| From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
|---|---|
| To: | Pg Bugs <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Segfault on exclusion constraint violation |
| Date: | 2015-02-02 13:50:04 |
| Message-ID: | 54CF808C.5080207@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
9.4 and master segfaults, if an insertion would need to wait for another
transaction to finish because of an exclusion constraint. To reproduce:
Run these in session A:
create extension btree_gist;
create table foo (i int4, constraint i_exclude exclude using gist (i
with =));
begin; insert into foo values (1);
leave the transaction open, and session B:
insert into foo values (1);
LOG: server process (PID 3690) was terminated by signal 11:
Segmentation fault
DETAIL: Failed process was running: insert into foo values (1);
LOG: terminating any other active server processes
gdb backtrace:
#0 0x000000000078520d in XactLockTableWait (xid=705, rel=0x7f2f6e835728,
ctid=0x7f7f7f7f7f7f7f8b, oper=XLTW_RecheckExclusionConstr) at
lmgr.c:515
#1 0x000000000064bd86 in check_exclusion_constraint (heap=0x7f2f6e835728,
index=0x7f2f6e837620, indexInfo=0x22187c0, tupleid=0x2219514,
values=0x7fffae880a10, isnull=0x7fffae8809f0 "", estate=0x2218228,
newIndex=0 '\000', errorOK=0 '\000') at execUtils.c:1310
#2 0x000000000064b9a9 in ExecInsertIndexTuples (slot=0x2218500,
tupleid=0x2219514, estate=0x2218228) at execUtils.c:1126
#3 0x000000000065f8c4 in ExecInsert (slot=0x2218500, planSlot=0x2218500,
estate=0x2218228, canSetTag=1 '\001') at nodeModifyTable.c:274
This only happens with assertions enabled. The culprit is commit
f88d4cfc9d417dac2ee41a8f5e593898e56fd2bd, which added the 'ctid'
argument to XactLockTableWait. check_exclusion_constraint calls
index_endscan() just before XactLockTableWait, but that free's the
memory the ctid points to.
The fix for this particular instance is trivial: copy the ctid to a
local variable before calling index_endscan. However, looking at the
other XactLockTableWait() and MultiXactIdWait() calls, there are more
questionable pointers being passed. Most point to heap tuples on disk
pages, after releasing the lock on the page, although not the pin. The
one in EvalPlanQualFetch releases the pin too.
I'll write up a patch to change those call sites to use local variables.
Hopefully it's trivial enough to still include in 9.4.1, although time
is really running out..
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | hans | 2015-02-02 14:31:16 | BUG #12730: pg_dump produces trailing spaces |
| Previous Message | jose.aladro | 2015-02-02 13:04:10 | BUG #12729: pgAdminIII - wrong window position in multi-monitor setup |