pg11.1 jit segv

Поиск
Список
Период
Сортировка
От Justin Pryzby
Тема pg11.1 jit segv
Дата
Msg-id 20181115223959.GB10913@telsasoft.com
обсуждение исходный текст
Ответы Re: pg11.1 jit segv  (Andres Freund <andres@anarazel.de>)
Список pgsql-hackers
Дерево обсуждения 
Crash is reproducible but only when JIT=on.

postgresql11-llvmjit-11.1-1PGDG.rhel7.x86_64

[2769871.453033] postmaster[8582]: segfault at 7f083bddb780 ip 00007f08127e814e sp 00007ffe463506e0 error 4
[2770774.470600] postmaster[29410]: segfault at 7f0812eeb6c8 ip 00007f08127eb4f0 sp 00007ffe463506e0 error 4

Core was generated by `postgres: telsasoft ts 192.168.122.11(41908) SELECT    '.
Program terminated with signal 11, Segmentation fault.

(gdb) bt
#0  0x00007f08127e814e in ?? ()
#1  0x0000000000000000 in ?? ()

[pryzbyj@database ~]$ sudo -u postgres valgrind /usr/pgsql-11/bin/postgres --single -D /var/lib/pgsql/11/data ts
<tmp/sql-jit-crash-2018-11-15
 

==26448== Conditional jump or move depends on uninitialised value(s)
==26448==    at 0x1B510F09: getAdjustedPtr(llvm::IRBuilder<llvm::ConstantFolder, (anonymous
namespace)::IRBuilderPrefixedInserter>&,llvm::DataLayout const&, llvm::Value*, llvm::APInt, llvm::Type*, llvm::Twine)
(SROA.cpp:1531)
==26448==    by 0x1B511C52: llvm::sroa::AllocaSliceRewriter::getNewAllocaSlicePtr(llvm::IRBuilder<llvm::ConstantFolder,
(anonymousnamespace)::IRBuilderPrefixedInserter>&, llvm::Type*) (SROA.cpp:2313)
 
==26448==    by 0x1B516BA0: llvm::sroa::AllocaSliceRewriter::visitIntrinsicInst(llvm::IntrinsicInst&) (SROA.cpp:2921)
==26448==    by 0x1B5190CC: visitCall (Instruction.def:190)
==26448==    by 0x1B5190CC: llvm::InstVisitor<llvm::sroa::AllocaSliceRewriter, bool>::visit(llvm::Instruction&)
(Instruction.def:190)
==26448==    by 0x1B51947A: visit (InstVisitor.h:114)
==26448==    by 0x1B51947A: llvm::sroa::AllocaSliceRewriter::visit((anonymous namespace)::Slice const*)
(SROA.cpp:2262)
==26448==    by 0x1B51D426: llvm::SROA::rewritePartition(llvm::AllocaInst&, llvm::sroa::AllocaSlices&,
llvm::sroa::Partition&)(SROA.cpp:3921)
 
==26448==    by 0x1B51E630: llvm::SROA::splitAlloca(llvm::AllocaInst&, llvm::sroa::AllocaSlices&) (SROA.cpp:4029)
==26448==    by 0x1B51F25D: llvm::SROA::runOnAlloca(llvm::AllocaInst&) (SROA.cpp:4156)
==26448==    by 0x1B52048A: llvm::SROA::runImpl(llvm::Function&, llvm::DominatorTree&, llvm::AssumptionCache&)
(SROA.cpp:4243)
==26448==    by 0x1B520E40: llvm::sroa::SROALegacyPass::runOnFunction(llvm::Function&) (SROA.cpp:4296)
==26448==    by 0x1AC49C31: llvm::FPPassManager::runOnFunction(llvm::Function&) (LegacyPassManager.cpp:1514)
==26448==    by 0x1B6A805E: RunPassOnSCC (Timer.h:149)
==26448==    by 0x1B6A805E: RunAllPassesOnSCC (CallGraphSCCPass.cpp:419)
==26448==    by 0x1B6A805E: (anonymous namespace)::CGPassManager::runOnModule(llvm::Module&)
(CallGraphSCCPass.cpp:474)
==26448==
==26448== Conditional jump or move depends on uninitialised value(s)
==26448==    at 0x1B510F09: getAdjustedPtr(llvm::IRBuilder<llvm::ConstantFolder, (anonymous
namespace)::IRBuilderPrefixedInserter>&,llvm::DataLayout const&, llvm::Value*, llvm::APInt, llvm::Type*, llvm::Twine)
(SROA.cpp:1531)
==26448==    by 0x1B511C52: llvm::sroa::AllocaSliceRewriter::getNewAllocaSlicePtr(llvm::IRBuilder<llvm::ConstantFolder,
(anonymousnamespace)::IRBuilderPrefixedInserter>&, llvm::Type*) (SROA.cpp:2313)
 
==26448==    by 0x1B515EF0: llvm::sroa::AllocaSliceRewriter::visitMemSetInst(llvm::MemSetInst&) (SROA.cpp:2656)
==26448==    by 0x1B5190CC: visitCall (Instruction.def:190)
==26448==    by 0x1B5190CC: llvm::InstVisitor<llvm::sroa::AllocaSliceRewriter, bool>::visit(llvm::Instruction&)
(Instruction.def:190)
==26448==    by 0x1B51947A: visit (InstVisitor.h:114)
==26448==    by 0x1B51947A: llvm::sroa::AllocaSliceRewriter::visit((anonymous namespace)::Slice const*)
(SROA.cpp:2262)
==26448==    by 0x1B51D426: llvm::SROA::rewritePartition(llvm::AllocaInst&, llvm::sroa::AllocaSlices&,
llvm::sroa::Partition&)(SROA.cpp:3921)
 
==26448==    by 0x1B51E630: llvm::SROA::splitAlloca(llvm::AllocaInst&, llvm::sroa::AllocaSlices&) (SROA.cpp:4029)
==26448==    by 0x1B51F25D: llvm::SROA::runOnAlloca(llvm::AllocaInst&) (SROA.cpp:4156)
==26448==    by 0x1B52048A: llvm::SROA::runImpl(llvm::Function&, llvm::DominatorTree&, llvm::AssumptionCache&)
(SROA.cpp:4243)
==26448==    by 0x1B520E40: llvm::sroa::SROALegacyPass::runOnFunction(llvm::Function&) (SROA.cpp:4296)
==26448==    by 0x1AC49C31: llvm::FPPassManager::runOnFunction(llvm::Function&) (LegacyPassManager.cpp:1514)
==26448==    by 0x1B6A805E: RunPassOnSCC (Timer.h:149)
==26448==    by 0x1B6A805E: RunAllPassesOnSCC (CallGraphSCCPass.cpp:419)
==26448==    by 0x1B6A805E: (anonymous namespace)::CGPassManager::runOnModule(llvm::Module&)
(CallGraphSCCPass.cpp:474)
==26448==

==26448== Invalid write of size 8
==26448==    at 0x4C2E0C3: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1022)
==26448==    by 0x824075: UnknownInlinedFun (string3.h:51)
==26448==    by 0x824075: varstrfastcmp_locale (varlena.c:2135)
==26448==    by 0x87C6F3: ApplySortComparator (sortsupport.h:224)
==26448==    by 0x87C6F3: comparetup_heap (tuplesort.c:3560)
==26448==    by 0x8793F4: qsort_tuple (qsort_tuple.c:112)
==26448==    by 0x87EE53: tuplesort_performsort (tuplesort.c:1811)
==26448==    by 0x628CE2: ExecSort (nodeSort.c:118)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==  Address 0x1f77c1c0 is 0 bytes after a block of size 8,192 alloc'd
==26448==    at 0x4C29C23: malloc (vg_replace_malloc.c:299)
==26448==    by 0x86D5AD: AllocSetContextCreateExtended (aset.c:477)
==26448==    by 0x87AA3D: tuplesort_begin_common (tuplesort.c:697)
==26448==    by 0x87DAA9: tuplesort_begin_heap (tuplesort.c:812)
==26448==    by 0x628C93: ExecSort (nodeSort.c:89)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x61B364: UnknownInlinedFun (executor.h:237)
==26448==    by 0x61B364: MultiExecPrivateHash (nodeHash.c:164)
==26448==    by 0x61B364: MultiExecHash (nodeHash.c:114)
==26448==
==26448== Invalid read of size 8
==26448==    at 0x4C2E0CE: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1022)
==26448==    by 0x824075: UnknownInlinedFun (string3.h:51)
==26448==    by 0x824075: varstrfastcmp_locale (varlena.c:2135)
==26448==    by 0x87C6F3: ApplySortComparator (sortsupport.h:224)
==26448==    by 0x87C6F3: comparetup_heap (tuplesort.c:3560)
==26448==    by 0x8793F4: qsort_tuple (qsort_tuple.c:112)
==26448==    by 0x87EE53: tuplesort_performsort (tuplesort.c:1811)
==26448==    by 0x628CE2: ExecSort (nodeSort.c:118)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==  Address 0x1f77e200 is 0 bytes after a block of size 8,192 alloc'd
==26448==    at 0x4C29C23: malloc (vg_replace_malloc.c:299)
==26448==    by 0x86D5AD: AllocSetContextCreateExtended (aset.c:477)
==26448==    by 0x87AA5A: tuplesort_begin_common (tuplesort.c:710)
==26448==    by 0x87DAA9: tuplesort_begin_heap (tuplesort.c:812)
==26448==    by 0x628C93: ExecSort (nodeSort.c:89)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x61B364: UnknownInlinedFun (executor.h:237)
==26448==    by 0x61B364: MultiExecPrivateHash (nodeHash.c:164)
==26448==    by 0x61B364: MultiExecHash (nodeHash.c:114)
==26448==
==26448== Invalid read of size 8
==26448==    at 0x4C2E0C0: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1022)
==26448==    by 0x824075: UnknownInlinedFun (string3.h:51)
==26448==    by 0x824075: varstrfastcmp_locale (varlena.c:2135)
==26448==    by 0x87C6F3: ApplySortComparator (sortsupport.h:224)
==26448==    by 0x87C6F3: comparetup_heap (tuplesort.c:3560)
==26448==    by 0x8793F4: qsort_tuple (qsort_tuple.c:112)
==26448==    by 0x87EE53: tuplesort_performsort (tuplesort.c:1811)
==26448==    by 0x628CE2: ExecSort (nodeSort.c:118)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==  Address 0x1f77e210 is 16 bytes after a block of size 8,192 alloc'd
==26448==    at 0x4C29C23: malloc (vg_replace_malloc.c:299)
==26448==    by 0x86D5AD: AllocSetContextCreateExtended (aset.c:477)
==26448==    by 0x87AA5A: tuplesort_begin_common (tuplesort.c:710)
==26448==    by 0x87DAA9: tuplesort_begin_heap (tuplesort.c:812)
==26448==    by 0x628C93: ExecSort (nodeSort.c:89)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x61B364: UnknownInlinedFun (executor.h:237)
==26448==    by 0x61B364: MultiExecPrivateHash (nodeHash.c:164)
==26448==    by 0x61B364: MultiExecHash (nodeHash.c:114)
==26448==
==26448==
==26448== More than 10000000 total errors detected.  I'm not reporting any more.
==26448== Final error counts will be inaccurate.  Go fix your program!
==26448== Rerun with --error-limit=no to disable this cutoff.  Note
==26448== that errors may occur in your program without prior warning from
==26448== Valgrind, because errors are no longer being displayed.
==26448==
==26448==
==26448== Process terminating with default action of signal 11 (SIGSEGV)
==26448==  Access not within mapped region at address 0x23337000
==26448==    at 0x4C2E0CE: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1022)
==26448==    by 0x824075: UnknownInlinedFun (string3.h:51)
==26448==    by 0x824075: varstrfastcmp_locale (varlena.c:2135)
==26448==    by 0x87C6F3: ApplySortComparator (sortsupport.h:224)
==26448==    by 0x87C6F3: comparetup_heap (tuplesort.c:3560)
==26448==    by 0x8793F4: qsort_tuple (qsort_tuple.c:112)
==26448==    by 0x87EE53: tuplesort_performsort (tuplesort.c:1811)
==26448==    by 0x628CE2: ExecSort (nodeSort.c:118)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x610D48: UnknownInlinedFun (executor.h:237)
==26448==    by 0x610D48: fetch_input_tuple (nodeAgg.c:406)
==26448==    by 0x61277F: agg_retrieve_direct (nodeAgg.c:1736)
==26448==    by 0x61277F: ExecAgg (nodeAgg.c:1551)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==    by 0x60A764: ExecScanFetch (execScan.c:95)
==26448==    by 0x60A764: ExecScan (execScan.c:162)
==26448==    by 0x609067: ExecProcNodeInstr (execProcnode.c:461)
==26448==  If you believe this happened as a result of a stack
==26448==  overflow in your program's main thread (unlikely but
==26448==  possible), you can try to increase the size of the
==26448==  main thread stack using the --main-stacksize= flag.
==26448==  The main thread stack size used in this run was 8388608.
=
Let me know if there's anything else I can provide.

Justin

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Kevin Grittner
Дата:
Сообщение: Re: In-place updates and serializable transactions
Следующее
От: Michael Paquier
Дата:
Сообщение: Re: pgsql: Add flag values in WAL description to all heap records