CRE-2025-0042

PostgreSQL transaction fails with deadlock detected error in psycopg2 and DjangoCritical
Impact: 7/10
Mitigation: 5/10

CRE-2025-0042View on GitHub

PostgreSQL Psycopg2 Django Transaction Deadlock Operational error Public Known Issue

Description

- Applications using Django with PostgreSQL and psycopg2 may encounter `deadlock detected` errors under concurrent write-heavy workloads.\n- PostgreSQL raises this error when two or more transactions block each other cyclically while waiting for locks, and one must be aborted.\n- Django surfaces this as an `OperationalError`, and the affected transaction is rolled back.\n

Mitigation

- Ensure that transactions access rows in a consistent order across code paths.\n- Break large transactions into smaller units of work.\n- Use explicit `select_for_update()` to control locking behavior and reduce contention.\n- Monitor PostgreSQL `pg_stat_activity` and `pg_locks` to identify deadlock-prone queries.\n

References

https://www.postgresql.org/docs/current/errcodes-appendix.html
https://docs.djangoproject.com/en/stable/ref/models/querysets/#select-for-update