Fix memory corruption/crash in ANALYZE.
This fixes an embarrassing oversight I (Andres) made in
737a292b,
namely missing two place where liverows/deadrows were used when
converting those variables to pointers, leading to incrementing the
pointer, rather than the value.
It's not that actually that easy to trigger a crash: One needs tuples
deleted by the current transaction, followed by a tuple deleted in
another session, all in one page. Which is presumably why this hasn't
been noticed before.
Reported-By: Steve Singer
Author: Steve Singer
Discussion: https://postgr.es/m/
c7988239-d42c-ddc4-41db-
171b23b35e4f@ssinger.info