.com>
<adQsdvPPNviWMCXb@nathan>
<[email protected]>
> 07.04.2026 00:58, Nathan Bossart wrote:
> > Committed after some more editorialization.
>
> Please look at a new anomaly, I and SQLsmith have discovered:
> SELECT (SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1),
> (SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1);
> ERROR: detected double pfree in PgStat Snapshot 0x5f6fa4d95d50
oops, nice catch!
With the default stats_fetch_consistency setting of
PGSTAT_FETCH_CONSISTENCY_CACHE,
the stats returned by pgstat_fetch_entry() are allocated in the
snapshot's memory context,
so they get free'd when the snapshot is cleared by pgstat_clear_snapshot().
That means inside relation_needs_vacanalyze() we should only
pfree(tabentry) when
pgstat_fetch_consistency is PGSTAT_FETCH_CONSISTENCY_NONE,
as in that mode the stats are palloc'd in the caller's memory context
and must be freed explicitly.
autovacuum.c forces pgstat_fetch_consistency to PGSTAT_FETCH_CONSISTENCY_NONE
for the autovacuum launcher, so the pfree() was never an issue there.
I don't think we should do the same for pg_stat_get_autovacuum_scores
, as we should
not override the users intentions for fetch consistency, and also it
would complicate the
view greatly as we must force a _NONE consistency and a PG_TRY/PG_CATCH
to restore the original mode.
Attached is the fix:
postgres=# set stats_fetch_consistency = NONE;
SET
postgres=# SELECT (SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1),
(SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1);
score | score
---------+---------
8.5e-08 | 8.5e-08
(1 row)
postgres=# set stats_fetch_consistency = snapshot;
SET
postgres=# SELECT (SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1),
(SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1);
score | score
---------+---------
8.5e-08 | 8.5e-08
(1 row)
postgres=# set stats_fetch_consistency = cache;
SET
postgres=# SELECT (SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1),
(SELECT score FROM pg_stat_get_autovacuum_scores() LIMIT 1);
score | score
---------+---------
8.5e-08 | 8.5e-08
(1 row)
Attachments:
[application/octet-stream] v1-0001-Fix-double-free-in-relation_needs_vacanalyze.patch (1.4K, 2-v1-0001-Fix-double-free-in-relation_needs_vacanalyze.patch)
download | inline diff:
From abc19158da02689c3c12082519bf85f11ab96feb Mon Sep 17 00:00:00 2001
From: Sami Imseih <[email protected]>
Date: Wed, 8 Apr 2026 18:06:46 +0000
Subject: [PATCH v1 1/1] Fix double free in relation_needs_vacanalyze
When relation_needs_vacanalyze is executed multiple times with
stat_fetch_consistency other than NONE, a double free occurs
for the table stats. First in relation_needs_vacanalyze, then
when the snapshot's memory context is freed. In the NONE case,
the snapshot is stored in the caller's memory context, so it's
the caller's responsibility to free the memory.
Fix this by only calling pfree inside relation_needs_vacanalyze
when stat_fetch_consistency is NONE.
---
src/backend/postmaster/autovacuum.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/backend/postmaster/autovacuum.c b/src/backend/postmaster/autovacuum.c
index bd626a16363..b1d12e3a61c 100644
--- a/src/backend/postmaster/autovacuum.c
+++ b/src/backend/postmaster/autovacuum.c
@@ -3327,7 +3327,13 @@ relation_needs_vacanalyze(Oid relid,
anltuples, anlthresh, scores->anl,
scores->xid, scores->mxid);
- pfree(tabentry);
+ /*
+ * In PGSTAT_FETCH_CONSISTENCY_NONE mode, stats are palloc'd in the
+ * caller's memory context and must be freed explicitly. In other modes,
+ * they are managed by the snapshot's memory context.
+ */
+ if (pgstat_fetch_consistency == PGSTAT_FETCH_CONSISTENCY_NONE)
+ pfree(tabentry);
}
/*
--
2.50.1
view thread (60+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Add pg_stat_autovacuum_priority
In-Reply-To: <CAA5RZ0vsO9ZtSwoQdug390sLyVhDku9ZLCAWeCdX4KP0rQ1Ghg@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox