Postgres Pro
Downloads
Home   >   mailing lists

Re: [BUGS] Bus error in formatting.c NUM_numpart_to_char (9.4.12, 9.6.3, sparc) - Mailing list pgsql-bugs

From Tom Turelinckx
Subject Re: [BUGS] Bus error in formatting.c NUM_numpart_to_char (9.4.12, 9.6.3, sparc)
Date
Msg-id 001501d2eb78$e52a8e60$af7fab20$@turelinckx.be
Whole thread Raw
In response to Re: [BUGS] Bus error in formatting.c NUM_numpart_to_char (9.4.12, 9.6.3, sparc)  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: [BUGS] Bus error in formatting.c NUM_numpart_to_char (9.4.12, 9.6.3, sparc)  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-bugs
Tree view 
Tom Lane wrote:

> Anyway, find those annotation(s) and send us all the text for that area and maybe a few dozen lines on either side.

Summary for the current issue, against 9.4.12.

Clean pgdg 9.4.12 fails:

regression.out:
    numeric                  ... FAILED (test process exited with exit code 2)

regression.diffs:
 SELECT '' AS to_char_6,  to_char(val, 'FMS9999999999999999.999999999999999')    FROM num_data;
! server closed the connection unexpectedly
!       This probably means the server terminated abnormally
!       before or while processing the request.
! connection to server was lost

postmaster.log:

LOG:  server process (PID 15999) was terminated by signal 10: Bus error
DETAIL:  Failed process was running: SELECT '' AS to_char_6,  to_char(val, 'FMS9999999999999999.999999999999999')
FROMnum_data; 

Crash location:

Reading symbols from /home/turelto/src/original/postgresql-9.4-9.4.12/build/src/backend/postgres...done.
[New LWP 15999]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/sparc-linux-gnu/libthread_db.so.1".
Core was generated by `postgres: turelto regression [local] SELECT                                   '.
Program terminated with signal 10, Bus error.
#0  NUM_numpart_to_char (id=3, Np=0xff852a34)   at
/home/turelto/src/original/postgresql-9.4-9.4.12/build/../src/backend/utils/adt/formatting.c:4419
4419                            if (Np->Num->lsign == NUM_LSIGN_PRE)
(gdb) l
4414                    (Np->num_curr >= Np->out_pre_spaces || (IS_ZERO(Np->Num) && Np->Num->zero_start ==
Np->num_curr))&& 
4415                    (IS_PREDEC_SPACE(Np) == FALSE || (Np->last_relevant && *Np->last_relevant == '.')))
4416            {
4417                    if (IS_LSIGN(Np->Num))
4418                    {
4419                            if (Np->Num->lsign == NUM_LSIGN_PRE)
4420                            {
4421                                    if (Np->sign == '-')
4422                                            strcpy(Np->inout_p, Np->L_negative_sign);
4423                                    else
(gdb)

Assembly snippet attached as "original-9.4.12-snippet.s" from file generated with:

gcc -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute
-Wformat-security-fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -g -O2 -fstack-protector
--param=ssp-buffer-size=4-Wformat -Werror=format-security -I/usr/include/mit-krb5  -DLINUX_OOM_SCORE_ADJ=0
-I../../../../src/include-I/home/turelto/src/original/postgresql-9.4-9.4.12/build/../src/include -D_FORTIFY_SOURCE=2
-D_GNU_SOURCE-I/usr/include/libxml2  -I/usr/include/tcl8.5  -S
/home/turelto/src/original/postgresql-9.4-9.4.12/build/../src/backend/utils/adt/formatting.c



Patched pgdg 9.4.12 passes all tests.

Applied patch attached as "patch" (reverts commit 20f870f):

Index: postgresql-9.4-9.4.12/src/backend/utils/adt/formatting.c
===================================================================
--- postgresql-9.4-9.4.12.orig/src/backend/utils/adt/formatting.c    2017-05-08 23:19:04.000000000 +0200
+++ postgresql-9.4-9.4.12/src/backend/utils/adt/formatting.c    2017-06-22 09:20:17.000000000 +0200
@@ -4173,12 +4173,12 @@         (id == NUM_0 || id == NUM_9) ? "NUM_0/9" : id == NUM_DEC ? "NUM_DEC" : "???");#endif
+    if (*Np->inout_p == ' ')
+        Np->inout_p++;
+#define OVERLOAD_TEST    (Np->inout_p >= Np->inout + input_len)#define AMOUNT_TEST(_s)
(input_len-(Np->inout_p-Np->inout)>= _s) 
-    if (OVERLOAD_TEST)
-        return;
-    if (*Np->inout_p == ' ')        Np->inout_p++;
@@ -4316,7 +4316,7 @@         * next char is not digit         */        if (IS_LSIGN(Np->Num) && isread &&
-            (Np->inout_p + 1) < Np->inout + input_len &&
+            (Np->inout_p + 1) <= Np->inout + input_len &&            !isdigit((unsigned char) *(Np->inout_p + 1)))
  {            int            x; 

Assembly snippet attached as "patched-9.4.12-snippet.s" from file generated with:

gcc -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute
-Wformat-security-fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -g -O2 -fstack-protector
--param=ssp-buffer-size=4-Wformat -Werror=format-security -I/usr/include/mit-krb5  -DLINUX_OOM_SCORE_ADJ=0
-I../../../../src/include-I/home/turelto/src/tmp/postgresql-9.4-9.4.12/build/../src/include -D_FORTIFY_SOURCE=2
-D_GNU_SOURCE-I/usr/include/libxml2  -I/usr/include/tcl8.5  -S
/home/turelto/src/tmp/postgresql-9.4-9.4.12/build/../src/backend/utils/adt/formatting.c

The line number where the crash is being reported before patching (4419) doesn't change after patching, and occurs in
onlyone ".loc" annotation, before and after patching. 

I will try to do the same for the issue from last year, replying to that thread.

Best regards,
Tom Turelinckx


-- 
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: [BUGS] Bus error in formatting.c NUM_numpart_to_char (9.4.12, 9.6.3, sparc)
Next
From: Alvaro Herrera
Date:
Subject: Re: [BUGS] Beta 10 parser error for CREATE STATISTICS IF NOT EXISTS