| From: | SATYANARAYANA NARLAPURAM <satyanarlapuram(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | LockHasWaiters() crashes on fast-path locks |
| Date: | 2026-03-25 21:15:08 |
| Message-ID: | CAHg+QDe_=ZahnRx37bzrqYenKn_S5YDQ00fTfwe-ZUmjqO=qLg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi Hackers,
LockHasWaiters() assumes that the LOCALLOCK's lock and proclock pointers
are populated, but this is not the case for locks acquired via the
fast-path optimization. Weak locks (< ShareUpdateExclusiveLock) on
relations may not be stored in the shared lock hash table, and the
LOCALLOCK entry is left with lock = NULL and proclock = NULL in such a case.
If LockHasWaiters() is called for such a lock, it dereferences those NULL
pointers when it reads proclock->holdMask and lock->waitMask, causing a
segfault.
The only existing caller is lazy_truncate_heap() in VACUUM, which queries
LockHasWaitersRelation(rel, AccessExclusiveLock). Since AccessExclusiveLock
is the strongest lock level, it is never fast-pathed, so the bug has never
been triggered in practice. However, any new caller that passes a weak lock
mode, for example, checking whether a DDL is waiting on an AccessShareLock
will crash. The fix is to transfer the lock to the main lock table before
we access them.
Attached a patch to address this issue.
Thanks,
Satya
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-lock-has-waiters-fast-path-fix.patch | application/octet-stream | 829 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2026-03-25 21:18:48 | Re: another autovacuum scheduling thread |
| Previous Message | Bharath Rupireddy | 2026-03-25 21:12:16 | Re: another autovacuum scheduling thread |