Quick Links

BUG #16122: segfault pg_detoast_datum (datum=0x0) at fmgr.c:1833 numrange query

From:	PG Bug reporting form <noreply(at)postgresql(dot)org>
To:	pgsql-bugs(at)lists(dot)postgresql(dot)org
Cc:	adam(dot)c(dot)scott(at)gmail(dot)com
Subject:	BUG #16122: segfault pg_detoast_datum (datum=0x0) at fmgr.c:1833 numrange query
Date:	2019-11-18 01:27:22
Message-ID:	16122-eb35bc248c806c15@postgresql.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

The following bug has been logged on the website:

Bug reference: 16122
Logged by: ascott
Email address: adam(dot)c(dot)scott(at)gmail(dot)com
PostgreSQL version: 10.11
Operating system: Ubuntu & CentOS
Description:

Seg fault can be repeated by running this query:

select count(*) from natica_hdu where boundary is not null
and
"dec_range" <@ '[89.9999998611111,90.0000001388889)' AND "ra_range" <@
'[45.0,45.1]';

it crashes on this line:

if (VARATT_IS_EXTENDED(datum)) in fmgr.c:1833

GDB stacktrace is below.

The table definition for natica_hdu is as follows:
CREATE TABLE public.natica_hdu
(
id integer NOT NULL,
updated timestamp with time zone NOT NULL,
hdu_idx smallint NOT NULL,
ra double precision,
"dec" double precision,
boundary double precision[],
extras jsonb NOT NULL,
fitsfile_id character varying(32) NOT NULL,
dec_range numrange,
ra_range numrange
)
WITH (
OIDS=FALSE
);
ALTER TABLE public.natica_hdu
OWNER TO postgres;

CREATE INDEX natica_hdu_dec_range_56c7d92d
ON public.natica_hdu
USING btree
(dec_range);

CREATE INDEX natica_hdu_fitsfile_id_3a3363fe
ON public.natica_hdu
USING btree
(fitsfile_id COLLATE pg_catalog."default");

CREATE INDEX natica_hdu_fitsfile_id_3a3363fe_like
ON public.natica_hdu
USING btree
(fitsfile_id COLLATE pg_catalog."default" varchar_pattern_ops);

CREATE INDEX natica_hdu_q3c_ang2ipix_idx
ON public.natica_hdu
USING btree
(q3c_ang2ipix(ra, "dec"));
ALTER TABLE public.natica_hdu CLUSTER ON natica_hdu_q3c_ang2ipix_idx;

CREATE INDEX natica_hdu_ra_range_b9f4d3ac
ON public.natica_hdu
USING btree
(ra_range);

#0 pg_detoast_datum (datum=0xffffffff) at fmgr.c:1833
#1 0x0000557a18c19545 in numeric_sub (fcinfo=fcinfo(at)entry=0x7ffff5795e30)
at numeric.c:2288
#2 0x0000557a18c9bb44 in DirectFunctionCall2Coll (
func=0x557a18c19520 <numeric_sub>, collation=collation(at)entry=0,
arg1=<optimized out>, arg2=<optimized out>) at fmgr.c:739
#3 0x0000557a18c2752a in numrange_subdiff (fcinfo=<optimized out>)
at rangetypes.c:1424
#4 0x0000557a18c9c4af in FunctionCall2Coll (
flinfo=flinfo(at)entry=0x557a1ad85098, collation=<optimized out>,
arg1=<optimized out>, arg2=<optimized out>) at fmgr.c:1059
#5 0x0000557a18c2c1ce in get_position (
typcache=typcache(at)entry=0x557a1ad84f58,
value=value(at)entry=0x7ffff5796690,
hist2=hist2(at)entry=0x557a1ad76700, hist1=<optimized out>,
hist1=<optimized out>) at rangetypes_selfuncs.c:696
#6 0x0000557a18c2d679 in calc_hist_selectivity_contained (
length_hist_nvalues=101, length_hist_values=0x557a1ad88568,
hist_nvalues=<optimized out>, hist_lower=<optimized out>,
upper=0x7ffff57966a0, lower=0x7ffff5796690, typcache=0x557a1ad84f58)
at rangetypes_selfuncs.c:1065
#7 calc_hist_selectivity (operator=<optimized out>, constval=<optimized
out>,
vardata=0x7ffff57966b0, typcache=0x557a1ad84f58)
at rangetypes_selfuncs.c:561
#8 calc_rangesel (operator=<optimized out>, constval=<optimized out>,
vardata=0x7ffff57966b0, typcache=0x557a1ad84f58)
at rangetypes_selfuncs.c:332
#9 rangesel (fcinfo=<optimized out>) at rangetypes_selfuncs.c:216
#10 0x0000557a18c9cfa9 in OidFunctionCall4Coll (functionId=<optimized out>,

collation=collation(at)entry=0, arg1=arg1(at)entry=93982924614952,
arg2=arg2(at)entry=3892, arg3=arg3(at)entry=93982924616184,
arg4=arg4(at)entry=0)
at fmgr.c:1415
#11 0x0000557a18b0f9e4 in restriction_selectivity (
root=root(at)entry=0x557a1ad62d28, operatorid=3892, args=0x557a1ad631f8,
---Type <return> to continue, or q <return> to quit---
inputcollid=0, varRelid=varRelid(at)entry=0) at plancat.c:1670
#12 0x0000557a18ad56db in clause_selectivity
(root=root(at)entry=0x557a1ad62d28,
clause=0x557a1ad63298, clause(at)entry=0x557a1ad74960,
varRelid=varRelid(at)entry=0, jointype=jointype(at)entry=JOIN_INNER,
sjinfo=sjinfo(at)entry=0x0) at clausesel.c:746
#13 0x0000557a18ad594d in clauselist_selectivity (
root=root(at)entry=0x557a1ad62d28, clauses=<optimized out>,
varRelid=varRelid(at)entry=0, jointype=jointype(at)entry=JOIN_INNER,
sjinfo=sjinfo(at)entry=0x0) at clausesel.c:168
#14 0x0000557a18adb28d in set_baserel_size_estimates (
root=root(at)entry=0x557a1ad62d28, rel=rel(at)entry=0x557a1ad73568)
at costsize.c:4028
#15 0x0000557a18ad3c85 in set_plain_rel_size (rte=<optimized out>,
rel=0x557a1ad73568, root=0x557a1ad62d28) at allpaths.c:526
#16 set_rel_size (root=0x557a1ad62d28, rel=0x557a1ad73568, rti=1,
rte=<optimized out>) at allpaths.c:368
#17 0x0000557a18ad5015 in set_base_rel_sizes (root=<optimized out>)
at allpaths.c:280
#18 make_one_rel (root=root(at)entry=0x557a1ad62d28,
joinlist=joinlist(at)entry=0x557a1ad73798) at allpaths.c:178
#19 0x0000557a18af22a0 in query_planner (root=root(at)entry=0x557a1ad62d28,
tlist=tlist(at)entry=0x557a1ad63038,
qp_callback=qp_callback(at)entry=0x557a18af3140 <standard_qp_callback>,
qp_extra=qp_extra(at)entry=0x7ffff5796f60) at planmain.c:259
#20 0x0000557a18af4900 in grouping_planner (root=root(at)entry=0x557a1ad62d28,

inheritance_update=inheritance_update(at)entry=0 '\000',
tuple_fraction=<optimized out>, tuple_fraction(at)entry=0) at
planner.c:1733
#21 0x0000557a18af7a2f in subquery_planner (glob=glob(at)entry=0x557a1ad62c98,

parse=parse(at)entry=0x557a1ad43ef8, parent_root=parent_root(at)entry=0x0,
hasRecursion=hasRecursion(at)entry=0 '\000',
tuple_fraction=tuple_fraction(at)entry=0) at planner.c:862
#22 0x0000557a18af88b2 in standard_planner (parse=0x557a1ad43ef8,
cursorOptions=256, boundParams=0x0) at planner.c:334
---Type <return> to continue, or q <return> to quit---
#23 0x0000557a18b907dc in pg_plan_query (
querytree=querytree(at)entry=0x557a1ad43ef8,
cursorOptions=cursorOptions(at)entry=256,
boundParams=boundParams(at)entry=0x0)
at postgres.c:819
#24 0x0000557a18b908b6 in pg_plan_queries (querytrees=<optimized out>,
cursorOptions=cursorOptions(at)entry=256,
boundParams=boundParams(at)entry=0x0)
at postgres.c:885
#25 0x0000557a18b90cf9 in exec_simple_query (
query_string=0x557a1ad429c8 "select count(*) from natica_hdu where
boundary is not null\nand\n\"dec_range\" <@
'[89.9999998611111,90.0000001388889)' AND \"ra_range\" <@ '[45.0,45.1]';")
at postgres.c:1050
#26 0x0000557a18b929f1 in PostgresMain (argc=<optimized out>,
argv=argv(at)entry=0x557a1aceee90, dbname=<optimized out>,
username=<optimized out>) at postgres.c:4117
#27 0x0000557a188ea6ac in BackendRun (port=0x557a1ace77a0) at
postmaster.c:4408
#28 BackendStartup (port=0x557a1ace77a0) at postmaster.c:4080
#29 ServerLoop () at postmaster.c:1756
#30 0x0000557a18b24d35 in PostmasterMain (argc=5, argv=0x557a1acbf790)
at postmaster.c:1364
#31 0x0000557a188ebea9 in main (argc=5, argv=0x557a1acbf790) at main.c:228

Responses

Re: BUG #16122: segfault pg_detoast_datum (datum=0x0) at fmgr.c:1833 numrange query at 2019-11-18 04:50:20 from Michael Paquier
Re: BUG #16122: segfault pg_detoast_datum (datum=0x0) at fmgr.c:1833 numrange query at 2019-11-18 12:03:12 from Tomas Vondra

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Michael Paquier	2019-11-18 03:10:59	Re: incorrect pg_dump output due to not handling dropped roles correctly
Previous Message	PG Bug reporting form	2019-11-18 01:26:30	BUG #16121: 12 regression: Volatile function in target list subquery behave as stable