Postgres Pro
Downloads
Home   >   mailing lists

Thread: Server crash with certain encodings

Server crash with certain encodings

From
Thom Brown
Date:
Hi,

I can crash the server in 9.4, 9.5 and 9.6 when doing the following on
Linux:

initdb --encoding 'WIN1251' --locale 'C' win

psql

# \l
                         List of databases
   Name    | Owner | Encoding | Collate | Ctype | Access privileges
-----------+-------+----------+---------+-------+-------------------
 postgres  | thom  | WIN1251  | C       | C     |
 template0 | thom  | WIN1251  | C       | C     | =3Dc/thom          +
           |       |          |         |       | thom=3DCTc/thom
 template1 | thom  | WIN1251  | C       | C     | =3Dc/thom          +
           |       |          |         |       | thom=3DCTc/thom
(3 rows)

# SET lc_monetary =3D 'en_GB.ISO-8859-15';
SET

# SET client_encoding =3D 'WIN1251';
SET

# SELECT '=C2=A39'::money;
ERROR:  default conversion function for encoding "LATIN9" to "WIN1251" does
not exist
LINE 1: SELECT '=C2=A39'::money;

# SELECT '=C2=A39'::money;
server closed the connection unexpectedly
    This probably means the server terminated abnormally
    before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.


Note that I need to run the above command twice in order for it to crash.

The log shows:

STATEMENT:  SELECT '=C2=A39'::money;
*** Error in `postgres: thom postgres [local] SELECT': free(): invalid
pointer: 0x00007faf67a16255 ***
=3D=3D=3D=3D=3D=3D=3D Backtrace: =3D=3D=3D=3D=3D=3D=3D=3D=3D
/lib/x86_64-linux-gnu/libc.so.6(+0x7aa16)[0x7faf68e42a16]
/lib/x86_64-linux-gnu/libc.so.6(+0x7b793)[0x7faf68e43793]
postgres: thom postgres [local] SELECT[0x85fd27]
postgres: thom postgres [local] SELECT(PGLC_localeconv+0x38)[0x86063a]
postgres: thom postgres [local] SELECT(cash_in+0x29)[0x7e72eb]
postgres: thom postgres [local] SELECT(InputFunctionCall+0xcc)[0x8fabf7]
postgres: thom postgres [local] SELECT(OidInputFunctionCall+0x41)[0x8faf47]
postgres: thom postgres [local] SELECT(stringTypeDatum+0x43)[0x599206]
postgres: thom postgres [local] SELECT(coerce_type+0x232)[0x57dac8]
postgres: thom postgres [local] SELECT(coerce_to_target_type+0xa2)[0x57cd8c=
]
postgres: thom postgres [local] SELECT[0x5858f9]
postgres: thom postgres [local] SELECT[0x584079]
postgres: thom postgres [local] SELECT(transformExpr+0x1e)[0x583cc6]
postgres: thom postgres [local] SELECT(transformTargetEntry+0x3c)[0x597ad3]
postgres: thom postgres [local] SELECT(transformTargetList+0x141)[0x597c80]
postgres: thom postgres [local] SELECT[0x54d916]
postgres: thom postgres [local] SELECT(transformStmt+0xa7)[0x54dc97]
postgres: thom postgres [local] SELECT(transformTopLevelStmt+0xad)[0x54ee8f=
]
postgres: thom postgres [local] SELECT(parse_analyze+0x6c)[0x54f02b]
postgres: thom postgres [local]
SELECT(pg_analyze_and_rewrite+0x4e)[0x7af9fe]
postgres: thom postgres [local] SELECT[0x7b059e]
postgres: thom postgres [local] SELECT(PostgresMain+0x981)[0x7b134d]
postgres: thom postgres [local] SELECT[0x731c61]
postgres: thom postgres [local] SELECT[0x7342fc]
postgres: thom postgres [local] SELECT[0x7346c2]
postgres: thom postgres [local] SELECT(PostmasterMain+0x1696)[0x736191]
postgres: thom postgres [local] SELECT[0x68a393]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7faf68de9995]
postgres: thom postgres [local] SELECT[0x468379]
=3D=3D=3D=3D=3D=3D=3D Memory map: =3D=3D=3D=3D=3D=3D=3D=3D
00400000-00b57000 r-xp 00000000 08:01 3942667
 /home/thom/Development/psql/bin/postgres
00d56000-00e57000 rw-p 00756000 08:01 3942667
 /home/thom/Development/psql/bin/postgres
00e57000-0102d000 rw-p 00000000 00:00 0
0229c000-022da000 rw-p 00000000 00:00 0
 [heap]
022da000-02360000 rw-p 00000000 00:00 0
 [heap]
7faf5e482000-7faf5e497000 r-xp 00000000 08:01 13372735
/lib/x86_64-linux-gnu/libgcc_s.so.1
7faf5e497000-7faf5e697000 ---p 00015000 08:01 13372735
/lib/x86_64-linux-gnu/libgcc_s.so.1
7faf5e697000-7faf5e698000 rw-p 00015000 08:01 13372735
/lib/x86_64-linux-gnu/libgcc_s.so.1
7faf5e698000-7faf5e6a2000 r-xp 00000000 08:01 3942712
 /home/thom/Development/psql/lib/postgresql/utf8_and_win.so
7faf5e6a2000-7faf5e8a1000 ---p 0000a000 08:01 3942712
 /home/thom/Development/psql/lib/postgresql/utf8_and_win.so
7faf5e8a1000-7faf5e8a2000 rw-p 00009000 08:01 3942712
 /home/thom/Development/psql/lib/postgresql/utf8_and_win.so
7faf5e8a2000-7faf5e8a3000 rw-p 00000000 00:00 0
7faf5e8a3000-7faf67609000 rw-s 00000000 00:04 6786658
 /dev/zero (deleted)
7faf67609000-7faf67615000 r-xp 00000000 08:01 13372779
/lib/x86_64-linux-gnu/libnss_files-2.17.so
7faf67615000-7faf67814000 ---p 0000c000 08:01 13372779
/lib/x86_64-linux-gnu/libnss_files-2.17.so
7faf67814000-7faf67815000 r--p 0000b000 08:01 13372779
/lib/x86_64-linux-gnu/libnss_files-2.17.so
7faf67815000-7faf67816000 rw-p 0000c000 08:01 13372779
/lib/x86_64-linux-gnu/libnss_files-2.17.so
7faf67816000-7faf68771000 r--p 00000000 08:01 1465790
 /usr/lib/locale/locale-archive
7faf68771000-7faf68788000 r-xp 00000000 08:01 13372816
/lib/x86_64-linux-gnu/libpthread-2.17.so
7faf68788000-7faf68987000 ---p 00017000 08:01 13372816
/lib/x86_64-linux-gnu/libpthread-2.17.so
7faf68987000-7faf68988000 r--p 00016000 08:01 13372816
/lib/x86_64-linux-gnu/libpthread-2.17.so
7faf68988000-7faf68989000 rw-p 00017000 08:01 13372816
/lib/x86_64-linux-gnu/libpthread-2.17.so
7faf68989000-7faf6898d000 rw-p 00000000 00:00 0
7faf6898d000-7faf689af000 r-xp 00000000 08:01 13372757
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
7faf689af000-7faf68bae000 ---p 00022000 08:01 13372757
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
7faf68bae000-7faf68baf000 r--p 00021000 08:01 13372757
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
7faf68baf000-7faf68bb0000 rw-p 00022000 08:01 13372757
/lib/x86_64-linux-gnu/liblzma.so.5.0.0
7faf68bb0000-7faf68bc7000 r-xp 00000000 08:01 13372862
/lib/x86_64-linux-gnu/libz.so.1.2.8
7faf68bc7000-7faf68dc6000 ---p 00017000 08:01 13372862
/lib/x86_64-linux-gnu/libz.so.1.2.8
7faf68dc6000-7faf68dc7000 r--p 00016000 08:01 13372862
/lib/x86_64-linux-gnu/libz.so.1.2.8
7faf68dc7000-7faf68dc8000 rw-p 00017000 08:01 13372862
/lib/x86_64-linux-gnu/libz.so.1.2.8
7faf68dc8000-7faf68f6b000 r-xp 00000000 08:01 13372711
/lib/x86_64-linux-gnu/libc-2.17.so
7faf68f6b000-7faf6916a000 ---p 001a3000 08:01 13372711
/lib/x86_64-linux-gnu/libc-2.17.so
7faf6916a000-7faf6916e000 r--p 001a2000 08:01 13372711
/lib/x86_64-linux-gnu/libc-2.17.so
7faf6916e000-7faf69170000 rw-p 001a6000 08:01 13372711
/lib/x86_64-linux-gnu/libc-2.17.so
7faf69170000-7faf69174000 rw-p 00000000 00:00 0
7faf69174000-7faf69270000 r-xp 00000000 08:01 13372760
/lib/x86_64-linux-gnu/libm-2.17.so
7faf69270000-7faf69470000 ---p 000fc000 08:01 13372760
/lib/x86_64-linux-gnu/libm-2.17.so
7faf69470000-7faf69471000 r--p 000fc000 08:01 13372760
/lib/x86_64-linux-gnu/libm-2.17.so
7faf69471000-7faf69472000 rw-p 000fd000 08:01 13372760
/lib/x86_64-linux-gnu/libm-2.17.so
7faf69472000-7faf69475000 r-xp 00000000 08:01 13372725
/lib/x86_64-linux-gnu/libdl-2.17.so
7faf69475000-7faf69674000 ---p 00003000 08:01 13372725
/lib/x86_64-linux-gnu/libdl-2.17.so
7faf69674000-7faf69675000 r--p 00002000 08:01 13372725
/lib/x86_64-linux-gnu/libdl-2.17.so
7faf69675000-7faf69676000 rw-p 00003000 08:01 13372725
/lib/x86_64-linux-gnu/libdl-2.17.so
7faf69676000-7faf6967d000 r-xp 00000000 08:01 13372824
/lib/x86_64-linux-gnu/librt-2.17.so
7faf6967d000-7faf6987c000 ---p 00007000 08:01 13372824
/lib/x86_64-linux-gnu/librt-2.17.so
7faf6987c000-7faf6987d000 r--p 00006000 08:01 13372824
/lib/x86_64-linux-gnu/librt-2.17.so
7faf6987d000-7faf6987e000 rw-p 00007000 08:01 13372824
/lib/x86_64-linux-gnu/librt-2.17.so
7faf6987e000-7faf69a48000 r-xp 00000000 08:01 1453415
 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7faf69a48000-7faf69c48000 ---p 001ca000 08:01 1453415
 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7faf69c48000-7faf69c65000 r--p 001ca000 08:01 1453415
 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7faf69c65000-7faf69c75000 rw-p 001e7000 08:01 1453415
 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7faf69c75000-7faf69c78000 rw-p 00000000 00:00 0
7faf69c78000-7faf69cce000 r-xp 00000000 08:01 1453417
 /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7faf69cce000-7faf69ece000 ---p 00056000 08:01 1453417
 /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7faf69ece000-7faf69ed1000 r--p 00056000 08:01 1453417
 /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7faf69ed1000-7faf69ed8000 rw-p 00059000 08:01 1453417
 /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7faf69ed8000-7faf6a035000 r-xp 00000000 08:01 1451539
 /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.1
7faf6a035000-7faf6a234000 ---p 0015d000 08:01 1451539
 /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.1
7faf6a234000-7faf6a23c000 r--p 0015c000 08:01 1451539
 /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.1
7faf6a23c000-7faf6a23e000 rw-p 00164000 08:01 1451539
 /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.1
7faf6a23e000-7faf6a23f000 rw-p 00000000 00:00 0
7faf6a23f000-7faf6a260000 r-xp 00000000 08:01 13372685
/lib/x86_64-linux-gnu/ld-2.17.so
7faf6a3e8000-7faf6a429000 rw-p 00000000 00:00 0
7faf6a429000-7faf6a430000 rw-p 00000000 00:00 0
7faf6a43a000-7faf6a45c000 rw-p 00000000 00:00 0
7faf6a45c000-7faf6a45d000 rw-s 00000000 00:04 165707825
 /SYSV66e34b5c (deleted)
7faf6a45d000-7faf6a45e000 rw-s 00000000 00:04 165675056
 /SYSV0054c721 (deleted)
7faf6a45e000-7faf6a460000 rw-p 00000000 00:00 0
7faf6a460000-7faf6a461000 r--p 00021000 08:01 13372685
/lib/x86_64-linux-gnu/ld-2.17.so
7faf6a461000-7faf6a463000 rw-p 00022000 08:01 13372685
/lib/x86_64-linux-gnu/ld-2.17.so
7fff17481000-7fff174a5000 rw-p 00000000 00:00 0
 [stack]
7fff175e8000-7fff175ea000 r-xp 00000000 00:00 0
 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
 [vsyscall]
LOG:  server process (PID 30853) was terminated by signal 6: Aborted
DETAIL:  Failed process was running: SELECT '??9'::money;
LOG:  terminating any other active server processes
WARNING:  terminating connection because of crash of another server process
DETAIL:  The postmaster has commanded this server process to roll back the
current transaction and exit, because another server process exited
abnormally and possibly corrupted shared memory.
HINT:  In a moment you should be able to reconnect to the database and
repeat your command.
FATAL:  the database system is in recovery mode
LOG:  all server processes terminated; reinitializing
LOG:  database system was interrupted; last known up at 2016-02-29 01:40:39
GMT
LOG:  database system was not properly shut down; automatic recovery in
progress
LOG:  invalid record length at 0/14D0CA0
LOG:  redo is not required
LOG:  MultiXact member wraparound protections are now enabled
LOG:  autovacuum launcher started
LOG:  database system is ready to accept connections


pg_config output:

BINDIR =3D /home/thom/Development/psql/bin
DOCDIR =3D /home/thom/Development/psql/share/doc/postgresql
HTMLDIR =3D /home/thom/Development/psql/share/doc/postgresql
INCLUDEDIR =3D /home/thom/Development/psql/include
PKGINCLUDEDIR =3D /home/thom/Development/psql/include/postgresql
INCLUDEDIR-SERVER =3D /home/thom/Development/psql/include/postgresql/server
LIBDIR =3D /home/thom/Development/psql/lib
PKGLIBDIR =3D /home/thom/Development/psql/lib/postgresql
LOCALEDIR =3D /home/thom/Development/psql/share/locale
MANDIR =3D /home/thom/Development/psql/share/man
SHAREDIR =3D /home/thom/Development/psql/share/postgresql
SYSCONFDIR =3D /home/thom/Development/psql/etc/postgresql
PGXS =3D /home/thom/Development/psql/lib/postgresql/pgxs/src/makefiles/pgxs=
.mk
CONFIGURE =3D '--enable-coverage' '--prefix=3D/home/thom/Development/psql'
'--enable-depend' '--enable-debug' '--with-libxml' '--with-openssl'
'--with-ossp-uuid' 'CFLAGS=3D-ggdb -Og -fno-omit-frame-pointer'
CC =3D gcc
CPPFLAGS =3D -DFRONTEND -D_GNU_SOURCE -I/usr/include/libxml2
CFLAGS =3D -Wall -Wmissing-prototypes -Wpointer-arith
-Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute
-Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=3Dstandar=
d
-g -fprofile-arcs -ftest-coverage -ggdb -Og -fno-omit-frame-pointer
CFLAGS_SL =3D -fpic
LDFLAGS =3D -L../../src/common -Wl,--as-needed
-Wl,-rpath,'/home/thom/Development/psql/lib',--enable-new-dtags
LDFLAGS_EX =3D
LDFLAGS_SL =3D
LIBS =3D -lpgcommon -lpgport -lxml2 -lssl -lcrypto -lz -lreadline -lrt
-lcrypt -ldl -lm
VERSION =3D PostgreSQL 9.6devel


Thom

Re: Server crash with certain encodings

From
Tom Lane
Date:
Thom Brown <thom@linux.com> writes:
> I can crash the server in 9.4, 9.5 and 9.6 when doing the following on
> Linux:

Hm, would you confirm that you get a stack trace like this:

#0  0x000000397ee32625 in raise () from /lib64/libc.so.6
#1  0x000000397ee33e05 in abort () from /lib64/libc.so.6
#2  0x000000397ee70537 in __libc_message () from /lib64/libc.so.6
#3  0x000000397ee75f4e in malloc_printerr () from /lib64/libc.so.6
#4  0x000000397ee78cad in _int_free () from /lib64/libc.so.6
#5  0x000000000076ce70 in free_struct_lconv () at pg_locale.c:394
#6  PGLC_localeconv () at pg_locale.c:460
#7  0x0000000000717cd5 in cash_in (fcinfo=<value optimized out>) at cash.c:112

Looks like we're getting confused about allocation/freeing of lconv
data --- I've not dug into it more closely than to reproduce the crash.

Aside from that, though, it's not really clear to me that it's sensible to
allow an lc_monetary (or lc_anything) setting that specifies an encoding
different from the database encoding.  Should your example have failed at
the SET lc_monetary step?  If not, what would you expect that to mean?

            regards, tom lane

Re: Server crash with certain encodings

From
Thom Brown
Date:
On 29 February 2016 at 03:31, Tom Lane <tgl@sss.pgh.pa.us> wrote:

> Thom Brown <thom@linux.com> writes:
> > I can crash the server in 9.4, 9.5 and 9.6 when doing the following on
> > Linux:
>
> Hm, would you confirm that you get a stack trace like this:
>
> #0  0x000000397ee32625 in raise () from /lib64/libc.so.6
> #1  0x000000397ee33e05 in abort () from /lib64/libc.so.6
> #2  0x000000397ee70537 in __libc_message () from /lib64/libc.so.6
> #3  0x000000397ee75f4e in malloc_printerr () from /lib64/libc.so.6
> #4  0x000000397ee78cad in _int_free () from /lib64/libc.so.6
> #5  0x000000000076ce70 in free_struct_lconv () at pg_locale.c:394
> #6  PGLC_localeconv () at pg_locale.c:460
> #7  0x0000000000717cd5 in cash_in (fcinfo=<value optimized out>) at
> cash.c:112
>

Yes, I get a similar stack trace:

#0  0x00007ffd8ff7f1d5 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffd8ff82388 in __GI_abort () at abort.c:90
#2  0x00007ffd8ffba7bb in __libc_message (do_abort=do_abort@entry=2,
fmt=fmt@entry=0x7ffd900b7368 "*** Error in `%s': %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:199
#3  0x00007ffd8ffc4a16 in malloc_printerr (action=3, str=0x7ffd900b330a
"free(): invalid pointer", ptr=<optimized out>) at malloc.c:4923
#4  0x00007ffd8ffc5793 in _int_free (av=<optimized out>, p=0x7ffd8eb98245,
have_lock=0) at malloc.c:3779
#5  0x000000000085fd27 in free_struct_lconv (s=s@entry=0xfb6d00
<CurrentLocaleConv.10495>) at pg_locale.c:394
#6  0x000000000086063a in PGLC_localeconv () at pg_locale.c:460
#7  0x00000000007e72eb in cash_in (fcinfo=<optimized out>) at cash.c:112



> Looks like we're getting confused about allocation/freeing of lconv
> data --- I've not dug into it more closely than to reproduce the crash.
>
> Aside from that, though, it's not really clear to me that it's sensible to
> allow an lc_monetary (or lc_anything) setting that specifies an encoding
> different from the database encoding.  Should your example have failed at
> the SET lc_monetary step?  If not, what would you expect that to mean?
>

It's utter nonsense.  I was playing around with locales, encodings and
things of that ilk.  So yes, it probably should complain about what I set
lc_monetary to in this case.

Thom