Details Ticket 5341


Comment | Reply | Take | Open


Serial Number 5341
Subject v.db.select: segfault
Area grass6
Queue grass
Requestors hamish_nospam@yahoo.com,tutey@o2.pl
Owner none
Status resolved
Last User Contact Fri Dec 1 10:35:11 2006 (2 yr ago)
Current Priority 99
Final Priority 99
Due No date assigned
Last Action Fri Dec 1 10:35:11 2006 (2 yr ago)
Created Mon Nov 27 11:47:45 2006 (2 yr ago)

Transaction History Ticket 5341


Mon, Nov 27 2006 11:47:45    Request created by msieczka  
Subject: v.db.select: segfault

Under some circumstances v.db.select segfaults. I can't find a pattern, but I
created a reproducible test case.

1. Download the location (2 KB)
http://kufaya.googlepages.com/vdbselect_segfault.tar.bz2. There is a vector
map 'test', in the 'test' mapset.

2. v.db.select map=test where="MAPS_COVER='built up'"
Segmentation fault

The backtrace:

(gdb) bt
#0  0xb7662943 in free () from /lib/tls/i686/cmov/libc.so.6
#1  0xb7663a86 in realloc () from /lib/tls/i686/cmov/libc.so.6
#2  0xb7eff069 in db_realloc (s=0x38, n=1293960530) at alloc.c:76
#3  0xb7f02e12 in db_enlarge_string (x=0xbff49838, len=134832280)
    at string.c:133
#4  0xb7f0307f in db_append_string (x=0xbff49838,
    s=0x80960a0 " WHERE MAPS_COVER='built up'") at string.c:220
#5  0x080494ee in main (argc=3, argv=0x80960a0) at main.c:122
(gdb)

I used to have this error occassionaly in recent months at random. This time
I
finally pinned down a good test case. Please please fix it.

Maciek
Mon, Nov 27 2006 12:00:12    Mail sent by mneteler  
Hi Maciek,

I have just tried on my RHEL4 64bit box, works:

v.db.select map=test where="MAPS_COVER='built up'"
CAT|PARCEL_NO|MAPS_USE|MAPS_CLASS|MAPS_COVER|OWNER_COD|OWNER_NAM|OWNER_RNMB|OWNER_LOC|TENANT_COD|TEN
ANT_NAM|TENANT_LOC|HOST_COD|AREA|LNDRCL_LEV|LR_OWNER|LR_HOST|LR_KAND
373|102|settlement|none|built up|013|household|1|Rogow Legnicki
1|000|none|none|13|1618.095757|0|||

Can you please try to debug it? It's fairly easy with 'ddd',
see this for a graphical guide:
http://grass.gdf-hannover.de/wiki/GRASS_Debugging#Using_DDD_.28gdb_graphical_frontend.29
We need to better understand where and how it fails (or
login into your machine).

Markus
Mon, Nov 27 2006 18:53:42    Mail sent by msieczka  
mneteler wrote (Mon, Nov 27 2006 12:00:12):

> I have just tried on my RHEL4 64bit box, works:

For me, on Ubuntu Breezy/32bit AMD K7 and on Ubuntu Dapper/32bit Pentium M it
segfaults.

Guys,

Could other please try and report? Thanks!

> Can you please try to debug it? It's fairly easy with 'ddd',
> see this for a graphical guide:

I have already put the backtrace there (see above); do you mean something else?
> We need to better understand where and how it fails (or
> login into your machine).

I could arrange that. Is ssh session OK? I'd only need your IP and I can set
it up for you tommorrow about noon.

Maciek
Mon, Nov 27 2006 19:08:21    Mail sent by neteler@itc.it  
Return-Path <neteler@itc.it>
Delivered-To grass-bugs@lists.intevation.de
X-AuditID d94d5003-aed6bbb000000b61-3b-456b29930ee7
Message-ID <456B2993.7060204@itc.it>
Date Mon, 27 Nov 2006 19:08:19 +0100
From Markus Neteler <neteler@itc.it>
User-Agent Thunderbird 1.5.0.8 (X11/20061025)
MIME-Version 1.0
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc grass-dev@grass.itc.it
Subject Re: [bug #5341] (grass) v.db.select: segfault
References <20061127175342.298BB1005C7@lists.intevation.de>
In-Reply-To <20061127175342.298BB1005C7@lists.intevation.de>
X-Enigmail-Version 0.94.0.0
OpenPGP url=http://mpa.itc.it/markus/markus_gpgkey.asc
Content-Type text/plain; charset=ISO-8859-1
Content-Transfer-Encoding 7bit
X-OriginalArrivalTime 27 Nov 2006 18:08:19.0625 (UTC) FILETIME=[04D6C990:01C7124F]
X-Brightmail-Tracker AAAAAA==
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-5 tagged_above=-999 required=3 tests=[BAYES_00=-5]
X-Spam-Level
Maciek Sieczka via RT wrote on 11/27/2006 06:53 PM:
> mneteler wrote (Mon, Nov 27 2006 12:00:12):
>
>   
>> I have just tried on my RHEL4 64bit box, works:
>>     
>
> For me, on Ubuntu Breezy/32bit AMD K7 and on Ubuntu Dapper/32bit Pentium M
it
> segfaults.
>
> Guys,
>
> Could other please try and report? Thanks!
>
>   
>> Can you please try to debug it? It's fairly easy with 'ddd',
>> see this for a graphical guide:
>>     
> I have already put the backtrace there (see above); do you mean something else?
>   

Yes: use 'ddd'. The gdb backtrace I don't understand.
'ddd', the graphical frontend to gdb, will get you to the offending line.
There you can check variable settings before the program crashes and so
forth.
>> We need to better understand where and how it fails (or
>> login into your machine).
> I could arrange that. Is ssh session OK? I'd only need your IP and I can set
> it up for you tommorrow about noon.
Maybe you could give 'ddd' a try first? It's really not so difficult.

Markus


Mon, Nov 27 2006 20:12:47    Mail sent by msieczka  
neteler@itc.it wrote (Mon, Nov 27 2006 19:08:21):

> the graphical frontend to gdb, will get you to the offending line.
> There you can check variable settings before the program crashes and so
> forth.

I don't know a thing about C, or any other programming language (only basics
of shell and awk). Thus I really doubt debugging C code by me makes much sense.
> Maybe you could give 'ddd' a try first? It's really not so difficult.

But I need to now something about how C works, more or less, don't I?

Do you suppose the problem could be due to my setup, not the v.db.select code?
I would greatly appreciate if anybody could try reproducing the segfault.

Maciek
Mon, Nov 27 2006 22:37:23    Mail sent by rez@touchofmadness.com  
Return-Path <rez@touchofmadness.com>
Delivered-To grass-bugs@lists.intevation.de
Subject Re: [GRASS-dev] [bug #5341] (grass) v.db.select: segfault
From Brad Douglas <rez@touchofmadness.com>
Reply-To rez@touchofmadness.com
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc neteler@itc.it, grass-dev@grass.itc.it
In-Reply-To <20061127175342.298BB1005C7@lists.intevation.de>
References <20061127175342.298BB1005C7@lists.intevation.de>
Content-Type text/plain
Date Mon, 27 Nov 2006 13:37:03 -0800
Message-Id <1164663423.14857.35.camel@devel>
Mime-Version 1.0
X-Mailer Evolution 2.6.3 (2.6.3-1.fc5.5)
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-5 tagged_above=-999 required=3 tests=[BAYES_00=-5]
X-Spam-Level
On Mon, 2006-11-27 at 18:53 +0100, Maciek Sieczka via RT wrote:
> mneteler wrote (Mon, Nov 27 2006 12:00:12):
> 
> > I have just tried on my RHEL4 64bit box, works:
> 
> For me, on Ubuntu Breezy/32bit AMD K7 and on Ubuntu Dapper/32bit Pentium M
it
> segfaults.
> 
> Guys,
> 
> Could other please try and report? Thanks!
> 
> > Can you please try to debug it? It's fairly easy with 'ddd',
> > see this for a graphical guide:
> 
> I have already put the backtrace there (see above); do you mean something else?
> 
> > We need to better understand where and how it fails (or
> > login into your machine).
> 
> I could arrange that. Is ssh session OK? I'd only need your IP and I can set
> it up for you tommorrow about noon.

I just downloaded the test dataset (from original email) and executed
v.db.select with the parameters specified (it's MAPS_COVER, not
MAP_COVER).  Everything completes fine for me and without error.


-- 
Brad Douglas <rez touchofmadness com>                    KB8UYR/6
Address: 37.493,-121.924 / WGS84    National Map Corps #TNMC-3785


Mon, Nov 27 2006 23:59:47    Mail sent by hamish_nospam@yahoo.com  
Return-Path <hamish_nospam@yahoo.com>
Delivered-To grass-bugs@lists.intevation.de
Date Tue, 28 Nov 2006 11:59:39 +1300
From Hamish <hamish_nospam@yahoo.com>
To grass-dev@grass.itc.it
Cc grass-bugs@intevation.de
Subject Re: [GRASS-dev] Re: [bug #5341] (grass) v.db.select: segfault
Message-Id <20061128115939.7718d05e.hamish_nospam@yahoo.com>
In-Reply-To <456B2993.7060204@itc.it>
References <20061127175342.298BB1005C7@lists.intevation.de> <456B2993.7060204@itc.it>
X-Mailer Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu)
X-Face M<EoB)"*Z~u!,vFhXmw}R_KbdBta*P_=T|rbBL'e1/CQ9;/1g\BU3&!=y8ria$2Uk!HT&BB 8i?|X_+7~1jsy}F~g$2va%3fV`*=L(*cem[@3\yg,G,@rg6/QMJ
Mime-Version 1.0
Content-Type text/plain; charset=US-ASCII
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-2.3 tagged_above=-999 required=3 tests=[BAYES_00=-5, FORGED_YAHOO_RCVD=2.7]
X-Spam-Level
> Yes: use 'ddd'. The gdb backtrace I don't understand.
> 'ddd', the graphical frontend to gdb, will get you to the offending line.
> There you can check variable settings before the program crashes and so
> forth.

for ddd/kdbg instructions see  doc/debugging.txt  in the source code.



Hamish


Tue, Nov 28 2006 00:13:48    Mail sent by hamish_nospam@yahoo.com  
Return-Path <hamish_nospam@yahoo.com>
Delivered-To grass-bugs@lists.intevation.de
Date Tue, 28 Nov 2006 12:13:42 +1300
From Hamish <hamish_nospam@yahoo.com>
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc grass-dev@grass.itc.it
Subject Re: [GRASS-dev] [bug #5341] (grass) v.db.select: segfault
Message-Id <20061128121342.1504bbf8.hamish_nospam@yahoo.com>
In-Reply-To <20061127191247.7823510016A@lists.intevation.de>
References <20061127191247.7823510016A@lists.intevation.de>
X-Mailer Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu)
X-Face M<EoB)"*Z~u!,vFhXmw}R_KbdBta*P_=T|rbBL'e1/CQ9;/1g\BU3&!=y8ria$2Uk!HT&BB 8i?|X_+7~1jsy}F~g$2va%3fV`*=L(*cem[@3\yg,G,@rg6/QMJ
Mime-Version 1.0
Content-Type text/plain; charset=US-ASCII
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-2.3 tagged_above=-999 required=3 tests=[BAYES_00=-5, FORGED_YAHOO_RCVD=2.7]
X-Spam-Level
Maciek Sieczka via RT wrote:
> 
> > Maybe you could give 'ddd' a try first? It's really not so difficult.
> 
> But I need to now something about how C works, more or less, don't I?

you can still find out where it breaks, without understanding the "why".


some gdb hints:
GRASS> gdb `which v.db.select`

(gdb) run  map=foo where="this = 'that'"
[...]
<segfault>

#full backtrace
(gdb) bt f

#list code at point in source code where it broke
(gdb) l

#change function reference frame (#1, #2, #3, ... in bt list)
frame <number>

#list code at breakpoint (in new frame)
(gdb) l

#print variable value at this point ("bt full" shows all values)
(gdb) p <variable name>


Hamish


Tue, Nov 28 2006 12:01:39    Mail sent by msieczka  
rez@touchofmadness.com wrote (Mon, Nov 27 2006 22:37:23):

> I just downloaded the test dataset (from original email) and executed
> v.db.select with the parameters specified (it's MAPS_COVER, not
> MAP_COVER).

I didn't wrote it was MAP_COVER. Where did you find it?

> Everything completes fine for me and without error.

Can you sepcify the platform and GCC version?

Thanks for testing this!

Best,
Maciek
Tue, Nov 28 2006 12:25:06    Mail sent by msieczka  
hamish_nospam@yahoo.com wrote (Tue, Nov 28 2006 00:13:48):

Hamish and All,

Thanks for the hints!

I did some (cough)de(cough)bugging. I have put the coredump for others to try:
http://kufaya.googlepages.com/core.bz2

To use it:

$ grass63 (any location)
$ gdb v.db.select core

(gdb) bt
#0  0xb76b3943 in free () from /lib/tls/i686/cmov/libc.so.6
#1  0xb76b4a86 in realloc () from /lib/tls/i686/cmov/libc.so.6
#2  0xb7f50069 in db_realloc (s=0x38, n=1293960530) at alloc.c:76
#3  0xb7f53e12 in db_enlarge_string (x=0xbfc9bfd8, len=134832184)
    at string.c:133
#4  0xb7f5407f in db_append_string (x=0xbfc9bfd8,
    s=0x8096040 " WHERE MAPS_COVER='built up'") at string.c:220
#5  0x080494ee in main (argc=3, argv=0x8096040) at main.c:122
(gdb)



Below is the code where it segfaults (frame #5, I guess):

(gdb) l
122            db_append_string ( &sql, buf );
123         }
124
125         if (db_open_select_cursor(driver, &sql, &cursor, DB_SEQUENTIAL) !=
DB_OK)
126             G_fatal_error(_("Cannot open select cursor"));
127
128         table = db_get_cursor_table (&cursor);
129         ncols = db_get_table_number_of_columns (table);
130
131         /* column names if horizontal output */
(gdb)

Any good? The coredump is available, anybody savvy can try themselves.

Maciek
Tue, Nov 28 2006 15:34:36    Mail sent by rez@touchofmadness.com  
Return-Path <rez@touchofmadness.com>
Delivered-To grass-bugs@lists.intevation.de
Subject Re: [bug #5341] (grass) v.db.select: segfault
From Brad Douglas <rez@touchofmadness.com>
Reply-To rez@touchofmadness.com
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc grass-dev@grass.itc.it
In-Reply-To <20061128110139.A230A1006B5@lists.intevation.de>
References <20061128110139.A230A1006B5@lists.intevation.de>
Content-Type text/plain
Date Tue, 28 Nov 2006 06:34:00 -0800
Message-Id <1164724440.14857.52.camel@devel>
Mime-Version 1.0
X-Mailer Evolution 2.6.3 (2.6.3-1.fc5.5)
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-5 tagged_above=-999 required=3 tests=[BAYES_00=-5]
X-Spam-Level
On Tue, 2006-11-28 at 12:01 +0100, Maciek Sieczka via RT wrote:
> rez@touchofmadness.com wrote (Mon, Nov 27 2006 22:37:23):
> 
> > I just downloaded the test dataset (from original email) and executed
> > v.db.select with the parameters specified (it's MAPS_COVER, not
> > MAP_COVER).
> 
> I didn't wrote it was MAP_COVER. Where did you find it?

My mistake.  I read it wrong.

> > Everything completes fine for me and without error.
> 
> Can you sepcify the platform and GCC version?

x86_64 gcc-3.2.3 and gcc-4.1.1.


-- 
Brad Douglas <rez touchofmadness com>                    KB8UYR/6
Address: 37.493,-121.924 / WGS84    National Map Corps #TNMC-3785


Tue, Nov 28 2006 15:52:07    Mail sent by rez@touchofmadness.com  
Return-Path <rez@touchofmadness.com>
Delivered-To grass-bugs@lists.intevation.de
Subject Re: [GRASS-dev] [bug #5341] (grass) v.db.select: segfault
From Brad Douglas <rez@touchofmadness.com>
Reply-To rez@touchofmadness.com
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc neteler@itc.it, grass-dev@grass.itc.it, hamish_nospam@yahoo.com
In-Reply-To <20061128112507.086F31006B5@lists.intevation.de>
References <20061128112507.086F31006B5@lists.intevation.de>
Content-Type text/plain
Date Tue, 28 Nov 2006 06:51:25 -0800
Message-Id <1164725485.14857.57.camel@devel>
Mime-Version 1.0
X-Mailer Evolution 2.6.3 (2.6.3-1.fc5.5)
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-5 tagged_above=-999 required=3 tests=[BAYES_00=-5]
X-Spam-Level
On Tue, 2006-11-28 at 12:25 +0100, Maciek Sieczka via RT wrote:
> hamish_nospam@yahoo.com wrote (Tue, Nov 28 2006 00:13:48):
> 
> Hamish and All,
> 
> Thanks for the hints!
> 
> I did some (cough)de(cough)bugging. I have put the coredump for others to try:
> http://kufaya.googlepages.com/core.bz2
> 
> To use it:
> 
> $ grass63 (any location)
> $ gdb v.db.select core
> 
> (gdb) bt
> #0  0xb76b3943 in free () from /lib/tls/i686/cmov/libc.so.6
> #1  0xb76b4a86 in realloc () from /lib/tls/i686/cmov/libc.so.6
> #2  0xb7f50069 in db_realloc (s=0x38, n=1293960530) at alloc.c:76
> #3  0xb7f53e12 in db_enlarge_string (x=0xbfc9bfd8, len=134832184)
>     at string.c:133
> #4  0xb7f5407f in db_append_string (x=0xbfc9bfd8,
>     s=0x8096040 " WHERE MAPS_COVER='built up'") at string.c:220
> #5  0x080494ee in main (argc=3, argv=0x8096040) at main.c:122
> (gdb)
> 
> 
> 
> Below is the code where it segfaults (frame #5, I guess):
> 
> (gdb) l
> 122            db_append_string ( &sql, buf );
> 123         }
> 124
> 125         if (db_open_select_cursor(driver, &sql, &cursor, DB_SEQUENTIAL)
!=
> DB_OK)
> 126             G_fatal_error(_("Cannot open select cursor"));
> 127
> 128         table = db_get_cursor_table (&cursor);
> 129         ncols = db_get_table_number_of_columns (table);
> 130
> 131         /* column names if horizontal output */
> (gdb)
> 
> Any good? The coredump is available, anybody savvy can try themselves.

The problem is with db_append_string().  I just committed a patch that
handles memory properly before the call, but I don't know if it will be
of any help.  Give it a try.


-- 
Brad Douglas <rez touchofmadness com>                    KB8UYR/6
Address: 37.493,-121.924 / WGS84    National Map Corps #TNMC-3785


Tue, Nov 28 2006 21:28:05    Mail sent by msieczka  
rez@touchofmadness.com wrote (Tue, Nov 28 2006 15:52:07):

> The problem is with db_append_string().  I just committed a patch that
> handles memory properly before the call, but I don't know if it will be
> of any help.  Give it a try.

Brad,

Thanks, but it didn't help, as you suspected. Still the same segfault. I'm
getting it on my 2 machines:

Ubuntu Breezy 32bit AMD Athlon (Barton), 2.6.12-10-k7, gcc 3.4.4
Ubuntu Dapper 32bit Pentium M (Dothan), 2.6.15-27-686, gcc 4.0.3

You wrote you are using 64bit, same as Markus, who also can't reproduce the
segfault. Is there anybody on 32bit who can?

Maciek
Thu, Nov 30 2006 04:54:41    Request created by hbowman (as #5352)  
Subject: v.db.select segfault if SQL query is malformed

v.db.select segfaults if SQL query is malformed:

G63> v.db.select -c fish_sites col=site_id where="CAT = 1"
Ai1

G63> v.db.select -c fish_sites col=site_id where="CAT=1"
Segmentation fault

G63> db.connect -p
driver:dbf
database:$GISDBASE/$LOCATION_NAME/$MAPSET/dbf/
schema:(null)
group:(null)


thanks,
Hamish
Thu, Nov 30 2006 08:22:53    Mail sent by mneteler (as #5352)  
I can replicate that with Spearfish:

v.db.select archsites where="CAT=1"
Segmentation fault


The debugger suggests:
 #2  0xb7edbf8e in db_realloc (s=0x804f060, n=36) at alloc.c:76

which is
lib/db/dbmi_base/alloc.c:76
s = realloc (s, (unsigned int) n);

Some memory magic...

Markus
Thu, Nov 30 2006 10:24:32    Mail sent by msieczka  
Inspired by Hamish's bug #5352, I found out that this one segfaults:

v.db.select map=test where="MAPS_COVER='built up'"

while this one one works OK:

v.db.select map=test where="MAPS_COVER = 'built up'"

This is strange as both notations are allowed according to examples in GRASS
manual, and as the former one segfaults only on my 2 32bit machines, while it
doesn't on Brad's and Markus's 64bit.

???

Maciek
Thu, Nov 30 2006 10:24:43    Mail sent by msieczka (as #5352)  
hbowman wrote (Thu, Nov 30 2006 04:54:41):

> v.db.select segfaults if SQL query is malformed:
> 
> G63> v.db.select -c fish_sites col=site_id where="CAT = 1"
> Ai1
> 
> G63> v.db.select -c fish_sites col=site_id where="CAT=1"
> Segmentation fault

Hamish,

Why do you think "CAT=1" is malformed and "CAT = 1" is not?

See eg. http://www.w3schools.com/sql/sql_where.asp. Both notations are allowed.
Also GRASS manual mentions both, eg.
http://grass.itc.it/grass63/manuals/html63_user/sql.html:

d.vect map where="individual='juvenile'
v.db.update map=roads col=exprtest value=cat/nulltest+cat where=cat=1
echo "UPDATE roads SET exprtest=NULL WHERE cat>2" | db.execute

This bug is similar to my recent
http://intevation.de/rt/webrt?serial_num=5341, please see the recent notes.
Maciek
Thu, Nov 30 2006 10:34:27    Mail sent by mneteler  
Report: http://intevation.de/rt/webrt?serial_num=5352
I can replicate that with Spearfish on 32bit:

v.db.select archsites where="CAT=1"
Segmentation fault

The debugger suggests:
 #2  0xb7edbf8e in db_realloc (s=0x804f060, n=36) at alloc.c:76

which is
lib/db/dbmi_base/alloc.c:76
s = realloc (s, (unsigned int) n);

Some memory magic...

Probably the bugs should be merged.

Markus
Fri, Dec 1 2006 02:57:42    Request 5352 merged into 5341 by hbowman (as #5352)  
Fri, Dec 1 2006 03:24:04    Mail sent by hamish_nospam@yahoo.com  
Return-Path <hamish_nospam@yahoo.com>
Delivered-To grass-bugs@lists.intevation.de
Date Fri, 1 Dec 2006 15:23:54 +1300
From Hamish <hamish_nospam@yahoo.com>
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc grass-dev@grass.itc.it
Subject Re: [bug #5341] Data corruption problem with v.db.select
Message-Id <20061201152354.230909a2.hamish_nospam@yahoo.com>
In-Reply-To <20061130092443.447421006AB@lists.intevation.de>
References <20061130092443.447421006AB@lists.intevation.de>
X-Mailer Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu)
X-Face M<EoB)"*Z~u!,vFhXmw}R_KbdBta*P_=T|rbBL'e1/CQ9;/1g\BU3&!=y8ria$2Uk!HT&BB 8i?|X_+7~1jsy}F~g$2va%3fV`*=L(*cem[@3\yg,G,@rg6/QMJ
Mime-Version 1.0
Content-Type text/plain; charset=US-ASCII
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-2.3 tagged_above=-999 required=3 tests=[BAYES_00=-5, FORGED_YAHOO_RCVD=2.7]
X-Spam-Level
> http://intevation.de/rt/webrt?serial_num=5341

Well, that didn't take long. We now have a nasty 6.2.1 blocker bug.
See the spearfish example below.


HB:
> > v.db.select segfaults if SQL query is malformed:
> > 
> > G63> v.db.select -c fish_sites col=site_id where="CAT = 1"
> > Ai1
> > 
> > G63> v.db.select -c fish_sites col=site_id where="CAT=1"
> > Segmentation fault
MS:
> Why do you think "CAT=1" is malformed and "CAT = 1" is not?
> See eg. http://www.w3schools.com/sql/sql_where.asp. Both notations are
> allowed.
>
> Also GRASS manual mentions both, eg.
> http://grass.itc.it/grass63/manuals/html63_user/sql.html:
> 
> d.vect map where="individual='juvenile'

yes you are correct. (fyi, I put that example in, we were tracking
the movements of sea lion pups)

re-testing for that sea lion map, it is only v.db.select that is broken.
d.vect, v.extract work without the extra whitespace.

the column= where= options are newer than 6.0.2, so can't test that, but
they do break in 6.1.0.


> This bug is similar to my recent
> http://intevation.de/rt/webrt?serial_num=5341,

It is the same bug. Merged.


#spearfish

#includes Brad's updates from 2 days ago

G63> v.db.select -c archsites where="CAT = 1"
1|Signature Rock


G63> v.db.select -c archsites where="CAT=1"
DBMI-DBF driver error:
SQL parser error in statement:
SELECT * FROM archsites WHERE CAT=1)
Error in db_open_select_cursor()
ERROR: Cannot open select cursor


G63> v.db.select -c archsites column=str1 where="CAT = 1"
Signature Rock

G63> v.db.select -c archsites column=str1 where="CAT=1"
No Name

G63> v.db.select archsites where="CAT = 1" col=cat
cat
1

G63> v.db.select archsites where="CAT=1" col=cat
cat
11

==> that is very bad, it reports the attribute of the wrong cat !


Hamish


Fri, Dec 1 2006 03:39:42    Mail sent by hamish_nospam@yahoo.com  
Return-Path <hamish_nospam@yahoo.com>
Delivered-To grass-bugs@lists.intevation.de
Date Fri, 1 Dec 2006 15:39:35 +1300
From Hamish <hamish_nospam@yahoo.com>
To Maciek Sieczka via RT <grass-bugs@intevation.de>
Cc grass-dev@grass.itc.it, neteler@itc.it, rez@touchofmadness.com
Subject Re: [bug #5341] (grass) v.db.select: segfault
Message-Id <20061201153935.2a82bf2d.hamish_nospam@yahoo.com>
In-Reply-To <20061130092432.6D8821006A8@lists.intevation.de>
References <20061130092432.6D8821006A8@lists.intevation.de>
X-Mailer Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu)
X-Face M<EoB)"*Z~u!,vFhXmw}R_KbdBta*P_=T|rbBL'e1/CQ9;/1g\BU3&!=y8ria$2Uk!HT&BB 8i?|X_+7~1jsy}F~g$2va%3fV`*=L(*cem[@3\yg,G,@rg6/QMJ
Mime-Version 1.0
Content-Type text/plain; charset=US-ASCII
Content-Transfer-Encoding 7bit
X-Virus-Scanned by amavisd-new at intevation.de
X-Spam-Status No, hits=-2.3 tagged_above=-999 required=3 tests=[BAYES_00=-5, FORGED_YAHOO_RCVD=2.7]
X-Spam-Level
> G63> v.db.select archsites where="CAT = 1" col=cat
> cat
> 1
>
> G63> v.db.select archsites where="CAT=1" col=cat
> cat
> 11
> 
> ==> that is very bad, it reports the attribute of the wrong cat !



found it.

v.db.select/main.c:
    if (where_opt->answer) {
       char *buf = NULL;

-      buf = G_malloc ((strlen(where_opt->answer) + 7));
+      buf = G_malloc ((strlen(where_opt->answer) + 8));
       sprintf (buf, " WHERE %s", where_opt->answer);
       db_append_string ( &sql, buf );
       G_free (buf);
    }


strlen() returns the length of the string without the null terminator.
So the *buf string was allocated one smaller than it needed to be.


fixed in CVS & 6.2 branch.


Hamish


Fri, Dec 1 2006 10:35:11    Status changed to resolved by msieczka  
Fri, Dec 1 2006 10:35:11    Mail sent by msieczka  
hamish_nospam@yahoo.com wrote (Fri, Dec 1 2006 03:39:42):

> fixed in CVS & 6.2 branch.

Allright! One can always count on you.

Works OK now, no matter how many spaces between the operator and the arguments.
Many thanks. Closing it.

Maciek
Comment | Reply | Take | Open

You are currently authenticated as guest.
[Show Configuration] [Login as another user]

Users Guide - Mail Commands - Homepage of RequestTracker 1.0.7 - list any request