Thread: [bug fix] ECPG app crashes due to SIGBUS on SPARC Solaris
Hello,
I encountered a bug of ECPG with PG 9.2.4, which probably exists in all
releases. The attached patch is for 9.4. Could you review and backport
this to at least 9.2 and later?
[Problem]
The attached ECPG app crashes and dumps core with SIGBUS on Solaris for
SPARC. I used Solaris 10, and Oracle Studio to compile the app for 64-bit
build. The same app completes successfully on Linux and Windows for
x86/x564.
The steps to reproduce the problem is:
1. ecpg sigbus.pgc
2. cc -xtarget=generic64 -I<pgsql_dir>/include
sigbus.c -L<pgsql_dir>/lib -lecpg
3. a.out
When execting FETCH statement using an SQL descriptor, the app crashes at
the following line in ECPGdo(), which is in
src/interfaces/ecpg/ecpglib/execute.c:
var->value = *((char **) (var->pointer));
[Cause]
ecpg outputs the following line in the preprocessed source file:
{ ECPGdo(__LINE__, 0, 1, NULL, 0, ECPGst_normal, "fetch $0",
ECPGt_char,(cur),(long)4,(long)1,(4)*sizeof(char),
ECPGt_NO_INDICATOR, NULL , 0L, 0L, 0L, ECPGt_EOIT,
ECPGt_descriptor, (desc1), 0L, 0L, 0L,
ECPGt_NO_INDICATOR, NULL , 0L, 0L, 0L, ECPGt_EORT);}
So, the above line is executed in ECPGdo(). On the other hand, desc1 is not
aligned on 8-byte boundary. This unaligned access causes SIGBUS.
[Fix]
Because desc1 is a char array, else block should be executed instead of the
above path.
var->value = var->pointer;
Therefore, make ecpg pass SQL descriptor host variables to ECPGdo() with
non-zero lengths.
Regards
MauMau
Attachment
<div class="moz-cite-prefix">2013-12-24 13:55 keltezéssel, MauMau írta:<br /></div><blockquote
cite="mid:549B5DA0D5354DFE9787D73B07D5BFC1@maumau"type="cite">Hello, <br /><br /> I encountered a bug of ECPG with PG
9.2.4,which probably exists in all releases. The attached patch is for 9.4. Could you review and backport this to at
least9.2 and later? <br /><br /><br /> [Problem] <br /> The attached ECPG app</blockquote><br /> The app wasn't
attached,only the patch.<br /> If this is a small test app, it can also be a part of the patch in the form of a
regressiontest.<br /><br /><blockquote cite="mid:549B5DA0D5354DFE9787D73B07D5BFC1@maumau" type="cite"> crashes and
dumpscore with SIGBUS on Solaris for SPARC. I used Solaris 10, and Oracle Studio to compile the app for 64-bit build.
Thesame app completes successfully on Linux and Windows for x86/x564. <br /><br /> The steps to reproduce the problem
is:<br /> 1. ecpg sigbus.pgc <br /> 2. cc -xtarget=generic64 -I<pgsql_dir>/include sigbus.c
-L<pgsql_dir>/lib-lecpg <br /> 3. a.out <br /><br /> When execting FETCH statement using an SQL descriptor, the
appcrashes at the following line in ECPGdo(), which is in src/interfaces/ecpg/ecpglib/execute.c: <br /><br />
var->value= *((char **) (var->pointer)); <br /><br /><br /> [Cause] <br /> ecpg outputs the following line in the
preprocessedsource file: <br /><br /> { ECPGdo(__LINE__, 0, 1, NULL, 0, ECPGst_normal, "fetch $0", <br />
ECPGt_char,(cur),(long)4,(long)1,(4)*sizeof(char),<br /> ECPGt_NO_INDICATOR, NULL , 0L, 0L, 0L, ECPGt_EOIT, <br />
ECPGt_descriptor,(desc1), 0L, 0L, 0L, <br /> ECPGt_NO_INDICATOR, NULL , 0L, 0L, 0L, ECPGt_EORT);} <br /><br /> So, the
aboveline is executed in ECPGdo(). On the other hand, desc1 is not aligned on 8-byte boundary. This unaligned access
causesSIGBUS. <br /><br /><br /> [Fix] <br /> Because desc1 is a char array, else block should be executed instead of
theabove path. <br /><br /> var->value = var->pointer; <br /><br /> Therefore, make ecpg pass SQL descriptor
hostvariables to ECPGdo() with non-zero lengths. <br /><br /><br /> Regards <br /> MauMau <br /><br /><fieldset
class="mimeAttachmentHeader"></fieldset><br/><pre wrap="">
</pre></blockquote><br /><br /><pre class="moz-signature" cols="90">--
----------------------------------
Zoltán Böszörményi
Cybertec Schönig & Schönig GmbH
Gröhrmühlgasse 26
A-2700 Wiener Neustadt, Austria
Web: <a class="moz-txt-link-freetext" href="http://www.postgresql-support.de">http://www.postgresql-support.de</a>
<aclass="moz-txt-link-freetext" href="http://www.postgresql.at/">http://www.postgresql.at/</a>
</pre>
From: "Boszormenyi Zoltan" <zb@cybertec.at> > The app wasn't attached, only the patch. > If this is a small test app, it can also be a part of the patch in the > form of a > regression test. Sorry, attached. Thank you for pointing it out. Regards MauMau
Attachment
On Tue, Dec 24, 2013 at 09:55:45PM +0900, MauMau wrote: > The attached ECPG app crashes and dumps core with SIGBUS on Solaris > for SPARC. I used Solaris 10, and Oracle Studio to compile the app > for 64-bit build. The same app completes successfully on Linux and > Windows for x86/x564. What happens to the regression test suite on your system? There are test cases that access a descriptor in a similar way I think. > Because desc1 is a char array, else block should be executed instead > of the above path. > Therefore, make ecpg pass SQL descriptor host variables to ECPGdo() > with non-zero lengths. How did you decide which values to put in? I fail to see a reason for choosing exactly these values. Mkichael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
From: "Michael Meskes" <meskes@postgresql.org> > What happens to the regression test suite on your system? There are test > cases > that access a descriptor in a similar way I think. OK, I'll run the ECPG regression test on Solaris without the patch. Please wait until Jan 6 2014 or so, because we've just entered new year holidays here in Japan. > How did you decide which values to put in? I fail to see a reason for > choosing > exactly these values. Yes, the value is arbitrary except it should be non-zero so that ECPGdo() can execute the else block. And the lengths here are irrelevant to the actual processing. I thought the original 0 was chosen arbitrarily and I could do so too. If I can do better, please let me know that. Regards MauMau
On Sat, Dec 28, 2013 at 08:04:09AM +0900, MauMau wrote: > OK, I'll run the ECPG regression test on Solaris without the patch. > Please wait until Jan 6 2014 or so, because we've just entered new > year holidays here in Japan. Sure, we're no in a particular hurry. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
From: "Michael Meskes" <meskes@postgresql.org> > On Sat, Dec 28, 2013 at 08:04:09AM +0900, MauMau wrote: >> OK, I'll run the ECPG regression test on Solaris without the patch. >> Please wait until Jan 6 2014 or so, because we've just entered new >> year holidays here in Japan. > > Sure, we're no in a particular hurry. I ran the ECPG regression test with the unpatched 64-bit PostgreSQL 9.2.4 on SPARC Solaris, and it succeeded (all 54 tests passed). For information, I did as follows: configure --prefix=... CC='<Oracle_Studio_HOME>/bin/cc -xtarget=generic64' ... gmake gmake install initdb -E UTF8 --no-locale pg_ctl start cd postgresql-9.2.4/src/interfaces/ecpg gmake check I guess that's that's because the regression test doesn't have a test case which specifies SQL descriptor name with a host variable. Regards MauMau
On Sun, Jan 05, 2014 at 03:42:42PM +0900, MauMau wrote: > I ran the ECPG regression test with the unpatched 64-bit PostgreSQL > 9.2.4 on SPARC Solaris, and it succeeded (all 54 tests passed). For > ... Thanks a lot. Patch applied to HEAD and all the backbranches. Will push shortly. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL