Re: BUG #14641: Segfault on searching KNN using btree_gist

darthunix(at)gmail(dot)com writes:
> I face a segmentation fault in postgresql when searching KNN using
> multicolumn btree_gist index.

Reproduced here, will look. Thanks for the report!

Program terminated with signal 11, Segmentation fault.
#0 0x0000000000881052 in GetMemoryChunkContext (pointer=0x14d46e8)
at ../../../../src/include/utils/memutils.h:124
124 AssertArg(MemoryContextIsValid(context));
(gdb) bt
#0 0x0000000000881052 in GetMemoryChunkContext (pointer=0x14d46e8)
at ../../../../src/include/utils/memutils.h:124
#1 pfree (pointer=0x14d46e8) at mcxt.c:952
#2 0x00000000004a0492 in getNextNearest (scan=0x14709e0,
dir=<value optimized out>) at gistget.c:547
#3 gistgettuple (scan=0x14709e0, dir=<value optimized out>) at gistget.c:656
#4 0x00000000004cee63 in index_getnext_tid (scan=0x14709e0,
direction=<value optimized out>) at indexam.c:541
#5 0x000000000062ffab in IndexOnlyNext (node=0x15abcd0)
at nodeIndexonlyscan.c:116
#6 0x000000000061cc67 in ExecScanFetch (node=0x15abcd0,
accessMtd=0x62ff30 <IndexOnlyNext>, recheckMtd=0x62ff00 <IndexOnlyRecheck>)
at execScan.c:95
#7 ExecScan (node=0x15abcd0, accessMtd=0x62ff30 <IndexOnlyNext>,
recheckMtd=0x62ff00 <IndexOnlyRecheck>) at execScan.c:162
#8 0x000000000061b858 in ExecProcNode (node=0x15abcd0) at execProcnode.c:459
...
(gdb) f 0
#0 0x0000000000881052 in GetMemoryChunkContext (pointer=0x14d46e8)
at ../../../../src/include/utils/memutils.h:124
124 AssertArg(MemoryContextIsValid(context));
(gdb) p context
$1 = (MemoryContext) 0x7f7f7f7f7f7f7f7f
(gdb) x/8x 0x14d46e8
0x14d46e8: 0x7f7f7f7f 0x7f7f7f7f 0x7f7f7f7f 0x7f7f7f7f
0x14d46f8: 0x7f7f7f7f 0x7f7f7f7f 0x7f7f7f7f 0x7f7f7f7f
(gdb) f 2
#2 0x00000000004a0492 in getNextNearest (scan=0x14709e0,
dir=<value optimized out>) at gistget.c:547
547 pfree(scan->xs_hitup);

Looks like getNextNearest is trying to pfree an already-pfreed tuple.

regards, tom lane