From: Michael Paquier [mailto:mich...@paquier.xyz]
> By the way, as long as I have my mind of it.  Another strategy would be
> to just make the checks in XLogReadRecord() a bit smarter if the whole record
> header is not on the page.  If we check at least for
> AllocSizeIsValid(total_len) then there this code would not fail on an
> allocation as you user reported.  Still this misses the case where a record
> size is lower than 1GB but invalid so you would allocate allocate_recordbuf
> for nothing :(

That was my first thought, and I gave it up.  As you say, XLogReadRecord() 
could allocate up to 1 GB of memory for a garbage.  That allocation can fail 
due to memory shortage, which prevents the recovery from proceeding.


Regards
Takayuki Tsunakawa





Reply via email to