Bug Report: PostgreSQL 16 crashes on ALTER USER CURRENT_USER WITH PASSWORD
Summary
PostgreSQL server crashes with a segmentation fault when executing ALTER
USER CURRENT_USER WITH PASSWORD in PostgreSQL 16.10 and 16.11. The crash
results in immediate termination of the backend process and forces a full
instance restart.
------------------------------
Affected Versions
-
PostgreSQL 16.10
-
PostgreSQL 16.11
Issue reproduced consistently on both versions.
------------------------------
Environment
-
OS: Linux (RHEL 9–compatible)
-
Architecture: x86_64
-
Build: Official PostgreSQL packages
-
Authentication: SCRAM-SHA-256
-
Crash observed on primary instance (not hot standby)
(Exact OS/kernel/compiler details can be provided if required.)
------------------------------
Steps to Reproduce
1.
Connect to PostgreSQL as a regular role (non-superuser):
psql -U test_user -d testdb
2.
Execute the following command:
ALTER USER CURRENT_USER WITH PASSWORD 'new_password';
------------------------------
Expected Result
The password of the current user should be updated successfully, equivalent
to:
ALTER USER test_user WITH PASSWORD 'new_password';
------------------------------
Actual Result
PostgreSQL backend process crashes with *SIGSEGV (signal 11)*.
The entire PostgreSQL instance is terminated and automatically restarted.
------------------------------
Server Log Output
LOG: server process (PID 118262) was terminated by signal 11:
Segmentation fault
DETAIL: Failed process was running: ALTER USER CURRENT_USER WITH
PASSWORD 'xxxxxxxx'LOG: terminating any other active server
processesLOG: all server processes terminated; reinitializing
------------------------------
Frequency
-
Reproducible 100% of the time
-
Occurs immediately upon execution of the statement
------------------------------
Additional Notes
-
The issue *does not occur* when specifying the role name explicitly:
ALTER USER test_user WITH PASSWORD 'new_password';
-
The crash appears to be specifically related to the use of CURRENT_USER
as the role specification.
Impact
-
Any user executing this statement can crash the entire PostgreSQL
instance.
-
Presents a potential denial-of-service risk in multi-tenant environments.
hi,
On 2026-01-06 14:58:52 +0100, Andrii wrote:
PostgreSQL server crashes with a segmentation fault when executing ALTER
USER CURRENT_USER WITH PASSWORD in PostgreSQL 16.10 and 16.11. The crash
results in immediate termination of the backend process and forces a full
instance restart.
Steps to Reproduce
1.
Connect to PostgreSQL as a regular role (non-superuser):
psql -U test_user -d testdb
2.
Execute the following command:
ALTER USER CURRENT_USER WITH PASSWORD 'new_password';
I can't reproduce that. Is it possible that you have some extensions loaded
that that are hooking into the command? What is your shared_preload_libraries
set to?
Greetings,
Andres Freund
Hi
On Wed, Jan 7, 2026 at 10:02 PM Andres Freund <andres@anarazel.de> wrote:
I can't reproduce that.
+1
--
Thanks,
Srinath Reddy Sadipiralla
EDB: https://www.enterprisedb.com/
Hello colleagues
this problem reproduced on one instance PostgreSQL 16.10 on
x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0 20240719 (Red Hat
11.5.0-5), 64-bit
with extensions
Name | Version | Schema |
Description
--------------------+---------+------------+-----------------------------------------------------------------------------------
adminpack | 2.1 | pg_catalog | administrative functions for
PostgreSQL
amcheck | 1.3 | public | functions for verifying
relation integrity
citus | 12.1-1 | pg_catalog | Citus distributed database
citus_columnar | 11.3-1 | pg_catalog | Citus Columnar extension
credcheck | 3.0.0 | public | credcheck - postgresql plain
text credential checker
dblink | 1.2 | public | connect to other PostgreSQL
databases from within a database
file_fdw | 1.0 | public | foreign-data wrapper for flat
file access
oracle_fdw | 1.2 | public | foreign data wrapper for
Oracle access
pageinspect | 1.11 | public | inspect the contents of
database pages at a low level
pg_stat_statements | 1.10 | public | track planning and execution
statistics of all SQL statements executed
pgstattuple | 1.5 | public | show tuple-level statistics
plpgsql | 1.0 | pg_catalog | PL/pgSQL procedural language
plpgsql_check | 2.7 | public | extended check for plpgsql
functions
postgres_fdw | 1.1 | public | foreign-data wrapper for
remote PostgreSQL servers
tablefunc | 1.0 | public | functions that manipulate
whole tables, including crosstab
tds_fdw | 2.0.3 | public | Foreign data wrapper for
querying a TDS database (Sybase or Microsoft SQL Server)
uuid-ossp | 1.1 | public | generate universally unique
identifiers (UUIDs)
shared_preload_libraries='citus,pg_stat_statements'
and on other Postgres instance
PostgreSQL 16.10 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0
20240719 (Red Hat 11.5.0-5), 64-bit
with extensions
Name | Version | Schema |
Description
--------------------+---------+------------+-----------------------------------------------------------------------------------
adminpack | 2.1 | pg_catalog | administrative functions for
PostgreSQL
dblink | 1.2 | public | connect to other PostgreSQL
databases from within a database
file_fdw | 1.0 | public | foreign-data wrapper for flat
file access
oracle_fdw | 1.2 | public | foreign data wrapper for
Oracle access
pg_hint_plan | 1.6.0 | hint_plan |
pg_repack | 1.5.2 | public | Reorganize tables in
PostgreSQL databases with minimal locks
pg_stat_monitor | 2.1 | public | The pg_stat_monitor is a
PostgreSQL Query Performance Monitoring tool, based on PostgreSQL contr
pg_stat_statements | 1.10 | public | track planning and execution
statistics of all SQL statements executed
pgsentinel | 1.0 | public | active session history
plpgsql | 1.0 | pg_catalog | PL/pgSQL procedural language
plpgsql_check | 2.7 | public | extended check for plpgsql
functions
postgres_fdw | 1.1 | genesis2 | foreign-data wrapper for
remote PostgreSQL servers
tds_fdw | 2.0.3 | public | Foreign data wrapper for
querying a TDS database (Sybase or Microsoft SQL Server)
shared_preload_libraries='pg_stat_monitor,pg_stat_statements,pgsentinel,pg_squeeze,credcheck'
Best regards,
Andrii
On Wed, Jan 7, 2026 at 5:33 PM Srinath Reddy Sadipiralla <
srinath2133@gmail.com> wrote:
Show quoted text
Hi
On Wed, Jan 7, 2026 at 10:02 PM Andres Freund <andres@anarazel.de> wrote:
I can't reproduce that.
+1
--
Thanks,
Srinath Reddy Sadipiralla
EDB: https://www.enterprisedb.com/
Hi,
On 2026-01-07 22:08:24 +0100, Andrii wrote:
this problem reproduced on one instance PostgreSQL 16.10 on
x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0 20240719 (Red Hat
11.5.0-5), 64-bit
with extensions
Name | Version | Schema |
Description
--------------------+---------+------------+-----------------------------------------------------------------------------------
adminpack | 2.1 | pg_catalog | administrative functions for
PostgreSQL
amcheck | 1.3 | public | functions for verifying
relation integrity
citus | 12.1-1 | pg_catalog | Citus distributed database
citus_columnar | 11.3-1 | pg_catalog | Citus Columnar extension
credcheck | 3.0.0 | public | credcheck - postgresql plain
text credential checker
dblink | 1.2 | public | connect to other PostgreSQL
databases from within a database
file_fdw | 1.0 | public | foreign-data wrapper for flat
file access
oracle_fdw | 1.2 | public | foreign data wrapper for
Oracle access
pageinspect | 1.11 | public | inspect the contents of
database pages at a low level
pg_stat_statements | 1.10 | public | track planning and execution
statistics of all SQL statements executed
pgstattuple | 1.5 | public | show tuple-level statistics
plpgsql | 1.0 | pg_catalog | PL/pgSQL procedural language
plpgsql_check | 2.7 | public | extended check for plpgsql
functions
postgres_fdw | 1.1 | public | foreign-data wrapper for
remote PostgreSQL servers
tablefunc | 1.0 | public | functions that manipulate
whole tables, including crosstab
tds_fdw | 2.0.3 | public | Foreign data wrapper for
querying a TDS database (Sybase or Microsoft SQL Server)
uuid-ossp | 1.1 | public | generate universally unique
identifiers (UUIDs)shared_preload_libraries='citus,pg_stat_statements'
and on other Postgres instance
PostgreSQL 16.10 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 11.5.0
20240719 (Red Hat 11.5.0-5), 64-bit
with extensions
Name | Version | Schema |
Description
--------------------+---------+------------+-----------------------------------------------------------------------------------
adminpack | 2.1 | pg_catalog | administrative functions for
PostgreSQL
dblink | 1.2 | public | connect to other PostgreSQL
databases from within a database
file_fdw | 1.0 | public | foreign-data wrapper for flat
file access
oracle_fdw | 1.2 | public | foreign data wrapper for
Oracle access
pg_hint_plan | 1.6.0 | hint_plan |
pg_repack | 1.5.2 | public | Reorganize tables in
PostgreSQL databases with minimal locks
pg_stat_monitor | 2.1 | public | The pg_stat_monitor is a
PostgreSQL Query Performance Monitoring tool, based on PostgreSQL contr
pg_stat_statements | 1.10 | public | track planning and execution
statistics of all SQL statements executed
pgsentinel | 1.0 | public | active session history
plpgsql | 1.0 | pg_catalog | PL/pgSQL procedural language
plpgsql_check | 2.7 | public | extended check for plpgsql
functions
postgres_fdw | 1.1 | genesis2 | foreign-data wrapper for
remote PostgreSQL servers
tds_fdw | 2.0.3 | public | Foreign data wrapper for
querying a TDS database (Sybase or Microsoft SQL Server)shared_preload_libraries='pg_stat_monitor,pg_stat_statements,pgsentinel,pg_squeeze,credcheck'
I'd suggest you look at getting a core dump, to see where the crash actually
is:
https://wiki.postgresql.org/wiki/Getting_a_stack_trace_of_a_running_PostgreSQL_backend_on_Linux/BSD
I'd also suggest trying it without a) libraries in shared_preload_libraries b)
all those extensions installed (e.g. by testing in a newly created database).
Greetings,
Andres Freund
Le 06/01/2026 à 14:58, Andrii a écrit :
Summary
PostgreSQL server crashes with a segmentation fault when executing
|ALTER USER CURRENT_USER WITH PASSWORD| in PostgreSQL 16.10 and 16.11.
The crash results in immediate termination of the backend process and
forces a full instance restart.
Hi Andril,
I think the problem might comes from the credcheck extension. Please
upgrade to version 4.3 of credcheck. Several possible crash have fixed
since v3.0.
Best regards.
--
Gilles Darold
Hi Gilles,
So it seems this bug is related to the credcheck extension, updating
credcheck to the latest version 4.3.0 did not help,
when removing credcheck extension from the shared_preload_libraries
parameter the bug disappears.
I will open a bug request on github for credcheck.
Thank you all very much for your help.
On Thu, Jan 8, 2026 at 5:45 AM Gilles Darold <gilles@darold.net> wrote:
Show quoted text
Le 06/01/2026 à 14:58, Andrii a écrit :
Summary
PostgreSQL server crashes with a segmentation fault when executing ALTER
USER CURRENT_USER WITH PASSWORD in PostgreSQL 16.10 and 16.11. The crash
results in immediate termination of the backend process and forces a full
instance restart.Hi Andril,
I think the problem might comes from the credcheck extension. Please
upgrade to version 4.3 of credcheck. Several possible crash have fixed
since v3.0.Best regards.
--
Gilles Darold