Обсуждение: (stupid) bug in agg_select_candidate
Hallo,
I'm trying postgres 6.4.1 and I have problem with select command:
> create table t( text_column text );
> select sum( text_column ) from t;
This command makes no sense, but causes crash in backend:
pqReadData() -- backend closed the channel unexpectedly. This probably means the backend terminated abnormally
beforeor while processing the request.
We have lost the connection to the backend, so further processing is impossible. Terminating.
See backtrace:
(gdb) bt
#0 agg_select_candidate (typeid=25, candidates=0x81e7838) at
parse_func.c:230
#1 0x80bd5be in ParseFuncOrColumn (pstate=0x81ded30, funcname=0x81deb40 "sum", fargs=0x81deba0,
curr_resno=0x81ded30, precedence=1) at parse_func.c:391
#2 0x80bc7b9 in transformExpr (pstate=0x81ded30, expr=0x81debc0,
precedence=1) at parse_expr.c:267
#3 0x80c12fa in MakeTargetEntryComplex (pstate=0x81ded30, res=0x81debe0) at parse_target.c:363
#4 0x80c1754 in transformTargetList (pstate=0x81ded30,
targetlist=0x81dec08) at parse_target.c:569
#5 0x80b45f1 in transformSelectStmt (pstate=0x81ded30, stmt=0x81deca0) at analyze.c:912
#6 0x80b382d in transformStmt (pstate=0x81ded30, parseTree=0x81deca0) at analyze.c:200
... more ....
Problem is in function 'agg_select_candidate' itself, simple debugging
session follows: (comment starts with '!')
Reading symbols from /lib/libnsl.so.1...done.
Reading symbols from /lib/libdl.so.2...done.
Reading symbols from /lib/libm.so.6...done.
Reading symbols from /usr/lib/libreadline.so.3...done.
Reading symbols from /usr/lib/libhistory.so.3...done.
Reading symbols from /lib/libtermcap.so.2...done.
Reading symbols from /usr/lib/libncurses.so.4...done.
Reading symbols from /lib/libc.so.6...done.
Reading symbols from /lib/ld-linux.so.2...done.
0x401356f4 in __read ()
(gdb) break agg_select_candidate Quit
(gdb) break agg_select_candidate
Breakpoint 1 at 0x80bd2f9: file parse_func.c, line 198.
(gdb) cont
Continuing.
Breakpoint 1, agg_select_candidate (typeid=25, candidates=0x81e7838) at parse_func.c:198
198 category = TypeCategory(typeid);
(gdb) next
199 ncandidates = 0;
(gdb)
200 last_candidate = NULL;
!!!!! setting to NULL (0)
(gdb)
201 for (current_candidate = candidates;
(gdb) print last_candidate
$1 = (struct _CandidateList *) 0x0
(gdb) next
202 current_candidate != NULL;
(gdb)
205 current_typeid = current_candidate->args[0];
(gdb)
206 current_category = TypeCategory(current_typeid);
(gdb)
208 if ((current_category == category)
!!!!! condidion isn't true
(gdb) print current_category
$2 = TIMESPAN_TYPE
(gdb) print category
$3 = STRING_TYPE
(gdb) next
230 last_candidate->next = NULL;
!!!! NULL is dereferenced ... this will crash backend
(gdb) next
Program received signal SIGSEGV, Segmentation fault.
agg_select_candidate (typeid=25, candidates=0x81e7838) at parse_func.c:230 Machine is x86, compiled with egcs-1.1.1.
thanks for any fix and happy Xmas, David
--
* David Sauer, student of Czech Technical University
* electronic mail: davids@iol.cz (mime compatible)
> I'm trying postgres 6.4.1 and I have problem with select command:
> > create table t( text_column text );
> > select sum( text_column ) from t;
> This command makes no sense, but causes crash in backend:
Thanks for finding this. It was in new code for automatic type matching
and coersion on aggregate functions to help implement aggregates for the
string types.
I've enclosed a simple patch which fixes the problem, and which at the
same time makes a nicer warning message as a result:
postgres=> select sum(c) from cc;
ERROR: Unable to select an aggregate function sum(bpchar)
postgres=> select min(c) from cc;
min
----------
abc
(1 row)
Will commit to the cvs tree sometime soon; let me know if you have any
continuing problems. Good luck.
- Tom*** ../src/backend/parser/parse_func.c.orig Sun Dec 20 17:35:27 1998
--- ../src/backend/parser/parse_func.c Wed Dec 23 06:50:44 1998
***************
*** 225,231 ****
}
}
/* otherwise, don't bother keeping this one around... */
! else
{
last_candidate->next = NULL;
}
--- 225,231 ----
}
}
/* otherwise, don't bother keeping this one around... */
! else if (last_candidate != NULL)
{
last_candidate->next = NULL;
}
***************
*** 399,406 ****
}
else
{
! elog(ERROR,"Unable to select an aggregate function for type '%s'",
! typeidTypeName(basetype));
}
}
--- 399,406 ----
}
else
{
! elog(ERROR,"Unable to select an aggregate function %s(%s)",
! funcname, typeidTypeName(basetype));
}
}
>>>> "Thomas" == Thomas G Lockhart <lockhart@alumni.caltech.edu> writes: >> I'm trying postgres 6.4.1 and I have problem with select command: >> > create table t( text_column text ); >> >select sum( text_column ) from t; >> This command makes no sense, but causes crash in backend: Thomas> Thanks for finding this. It was in new code for automatic type matching Thomas> and coersion on aggregate functionsto help implement aggregates for the Thomas> string types. Thomas> I've enclosed a simple patch which fixes the problem, and which at the Thomas> same time makes a nicer warningmessage as a result: Thomas> postgres=> select sum(c) from cc; Thomas> ERROR: Unable to select an aggregate function sum(bpchar) Thomas>postgres=> select min(c) from cc; Thomas> min Thomas> ---------- Thomas> abc Thomas> (1 row) Thomas> Will commit to the cvs tree sometime soon; let me know if you have any Thomas> continuing problems. Good luck. Thanks, works fine. Happy Xmas, David -- * David Sauer, student of Czech Technical University * electronic mail: davids@iol.cz (mime compatible)