================================================================= ==20731==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffdc1b4894 at pc 0xef3ad5 bp 0x7fffdc1afb90 sp 0x7fffdc1afb88 READ of size 1 at 0x7fffdc1b4894 thread T0 #0 0xef3ad4 in XLogInsert /home/kgrittn/pg/master/src/backend/access/transam/xlog.c:1040 #1 0xd57472 in doPickSplit /home/kgrittn/pg/master/src/backend/access/spgist/spgdoinsert.c:1391 #2 0xd116d1 in spgdoinsert /home/kgrittn/pg/master/src/backend/access/spgist/spgdoinsert.c:2008 #3 0xcbf1b1 in spginsert /home/kgrittn/pg/master/src/backend/access/spgist/spginsert.c:238 #4 0x46d8c23 in FunctionCall6Coll /home/kgrittn/pg/master/src/backend/utils/fmgr/fmgr.c:1436 #5 0xad80db in index_insert /home/kgrittn/pg/master/src/backend/access/index/indexam.c:223 #6 0x211c4fd in ExecInsertIndexTuples /home/kgrittn/pg/master/src/backend/executor/execUtils.c:1104 #7 0x227d66f in ExecInsert /home/kgrittn/pg/master/src/backend/executor/nodeModifyTable.c:274 #8 0x22790d8 in ExecModifyTable /home/kgrittn/pg/master/src/backend/executor/nodeModifyTable.c:1014 #9 0x2020033 in ExecProcNode /home/kgrittn/pg/master/src/backend/executor/execProcnode.c:377 #10 0x1fe8a64 in ExecutePlan /home/kgrittn/pg/master/src/backend/executor/execMain.c:1474 #11 0x1fe79b8 in standard_ExecutorRun /home/kgrittn/pg/master/src/backend/executor/execMain.c:308 #12 0x1fe5d19 in ExecutorRun /home/kgrittn/pg/master/src/backend/executor/execMain.c:256 #13 0x34d909b in ProcessQuery /home/kgrittn/pg/master/src/backend/tcop/pquery.c:185 #14 0x34d172a in PortalRunMulti /home/kgrittn/pg/master/src/backend/tcop/pquery.c:1279 #15 0x34ca68c in PortalRun /home/kgrittn/pg/master/src/backend/tcop/pquery.c:816 #16 0x349f211 in exec_simple_query /home/kgrittn/pg/master/src/backend/tcop/postgres.c:1048 #17 0x3499f10 in PostgresMain /home/kgrittn/pg/master/src/backend/tcop/postgres.c:3992 #18 0x2f087f5 in BackendRun /home/kgrittn/pg/master/src/backend/postmaster/postmaster.c:4085 #19 0x2f04700 in BackendStartup /home/kgrittn/pg/master/src/backend/postmaster/postmaster.c:3774 #20 0x2ee5b66 in ServerLoop /home/kgrittn/pg/master/src/backend/postmaster/postmaster.c:1585 #21 0x2eda2be in PostmasterMain /home/kgrittn/pg/master/src/backend/postmaster/postmaster.c:1240 #22 0x24cd113 in main /home/kgrittn/pg/master/src/backend/main/main.c:196 #23 0x2b8189ec376c in __libc_start_main /build/buildd/eglibc-2.15/csu/libc-start.c:226 #24 0x4dc32c in _start ??:? Address 0x7fffdc1b4894 is located in stack of thread T0 at offset 2644 in frame #0 0xd2f2cf in doPickSplit /home/kgrittn/pg/master/src/backend/access/spgist/spgdoinsert.c:680 This frame has 57 object(s): [32, 40) '' [96, 104) '' [160, 168) '' [224, 232) '' [288, 296) '' [352, 356) '' [416, 417) '' [480, 481) '' [544, 545) 'insertedNew' [608, 632) 'in' [672, 720) 'out' [768, 776) 'procinfo' [832, 833) 'includeNew' [896, 900) 'i' [960, 964) 'max' [1024, 1028) 'n' [1088, 1096) 'innerTuple' [1152, 1160) 'node' [1216, 1224) 'nodes' [1280, 1284) 'newInnerBuffer' [1344, 1348) 'newLeafBuffer' [1408, 1416) 'heapPtrs' [1472, 1480) 'leafPageSelect' [1536, 1544) 'leafSizes' [1600, 1608) 'toDelete' [1664, 1672) 'toInsert' [1728, 1730) 'redirectTuplePos' [1792, 1796) 'startOffsets' [1856, 1864) 'newLeafs' [1920, 1924) 'spaceToDelete' [1984, 1988) 'currentFreeSpace' [2048, 2052) 'totalLeafSizes' [2112, 2113) 'allTheSame' [2176, 2496) 'rdata' [2528, 2532) 'nRdata' [2592, 2644) 'xlrec' <== Memory access at offset 2644 overflows this variable [2688, 2696) 'leafdata' [2752, 2760) 'leafptr' [2816, 2840) 'saveCurrent' [2880, 2884) 'nToDelete' [2944, 2948) 'nToInsert' [3008, 3012) 'maxToInclude' [3072, 3080) 'it' [3136, 3144) 'it1' [3200, 3208) 'label' [3264, 3265) 'labelisnull' [3328, 3336) 'nodePageSelect' [3392, 3396) 'curspace' [3456, 3460) 'newspace' [3520, 3524) 'nodeOfNewTuple' [3584, 3592) 'it2' [3648, 3652) 'leafBuffer' [3712, 3716) 'leafBlock' [3776, 3778) 'newoffset' [3840, 3848) 'recptr' [3904, 3912) 'page' [3968, 3976) 'page3' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow ??:0 ?? Shadow bytes around the buggy address: 0x10007b82e8c0: 04 f4 f4 f4 f2 f2 f2 f2 04 f4 f4 f4 f2 f2 f2 f2 0x10007b82e8d0: 01 f4 f4 f4 f2 f2 f2 f2 00 00 00 00 00 00 00 00 0x10007b82e8e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b82e8f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b82e900: f2 f2 f2 f2 04 f4 f4 f4 f2 f2 f2 f2 00 00 00 00 =>0x10007b82e910: 00 00[04]f4 f2 f2 f2 f2 00 f4 f4 f4 f2 f2 f2 f2 0x10007b82e920: 00 f4 f4 f4 f2 f2 f2 f2 00 00 00 f4 f2 f2 f2 f2 0x10007b82e930: 04 f4 f4 f4 f2 f2 f2 f2 04 f4 f4 f4 f2 f2 f2 f2 0x10007b82e940: 04 f4 f4 f4 f2 f2 f2 f2 00 f4 f4 f4 f2 f2 f2 f2 0x10007b82e950: 00 f4 f4 f4 f2 f2 f2 f2 00 f4 f4 f4 f2 f2 f2 f2 0x10007b82e960: 01 f4 f4 f4 f2 f2 f2 f2 00 f4 f4 f4 f2 f2 f2 f2 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 ASan internal: fe ==20731==ABORTING