Justin Pryzby wrote:

> #1  0x00000000006a52e9 in perform_work_item (workitem=0x7f8ad1f94824) at 
> autovacuum.c:2676
>         cur_datname = 0x298c740 "no 1 :vartype 1184 :vartypmod -1 :varcollid 
> 0 :varlevelsup 0 :varnoold 1 :varoattno 1 :location 146} {CONST :consttype 
> 1184 :consttypmod -1 :constcollid 0 :constlen 8 :constbyval true :constisnull 
> fal"...
>         cur_nspname = 0x298c728 "s ({VAR :varno 1 :varattno 1 :vartype 1184 
> :vartypmod -1 :varcollid 0 :varlevelsup 0 :varnoold 1 :varoattno 1 :location 
> 146} {CONST :consttype 1184 :consttypmod -1 :constcollid 0 :constlen 8 
> :constbyv"...
>         cur_relname = 0x298cd68 
> "cdrs_eric_msc_sms_2017_10_14_startofcharge_idx"
>         __func__ = "perform_work_item"

cur_datname here seems corrupted -- it points halfway into cur_nspname,
which is also a corrupt value.  And I think that's because we're not
checking that the namespace OID is a valid value before calling
get_namespace_name on it.  And I'm betting that these values are all not
what we expect, because we're not checking that we're in the correct
database before trying to execute the work item.  I don't quite
understand how this results in an invalid string rather than just a
NULL, as I would have expected.

Anyway, can give this patch a try?

-- 
Álvaro Herrera                https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
>From 0a53aaf589dfdbd2f25ae2ee36323d77c2910a60 Mon Sep 17 00:00:00 2001
From: Alvaro Herrera <alvhe...@alvh.no-ip.org>
Date: Tue, 17 Oct 2017 12:58:38 +0200
Subject: [PATCH] Fix autovacuum workitems

---
 src/backend/postmaster/autovacuum.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/backend/postmaster/autovacuum.c 
b/src/backend/postmaster/autovacuum.c
index 776b1c0a9d..83366b862c 100644
--- a/src/backend/postmaster/autovacuum.c
+++ b/src/backend/postmaster/autovacuum.c
@@ -2525,6 +2525,8 @@ deleted:
                        continue;
                if (workitem->avw_active)
                        continue;
+               if (workitem->avw_database != MyDatabaseId)
+                       continue;
 
                /* claim this one, and release lock while performing it */
                workitem->avw_active = true;
@@ -2592,6 +2594,7 @@ perform_work_item(AutoVacuumWorkItem *workitem)
        char       *cur_datname = NULL;
        char       *cur_nspname = NULL;
        char       *cur_relname = NULL;
+       Oid                     cur_nspoid;
 
        /*
         * Note we do not store table info in MyWorkerInfo, since this is not
@@ -2607,9 +2610,12 @@ perform_work_item(AutoVacuumWorkItem *workitem)
         */
 
        cur_relname = get_rel_name(workitem->avw_relation);
-       cur_nspname = 
get_namespace_name(get_rel_namespace(workitem->avw_relation));
+       cur_nspoid = get_rel_namespace(workitem->avw_relation);
+       if (!cur_relname || !OidIsValid(cur_nspoid))
+               goto deleted2;
+       cur_nspname = get_namespace_name(cur_nspoid);
        cur_datname = get_database_name(MyDatabaseId);
-       if (!cur_relname || !cur_nspname || !cur_datname)
+       if (!cur_nspname || !cur_datname)
                goto deleted2;
 
        autovac_report_workitem(workitem, cur_nspname, cur_datname);
-- 
2.11.0

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to