| From: | Brendan Jurd <direvus(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: Segfault in 9.0 inlining SRF |
| Date: | 2010-10-25 15:42:33 |
| Message-ID: | AANLkTinVn+-KA3s+0M43anhR+z3KgUm+YC4uQHYCUZUq@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
On 25 October 2010 07:36, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Brendan Jurd <direvus(at)gmail(dot)com> writes:
>> I have encountered a reproducible segfault in Postgres ...
>
> Looks like the invalItems list has been clobbered:
>
> (gdb) p *root->glob->invalItems
> $6 = {type = 2139062143, length = 2139062143, head = 0x7f7f7f7f,
> tail = 0x7f7f7f7f}
>
> I'm guessing it was modified in the temporary memory context and not
> properly copied out to the parent context when we finished inlining
> the function.
>
Hi Tom,
Thanks for the hint; I found that the attached patch resolved my
specific segfault, but I am wondering whether it goes far enough. The
patch just copies invalItems up out of the temporary context before it
is deleted. Could there also be changes to other elements of
PlannerGlobal that need to be saved? Should we in fact be copying out
the whole of PlannerGlobal each time, and would that necessitate a new
copyfunc for it?
Cheers,
BJ
| Attachment | Content-Type | Size |
|---|---|---|
| segfault.diff | text/plain | 775 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2010-10-25 16:04:32 | Re: Recovery bug |
| Previous Message | Devrim GÜNDÜZ | 2010-10-25 15:20:11 | Re: BUG #5722: vacuum full does not update last_vacuum statistics |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2010-10-25 15:48:57 | add label to enum syntax |
| Previous Message | David Fetter | 2010-10-25 15:38:59 | Re: Range Types, discrete and/or continuous |