On Sun, 2026-04-05 at 11:06 -0400, Andrew Dunstan wrote:
> Pushed. I have moved the remaining get_*_ddl items to PG20-1
The line:
role_settings = DatumGetArrayTypeP(datum);
should be DatumGetArrayTypePCopy(), because it's being pfree()d later.
The existing code will sometimes make a copy and sometimes not, e.g.:
-- settings are contrived to make the datum inline
CREATE USER u1;
ALTER ROLE u1 SET search_path = 'public, pg_catalog, pg_temp';
ALTER ROLE u1 SET work_mem='64MB';
ALTER ROLE u1 SET statement_timeout='30s';
ALTER ROLE u1 SET lock_timeout='10s';
ALTER ROLE u1 SET idle_in_transaction_session_timeout = '60s';
SELECT pg_get_role_ddl('u1');
ERROR: pfree called with invalid pointer 0x7986dd0c7cc8 (header
0x0000400600000000)
Yes, it appears to be a bug. Attached a patch to fix this. Tested with the
attached patch and don't see server crashing after that.
postgres=# CREATE DATABASE crashtest TEMPLATE template0 LC_COLLATE 'C' LC_CTYPE 'C';
ALTER DATABASE crashtest SET search_path = 'public, pg_catalog';
ALTER DATABASE crashtest SET work_mem = '64MB';
ALTER DATABASE crashtest SET statement_timeout = '30s';
ALTER DATABASE crashtest SET random_page_cost = 1.5;
SELECT pg_get_database_ddl('crashtest');
CREATE DATABASE
ALTER DATABASE
ALTER DATABASE
ALTER DATABASE
ALTER DATABASE
pg_get_database_ddl
------------------------------------------------------------------------------------------------------------
CREATE DATABASE crashtest WITH TEMPLATE = template0 ENCODING = 'UTF8' LOCALE_PROVIDER = libc LOCALE = 'C';
ALTER DATABASE crashtest OWNER TO azureuser;
ALTER DATABASE crashtest SET search_path TO 'public, pg_catalog';
ALTER DATABASE crashtest SET work_mem TO '64MB';
ALTER DATABASE crashtest SET statement_timeout TO '30s';
ALTER DATABASE crashtest SET random_page_cost TO '1.5';
(6 rows)
Thanks,
Satya