Open shiponcs opened 1 month ago
alyssawilk
commented
1 month ago Thanks for running this by Envoy security before (with approval) posting in the clear
@fabriziomello @cpakulski can you take a look? I don't think we should necessarily roll back an Envoy build config change based on a broken contrib extension
cpakulski
commented
1 month ago Thanks for reporting it. I will try to repro the crash to find the cause.
I don't think we should necessarily roll back an Envoy build config change based on a broken contrib extension.
I agree. I think that the build config probably just exposes the problem but is not the cause of the crash.
fabriziomello
commented
1 month ago @cpakulski Long time since I ran this regression tests https://github.com/fabriziomello/envoy-postgres-regression. It requires some reworking to work properly again and don't need to waste resources building Envoy.
One naive question, those -dev docker images are a kind of nightly-builds?
cpakulski
commented
1 month ago @fabriziomello I think that this is what you are looking for: https://hub.docker.com/layers/envoyproxy/envoy/contrib-debug-dev/images/sha256-770fe2414e700156673389677dedca96133fb7b69cb2d9a222253e15fd25b11f?context=explore
github-actions[bot]
commented
2 weeks ago This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
cpakulski
commented
2 weeks ago I am still planning to investigate the cause.
caoyukun0430
commented
1 week ago We also reported similar segmentation fault issue recently, any update on the cause? Thanks a lot!
cpakulski
commented
1 week ago It is under investigation. I am building test bed.
caoyukun0430
commented
1 week ago It is under investigation. I am building test bed.
Hi @cpakulski thank you very much for taking the effort to debug it! Have you managed to reproduce the issue? Please let us know if anything useful is needed, e.g. we can try to reproduce from our side and provide the proper backtrace and coredump if they can help to speed up the debugging.
cpakulski
commented
1 week ago @caoyukun0430 . Yes I just managed to repro it. The crash is related to external sql parsing library. If you do not care about parsing SQL statements add the following line into your config to mitigate :
- name: envoy.filters.network.postgres_proxy
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy
stat_prefix: egress_pg
enable_sql_parsing: false <-- Add this line
If you do care about parsing SQL statements, you need to wait until I fix it in sqlparser library.
Parsing is required only if you want to create a metadata and later on do something based on that metadata, like feed it into RBAC. Otherwise you do not need it.
Title: Envoy Crash during pgbench test
Description: We have run pgbench to test postgres server proxied by Envoy. During the test Envoy crashed with the following log:
Testing scope: Envoy configuration: https://gist.github.com/shiponcs/600fff61cddba5911bc3b9e538a4fc8c pgbench command:
pgbench -h localhost -p 50815 -U postgres -c 50 -j 1 -T 00 exampleRelevant: We have tried to find the reason; by running git bisect we discovered that, this commit is causing the crash. If we get rid of the changes introduced in the commit, the issue gets resolved.