Hello,
I just tried to get some more information from the
second dmesg line the submitter added.
I think it crashed inside function getmissingattr because
tupleDesc->constr contains an invalid pointer e.g. -1
Maybe this is of any help, but still a proper
backtrace or core would be better.
Kind regards,
Bernhard
0x00005...a06 in getmissingattr at
./build/../src/backend/access/common/heaptuple.c:101
heaptuple.c:
...
84 getmissingattr(TupleDesc tupleDesc,
...
99 Assert(tupleDesc->constr->missing);
100
101 attrmiss = tupleDesc->constr->missing + (attnum - 1);
102
103 if (attrmiss->am_present)
...
https://sources.debian.org/src/postgresql-11/11.7-0+deb10u1/src/backend/access/common/heaptuple.c/#L101
dmesg from submitter:
[ 77.674822] postgres[879]: segfault at 55ae73423960 ip 00007fd09d6741a7 sp
00007ffc7e247c28 error 4 in libc-2.28.so[7fd09d53a000+148000]
[ 77.680661] Code: f9 20 77 1f c5 fd 74 0f c5 fd d7 c1 85 c0 0f 85 df 00 00
00 48 83 c7 20 83 e1 1f 48 83 e7 e0 eb 36 66 90 83 e1 1f 48 83 e7 e0 <c5> fd 74
0f c5 fd d7 c1 d3 f8 85 c0 74 1b f3 0f bc c0 48 01 f8 48
[ 77.690252] postgres[884]: segfault at f ip 000055ae597d1a06 sp
00007ffc7e2474c0 error 4 in postgres[55ae597c5000+465000]
[ 77.695474] Code: 83 c7 70 48 8d 48 01 49 39 c1 0f 84 04 01 00 00 48 89 c8
80 bf 81 00 00 00 00 74 d8 4c 8b 5e 18 48 89 c1 48 c1 e1 04 4c 01 c1 <49> 03 4b
10 80 39 00 74 c1 41 c6 04 02 00 48 8b 49 08 eb bd 66 0f
--> "error 4": no page found, read access, user-mode access
# Buster/stable amd64 qemu VM 2020-03-20
apt update
apt dist-upgrade
apt install systemd-coredump gdb postgresql postgresql-11-dbgsym
# dpkg -l | grep postgres
ii postgresql 11+200+deb10u3 all
object-relational SQL database (supported version)
ii postgresql-11 11.7-0+deb10u1 amd64
object-relational SQL database, version 11 server
ii postgresql-11-dbgsym 11.7-0+deb10u1 amd64
debug symbols for postgresql-11
ii postgresql-client-11 11.7-0+deb10u1 amd64
front-end programs for PostgreSQL 11
ii postgresql-client-common 200+deb10u3 all
manager for multiple PostgreSQL client versions
ii postgresql-common 200+deb10u3 all
PostgreSQL database-cluster manager
gdb -q
set width 0
set pagination off
file /usr/lib/postgresql/11/bin/postgres
b main
run
dele 1
generate-core-file /tmp/core
kill
y
q
# https://wiki.debian.org/InterpretingKernelOutputAtProcessCrash
gdb -q
set width 0
set pagination off
file /usr/lib/postgresql/11/bin/postgres
core /tmp/core
info target
...
Local exec file:
`/usr/lib/postgresql/11/bin/postgres', file type elf64-x86-64.
Entry point: 0x55555560ae40
...
0x0000555555609d30 - 0x0000555555a6c25e is .text
...
echo -n "find /b ..., ..., 0x" && \
echo "83 c7 70 48 8d 48 01 49 39 c1 0f 84 04 01 00 00 48 89 c8 80 bf 81 00 00
00 00 74 d8 4c 8b 5e 18 48 89 c1 48 c1 e1 04 4c 01 c1 <49> 03 4b 10 80 39 00 74
c1 41 c6 04 02 00 48 8b 49 08 eb bd 66 0f" \
| sed 's/[<>]//g' | sed 's/ /, 0x/g'
(gdb) find /b 0x0000555555609d30, 0x0000555555a6c25e, 0x83, 0xc7, 0x70, 0x48,
0x8d, 0x48, 0x01, 0x49, 0x39, 0xc1, 0x0f, 0x84, 0x04, 0x01, 0x00, 0x00, 0x48,
0x89, 0xc8, 0x80, 0xbf, 0x81, 0x00, 0x00, 0x00, 0x00, 0x74, 0xd8, 0x4c, 0x8b,
0x5e, 0x18, 0x48, 0x89, 0xc1, 0x48, 0xc1, 0xe1, 0x04, 0x4c, 0x01, 0xc1, 0x49,
0x03, 0x4b, 0x10, 0x80, 0x39, 0x00, 0x74, 0xc1, 0x41, 0xc6, 0x04, 0x02, 0x00,
0x48, 0x8b, 0x49, 0x08, 0xeb, 0xbd, 0x66, 0x0f
0x5555556149dc <heap_deform_tuple+540>
1 pattern found.
(gdb) b * (0x5555556149dc + 42)
Breakpoint 1 at 0x555555614a06: file
./build/../src/backend/access/common/heaptuple.c, line 101.
(gdb) info b
Num Type Disp Enb Address What
1 breakpoint keep y 0x0000555555614a06 in getmissingattr at
./build/../src/backend/access/common/heaptuple.c:101
(gdb) disassemble /r heap_deform_tuple
Dump of assembler code for function heap_deform_tuple:
0x00005555556147c0 <+0>: 55 push %rbp
...
0x00005555556149db <+539>: 48 83 c7 70 add $0x70,%rdi
0x00005555556149df <+543>: 48 8d 48 01 lea 0x1(%rax),%rcx
0x00005555556149e3 <+547>: 49 39 c1 cmp %rax,%r9
0x00005555556149e6 <+550>: 0f 84 04 01 00 00 je 0x555555614af0
<heap_deform_tuple+816>
0x00005555556149ec <+556>: 48 89 c8 mov %rcx,%rax
0x00005555556149ef <+559>: 80 bf 81 00 00 00 00 cmpb $0x0,0x81(%rdi)
0x00005555556149f6 <+566>: 74 d8 je 0x5555556149d0
<heap_deform_tuple+528>
0x00005555556149f8 <+568>: 4c 8b 5e 18 mov 0x18(%rsi),%r11
0x00005555556149fc <+572>: 48 89 c1 mov %rax,%rcx
0x00005555556149ff <+575>: 48 c1 e1 04 shl $0x4,%rcx
0x0000555555614a03 <+579>: 4c 01 c1 add %r8,%rcx
0x0000555555614a06 <+582>: 49 03 4b 10 add 0x10(%r11),%rcx
<<<<<<<<<<
0x0000555555614a0a <+586>: 80 39 00 cmpb $0x0,(%rcx)
0x0000555555614a0d <+589>: 74 c1 je 0x5555556149d0
<heap_deform_tuple+528>
0x0000555555614a0f <+591>: 41 c6 04 02 00 movb
$0x0,(%r10,%rax,1)
0x0000555555614a14 <+596>: 48 8b 49 08 mov 0x8(%rcx),%rcx
0x0000555555614a18 <+600>: eb bd jmp 0x5555556149d7
<heap_deform_tuple+535>
0x0000555555614a1a <+602>: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
...
End of assembler dump.
heaptuple.c:
...
84 getmissingattr(TupleDesc tupleDesc,
...
99 Assert(tupleDesc->constr->missing);
100
101 attrmiss = tupleDesc->constr->missing + (attnum - 1);
102
103 if (attrmiss->am_present)
...
(gdb) ptype /o TupleDesc
type = struct tupleDesc {
/* 0 | 4 */ int natts;
/* 4 | 4 */ Oid tdtypeid;
/* 8 | 4 */ int32 tdtypmod;
/* 12 | 1 */ _Bool tdhasoid;
/* XXX 3-byte hole */
/* 16 | 4 */ int tdrefcount;
/* XXX 4-byte hole */
/* 24 | 8 */ TupleConstr *constr; <<<<<< 0n24 ==
0x18
/* 32 | 0 */ FormData_pg_attribute attrs[];
/* total size (bytes): 32 */
} *
(gdb) ptype /o TupleConstr
type = struct tupleConstr {
/* 0 | 8 */ AttrDefault *defval;
/* 8 | 8 */ ConstrCheck *check;
/* 16 | 8 */ MissingPtr missing; <<<<<< 0n16 ==
0x10
/* 24 | 2 */ uint16 num_defval;
/* 26 | 2 */ uint16 num_check;
/* 28 | 1 */ _Bool has_not_null;
/* XXX 3-byte padding */
/* total size (bytes): 32 */
}
https://sources.debian.org/src/postgresql-11/11.7-0+deb10u1/src/backend/access/common/heaptuple.c/#L101
--> Does tupleDesc->constr contain an invalid pointer? Maybe a -1 --> +0x10 -->
0xf like in the dmesg output?
