Bugs item #1819868, was opened at 2007-10-25 11:57 Message generated for change (Comment added) made by stmane You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=482468&aid=1819868&group_id=56967
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: PF/runtime Group: Pathfinder 0.20 >Status: Closed >Resolution: Fixed Priority: 5 Private: No Submitted By: Maurice van Keulen (mvankeulen) >Assigned to: Stefan Manegold (stmane) Summary: PF/probxml: Memory corruption in MXQ 0.20 Initial Comment: The attached query (no document needed) crashes the server with: MonetDB>*** glibc detected *** malloc(): memory corruption: 0x09b9da78 *** If you set the $pta and $ptb variables at the bottom to $testworks1 and $testworks2 instead, then the query works fine. I just downloaded and compiled (on Suse Linux) a fresh stable version of MonetDB/XQuery 0.20 by checking out the following braches of modules from sourceforge: buildtools branch MonetDB_1-20 MonetDB branch MonetDB_1-20 clients branch Clients_1-20 MonetDB4 branch MonetDB_4-20 pathfinder branch XQuery_0-20 ---------------------------------------------------------------------- >Comment By: Stefan Manegold (stmane) Date: 2007-10-30 19:09 Message: Logged In: YES user_id=572415 Originator: NO (hopefully) fixed in CVS (XQuery_0-20 branch): While Maurice reported "*** glibc detected *** malloc(): memory corruption: 0x09b9da78 ***" as error, I got "*** glibc detected *** Mserver: double free or corruption (!prev): 0x00002aaabde0bc20 ***", and a simple gdb run revealed that the failing GDKfree() was called in line 142 of pathfinder/modules/probxml/probxml.mx: "GDKfree(matrix);". A quick look at the code revealed that an incorrect linearization of 2-dim matrix indeces to 1-dim array indeces could (potentially) lead to corruption of the data, in particular the header/prefix of a GDKmalloc()-ed array. Fixing the linearization macro made the given query (bug14.xq) work fine, again --- well, at least it does not crash any more and returns a result; I have no idea, whether the result is correct or not... Please check! Lessons learned: - There are bugs (also) in code that was not produced at CWI. - GDK'\''s memory sanity checks helped to find a bug in probxml code. - gdb is a very handy tool --- provided it is indeed used. [Test cannot be added to CVS as "--enable-probxml" is not default (yet?) ...] ---------------------------------------------------------------------- Comment By: Stefan Manegold (stmane) Date: 2007-10-25 14:32 Message: Logged In: YES user_id=572415 Originator: NO Before others (also) loose time on investigating this problem: Please note that the attached query requires the non-default "probxml" extensions, i.e., pathfinder needs to be configured with "--enable-probxml" ! (I currently don't have such pathfinder readily compiled, and not much time to compile one right now...) ---------------------------------------------------------------------- Comment By: Maurice van Keulen (mvankeulen) Date: 2007-10-25 13:35 Message: Logged In: YES user_id=654674 Originator: YES CVS head version runs the query correctly once, but crashes upon a second try. Looks like coincidence. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=482468&aid=1819868&group_id=56967 ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Monetdb-bugs mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/monetdb-bugs
