| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | root(at)simply(dot)name |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #12918: Segfault in BackendIdGetTransactionIds |
| Date: | 2015-03-30 16:33:47 |
| Message-ID: | 17494.1427733227@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
root(at)simply(dot)name writes:
> After upgrading from 9.3.6 to 9.4.1 (both installed from packages on
> yum.postgresql.org) we have started getting segfaults of different backends.
> Backtraces of all coredumps look similar:
> (gdb) bt
> #0 0x000000000066bf9b in BackendIdGetTransactionIds (backendID=<value
> optimized out>, xid=0x7f2a1b714798, xmin=0x7f2a1b71479c) at sinvaladt.c:426
> #1 0x00000000006287f4 in pgstat_read_current_status () at pgstat.c:2871
> #2 0x0000000000628879 in pgstat_fetch_stat_numbackends () at pgstat.c:2342
Hmm ... looks to me like BackendIdGetTransactionIds is simply busted.
It supposes that there are no inactive entries in the sinval array
within the range 0 .. lastBackend. But there can be, in which case
dereferencing stateP->proc crashes. The reason it's hard to reproduce
is the relatively narrow window between where pgstat_read_current_status
saw the backend as active and where we're inspecting its sinval entry.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vladimir Borodin | 2015-03-30 16:44:36 | Re: BUG #12918: Segfault in BackendIdGetTransactionIds |
| Previous Message | root | 2015-03-30 16:22:47 | BUG #12918: Segfault in BackendIdGetTransactionIds |