[BUGS] SEGV in contrib/array/array_iterator.c
Hi,
I have been looking at the functions in array_iterator.so. So far they have
proved to be very useful. However, I have manage to find a very serious bug
where the array_iterator() function causes some very bad stack corruption.
The stack corruption appears to be caused because pointer datums are not
checked for NULL before use.
The following SQL will quickly reproduce the problem (assumes contrib/array
stuff has been installed).
CREATE TABLE person (name VARCHAR(255));
CREATE TABLE family (name VARCHAR(255), members VARCHAR(255)[]);
INSERT INTO person VALUES ('bob');
INSERT INTO person VALUES ('bill');
INSERT INTO person VALUES ('jim');
INSERT INTO family VALUES ('Stooges',{"moe","curly","larry"}');
SELECT name FROM family WHERE members *= (SELECT name FROM person WHERE
name='jack');
A quick run through GDB shows that when the subselect does not return any
values the *= operator is called with a NULL value which eventually calls
the array_iterator() function with NULL value==0 which ultimately causes the
segv.
The following patch appears to fix the problem with all supported data types:
Yes, I did verify that int4 and Oid (which can have a 0 value) are not broken.
--- /tmp/postgresql-7.2.1.orig/contrib/array/array_iterator.c
+++ /tmp/postgresql-7.2.1/contrib/array/array_iterator.c
***
*** 46,65
--- 46,71
char *p;
FmgrInfofinfo;
/* Sanity checks */
if (array == (ArrayType *) NULL)
{
/* elog(NOTICE, "array_iterator: array is null"); */
return (0);
}
+ if(value == 0)
+ {
+ /* elog(NOTICE, "array_iterator: value is null"); */
+ return (0);
+ }
+
/* detoast input if necessary */
array = DatumGetArrayTypeP(PointerGetDatum(array));
--
Matt Peterson
Sr. Software Engineer
Caldera, Inc
[EMAIL PROTECTED]
---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
[BUGS] Solaris 8 install of postgres 7.2
I have added the following packages: drwxr-xr-x 4 root other512 Apr 1 14:29 SMCflex drwxr-xr-x 4 root other512 Apr 1 14:29 SMCgtext drwxr-xr-x 4 root other512 Apr 1 14:28 SMCmake drwxr-xr-x 4 root other512 Apr 1 14:28 SMCbison drwxr-xr-x 4 root other512 Apr 1 14:28 SMCgcc drwxr-xr-x 4 root other512 Apr 1 14:28 SMCreadl made a link to the /usr/local/bin/make that I installed to point to gmake lrwxrwxrwx 1 root other 4 Apr 1 11:29 /usr/local/bin/gmake -> make trying to run ./configure with no additional options joep@kndb1:/usr/home/postgres/postgresql-7.2.1$ sudo ./configure Password: loading cache ./config.cache checking host system type... sparc-sun-solaris2.8 checking which template to use... solaris checking whether to build with locale support... no checking whether to build with recode support... no checking whether to build with multibyte character support... no checking whether NLS is wanted... no checking for default port number... 5432 checking for default soft limit on number of connections... 32 checking for gcc... gcc checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking whether we are using GNU C... yes checking whether gcc accepts -g... yes using CFLAGS= checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking for Cygwin environment... no checking for mingw32 environment... no checking for executable suffix... no checking how to run the C preprocessor... gcc -E checking whether gcc needs -traditional... no checking whether to build with Tcl... no checking whether to build with Tk... no checking whether to build Perl modules... no checking whether to build Python modules... no checking whether to build Java/JDBC tools... no checking whether to build with PAM support... no checking whether to build the ODBC driver... no checking whether to build C++ modules... no using CPPFLAGS= using LDFLAGS= checking for mawk... no checking for gawk... no checking for nawk... nawk checking for flex... /usr/local/bin/flex checking whether ln -s works... yes checking for ld used by GCC... /usr/ccs/bin/ld checking if the linker (/usr/ccs/bin/ld) is GNU ld... no checking for ranlib... ranlib checking for lorder... lorder checking for tar... /usr/local/bin/tar checking for bison... bison -y checking for perl... /usr/local/bin/perl checking for readline... no checking for library containing using_history... no checking for main in -lbsd... no checking for setproctitle in -lutil... no checking for main in -lm... yes checking for main in -ldl... yes checking for main in -lsocket... yes checking for main in -lnsl... yes checking for main in -lipc... no checking for main in -lIPC... no checking for main in -llc... no checking for main in -ldld... no checking for main in -lld... no checking for main in -lcompat... no checking for main in -lBSD... no checking for main in -lgen... yes checking for main in -lPW... no checking for main in -lresolv... yes checking for main in -lunix... no checking for library containing crypt... none required checking for __inet_ntoa in -lbind... no checking for inflate in -lz... yes checking for library containing fdatasync... -lrt checking for crypt.h... yes checking for dld.h... no checking for endian.h... no checking for fp_class.h... no checking for getopt.h... no checking for ieeefp.h... yes checking for pwd.h... yes checking for sys/ipc.h... yes checking for sys/pstat.h... no checking for sys/select.h... yes checking for sys/sem.h... yes checking for sys/socket.h... yes checking for sys/shm.h... yes checking for sys/types.h... yes checking for sys/un.h... yes checking for termios.h... yes checking for kernel/OS.h... no checking for kernel/image.h... no checking for SupportDefs.h... no checking for netinet/in.h... yes checking for netinet/tcp.h... yes checking whether string.h and strings.h may both be included... yes checking for readline/readline.h... yes checking for readline/history.h... yes checking for working const... yes checking for inline... inline checking for preprocessor stringizing operator... yes checking for signed types... yes checking for volatile... yes checking whether struct tm is in sys/time.h or time.h... time.h checking for tm_zone in struct tm... no checking for tzname... yes checking for union semun... no checking for struct cmsgcred... no checking for struct fcred... no checking for struct sockcred... no checking for struct sockaddr_un... yes checking for int timezone... yes checking types of arguments for accept()... int, struct sockaddr *, int * checking whether gettimeofday takes only one argument... no checking for 8-bit clean memcmp... no checking for fcvt... yes checking for getopt_long... no checking for memmove... yes checking for pstat... no checking for setproctitle... no checking for setsid... ye
Re: [BUGS] huh!?
Ops.. I've got it, disregard my email - random() generates duplicate values
on 10 long sequence
:-)
sorry.
--
Best Regards,
Vlad Marchenko
- Original Message -
From: "Vlad Marchenko" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 29, 2002 2:18 PM
Subject: huh!?
| Good day. Please reveiew log below.
|
| test=# \d subscribers;
| Table "subscribers"
| Column | Type | Modifiers
| --++--
--
| ---
| sid | bigint | not null default
| nextval('subscribers_sid'::text)
| email| character varying(128) | not null default ''
| domain | character varying(128) | not null default ''
| status | smallint | default 0
| password | character varying(128) | not null default ''
| signup | date | default '2002-01-01'
| name | character varying(128) | default ''
| sex | character varying(1) | default ''
| address | character varying(128) | default ''
| city | character varying(128) | default ''
| state| character varying(2) | default ''
| zip | character varying(16) | not null default ''
| country | character varying(2) | default ''
| phone| character varying(128) | not null default ''
| Indexes: subs_domain_idx
| Primary key: subscribers_pkey
| Unique keys: subscribers_email_key
| Triggers: RI_ConstraintTrigger_63057,
| RI_ConstraintTrigger_63063,
| RI_ConstraintTrigger_63069,
| RI_ConstraintTrigger_63161,
| RI_ConstraintTrigger_63163
|
| test=# select count(*) from subscribers;
| count
| ---
| 96856
| (1 row)
|
| test=# select * from subscribers where email~'domain4';
| sid | email | domain | status | password | signup | name | sex | address
|
| city | state | zip | country | phone
| -+---+++--++--+-+-
+-
| -+---+-+-+---
| (0 rows)
|
| test=# INSERT INTO subscribers(email) SELECT (random()||'@domain4.com')
from
| subscribers;
| ERROR: Cannot insert a duplicate key into unique index
| subscribers_email_key
| test=#
|
|
| I assume that this is because of pure transaction data isolation?
|
| ---
| Best Regards,
|
| Vlad Marchenko
|
| ---
| TrackingSoft LLC
| http://trackingsoft.com/ http://affiliatetracking.net/
|
---(end of broadcast)---
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
[BUGS] huh!?
Good day. Please reveiew log below.
test=# \d subscribers;
Table "subscribers"
Column | Type | Modifiers
--++
---
sid | bigint | not null default
nextval('subscribers_sid'::text)
email| character varying(128) | not null default ''
domain | character varying(128) | not null default ''
status | smallint | default 0
password | character varying(128) | not null default ''
signup | date | default '2002-01-01'
name | character varying(128) | default ''
sex | character varying(1) | default ''
address | character varying(128) | default ''
city | character varying(128) | default ''
state| character varying(2) | default ''
zip | character varying(16) | not null default ''
country | character varying(2) | default ''
phone| character varying(128) | not null default ''
Indexes: subs_domain_idx
Primary key: subscribers_pkey
Unique keys: subscribers_email_key
Triggers: RI_ConstraintTrigger_63057,
RI_ConstraintTrigger_63063,
RI_ConstraintTrigger_63069,
RI_ConstraintTrigger_63161,
RI_ConstraintTrigger_63163
test=# select count(*) from subscribers;
count
---
96856
(1 row)
test=# select * from subscribers where email~'domain4';
sid | email | domain | status | password | signup | name | sex | address |
city | state | zip | country | phone
-+---+++--++--+-+-+-
-+---+-+-+---
(0 rows)
test=# INSERT INTO subscribers(email) SELECT (random()||'@domain4.com') from
subscribers;
ERROR: Cannot insert a duplicate key into unique index
subscribers_email_key
test=#
I assume that this is because of pure transaction data isolation?
---
Best Regards,
Vlad Marchenko
---
TrackingSoft LLC
http://trackingsoft.com/ http://affiliatetracking.net/
---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
Re: [BUGS] SEGV in contrib/array/array_iterator.c
Matt Peterson <[EMAIL PROTECTED]> writes:
> + if(value == 0)
> + {
> + /* elog(NOTICE, "array_iterator: value is null"); */
> + return (0);
> + }
This patch is certainly wrong, as it will break array_iterator for
non-pointer datatypes (no, I do not believe your assertion to the
contrary).
More to the point, inserting explicit tests for null is an obsolete
approach; the preferred way to do things these days is to mark the SQL
declarations of such functions with "isStrict". Would you instead
update contrib/array to rely on isStrict?
It'd be even nicer to update contrib/array to V1 calling conventions,
but unless you are hitting 64-bit porting problems that may not do
anything useful for you...
regards, tom lane
---(end of broadcast)---
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
[BUGS] PGAccess and apostrophes...
Inserting text with an apostrophe fails. Updating a record after it's
initial creation works fine.
PGAccess version: 0.98.7 (as included with Mandrake 8.2).
file: pgaccess/lib/tables.tcl
fixed lines: 547-548...
546: lappend PgAcVar(mw,$wn,newrec_fields) "\"$fld\""
547: regsub -all {'} $fldval '' fldvalfixed
548: lappend PgAcVar(mw,$wn,newrec_values) '$fldvalfixed'
549: # Remove the untouched tag from the object
---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/users-lounge/docs/faq.html
[BUGS] date function 'age' problem
hello
i've got the following error:
here is the output:
###
osk=> select age('2001-03-29','2001-03-01');
age
---
27 days 23:00
(1 row)
osk=> select age('2002-03-29','2002-03-01');
age
---
1 mon
(1 row)
osk=> select version();
version
---
PostgreSQL 7.1.3 on i686-pc-linux-gnu, compiled by GCC 2.95.4
(1 row)
osk=>
#
look at the difference betwen results of execution function 'age' for the
same time interval in year 2001 and 2002. why there is '1 mon' when it
should be '27 days'.
thanks for any solutions to this problem.
best regards
konrad gdowski
---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/users-lounge/docs/faq.html
Re: [BUGS] SEGV in contrib/array/array_iterator.c
On Tue, 2 Apr 2002, Tom Lane wrote:
> Matt Peterson <[EMAIL PROTECTED]> writes:
>
> > + if(value == 0)
> > + {
> > + /* elog(NOTICE, "array_iterator: value is null"); */
> > + return (0);
> > + }
>
> This patch is certainly wrong, as it will break array_iterator for
> non-pointer datatypes (no, I do not believe your assertion to the
> contrary).
>
> More to the point, inserting explicit tests for null is an obsolete
> approach; the preferred way to do things these days is to mark the SQL
> declarations of such functions with "isStrict". Would you instead
> update contrib/array to rely on isStrict?
Are the array iterator functions supposed to act sort of like
=ANY/=ALL except across an array instead of a subselect? If so,
isStrict probably isn't right, since for an empty subselect the return
value does not depend on the element being searched for. If not,
that would probably be the easiest fix.
---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster
Re: [BUGS] SEGV in contrib/array/array_iterator.c
Stephan Szabo <[EMAIL PROTECTED]> writes: > Are the array iterator functions supposed to act sort of like > =ANY/=ALL except across an array instead of a subselect? Seems like a reasonable definition. > If so, > isStrict probably isn't right, since for an empty subselect the return > value does not depend on the element being searched for. Hm ... isn't it NULL anyway, if the left side is NULL? But if you're right, then the correct fix involves updating the functions to V1 calling conventions, so that they can make a correct test for NULL inputs (rather than bogusly checking for zero value). regards, tom lane ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
Re: [BUGS] Solaris 8 install of postgres 7.2
Joe Piscitella <[EMAIL PROTECTED]> writes: > checking test program... failed > configure: error: > *** Could not execute a simple test program. This may be a problem > *** related to locating shared libraries. Check the file 'config.log' > *** for the exact reason. The usual cause of this is that gcc is able to find and link shared libraries that are not found at runtime by the dynamic loader. You may need to set LD_LIBRARY_PATH. See http://www.ca.postgresql.org/docs/faq-solaris.html item 3 regards, tom lane ---(end of broadcast)--- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [BUGS] SEGV in contrib/array/array_iterator.c
On Tue, 2 Apr 2002, Tom Lane wrote: > Stephan Szabo <[EMAIL PROTECTED]> writes: > > Are the array iterator functions supposed to act sort of like > > =ANY/=ALL except across an array instead of a subselect? > > Seems like a reasonable definition. > > > If so, > > isStrict probably isn't right, since for an empty subselect the return > > value does not depend on the element being searched for. > > Hm ... isn't it NULL anyway, if the left side is NULL? > > But if you're right, then the correct fix involves updating the > functions to V1 calling conventions, so that they can make a correct > test for NULL inputs (rather than bogusly checking for zero value). I think the empty case is special, due to the rules on s. It looks like no comparison predicates need to be run. I think the applicable parts of 8.7 are General Rule 2a If T is empty or if the implied is true for every row RT in T, then "R T" is true. General Rule 2d If T is empty or if the implied is false for every row RT in T, then "R T" is false. ---(end of broadcast)--- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [BUGS] huh!?
"Vlad Marchenko" <[EMAIL PROTECTED]> writes: > test=# select count(*) from subscribers; > count > --- > 96856 > (1 row) > test=# select * from subscribers where email~'domain4'; > sid | email | domain | status | password | signup | name | sex | address | > city | state | zip | country | phone > -+---+++--++--+-+-+- > -+---+-+-+--- > (0 rows) > test=# INSERT INTO subscribers(email) SELECT (random()||'@domain4.com') from > subscribers; > ERROR: Cannot insert a duplicate key into unique index > subscribers_email_key > test=# > I assume that this is because of pure transaction data isolation? No, this just says that when you generated 96856 random() values, you got at least one pair of duplicates. regards, tom lane ---(end of broadcast)--- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [BUGS] SEGV in contrib/array/array_iterator.c
Stephan Szabo <[EMAIL PROTECTED]> writes: > On Tue, 2 Apr 2002, Tom Lane wrote: >> Hm ... isn't it NULL anyway, if the left side is NULL? > I think the empty case is special, due to the rules on comparison predicate>s. [ reads spec... ] Yeah, I think you are right. Looks like our subplan implementation gets it right, too. regards, tom lane ---(end of broadcast)--- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
[BUGS] pg_dump bug
I have a pg_dump file which contains only schemas,
I think there is a bug, which causes function reload
fail, look at following pieces of dump file:
..
..
--
-- TOC Entry ID 212 (OID 34744710)
--
-- Name: gibson Type: TABLE Owner: jliang
--
CREATE TABLE "gibson" (
"cid" integer,
"code" character varying(10),
"name" character varying(32)
);
--
-- TOC Entry ID 368 (OID 34746075)
--
-- Name: "urlsbycid" (smallint) Type: FUNCTION Owner: jliang
--
CREATE FUNCTION "urlsbycid" (smallint) RETURNS SETOF text AS '
select url from urlinfo where id = ratings_by_serial.id and
ratings_by_serial.cid = $1 order by random() limit 100;
' LANGUAGE 'sql';
--
-- TOC Entry ID 213 (OID 34752225)
--
-- Name: gibson2 Type: TABLE Owner: jliang
--
CREATE TABLE "gibson2" (
"cid" integer,
"code" character varying(10),
"name" character varying(32),
"url" text
);
..
..
--
-- TOC Entry ID 235 (OID 67353384)
--
-- Name: urlinfo Type: TABLE Owner: bob
--
CREATE TABLE "urlinfo" (
"url" text NOT NULL,
"id" integer NOT NULL,
"ratedby" character varying(32),
"ratedon" timestamp with time zone DEFAULT
"timestamp"('now'::text),
"comments" text,
"list" smallint,
"pidwsr" integer,
"refid" integer,
Constraint "urlinfo_pkey" Primary Key ("id")
);
..
..
BUG:
CREATE FUNCTION "urlsbycid" cannot be created before
table "urlinfo" created!!!
I am using PostgreSQL-7.1.3 with pg_dump -s -f filename dbname.
I am upgrading my DB from Pg7.1.3 to Pg7.2.
This is one of problems I got.
I don't know does this bug has been fixed in Pg7.2??
Jie LIANG
Software Engineer
St. Bernard Software
16882 W. Bernardo Dr.
San Diego, CA 92127
Office:(858)524-2134
[EMAIL PROTECTED]
---(end of broadcast)---
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/users-lounge/docs/faq.html
