zorba-coders team mailing list archive
-
zorba-coders team
-
Mailing list archive
-
Message #11804
[Bug 1020953] Re: segfault in modules/xml:parse()
** Changed in: zorba
Status: New => Fix Committed
--
You received this bug notification because you are a member of Zorba
Coders, which is the registrant for Zorba.
https://bugs.launchpad.net/bugs/1020953
Title:
segfault in modules/xml:parse()
Status in Zorba - The XQuery Processor:
Fix Committed
Bug description:
the following tests crash on windows in debug build (rev. 10908):
test/rbkt/zorba/parsing_and_serializing/parse-fragment-skip-root-47 (SEGFAULT)
test/rbkt/zorba/parsing_and_serializing/parse-fragment-skip-root-51 (SEGFAULT)
test/rbkt/zorba/parsing_and_serializing/parse-xml-fragment-09 (SEGFAULT)
test/rbkt/zorba/parsing_and_serializing/parse-xml-fragment-17 (SEGFAULT)
valgrind reveals:
valgrind zorba/build/test/rbkt/testdriver "zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq"
==31358== Memcheck, a memory error detector
==31358== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==31358== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==31358== Command: zorba/build/test/rbkt/testdriver zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq
==31358==
test zorba/parsing_and_serializing/parse-fragment-skip-root-47
=== Query: ===
import module namespace z = "http://www.zorba-xquery.com/modules/xml";;
import schema namespace opt = "http://www.zorba-xquery.com/modules/xml-options";;
z:parse("<root>
<test/>
<test/>
</bad>
</root>
",
<opt:options>
<opt:parse-external-parsed-entity opt:skip-root-nodes="0"/>
</opt:options>
)
=== end of Query ===
save execution plan in 1.900000 sec
load execution plan in 0.630000 sec
==31358== Invalid read of size 8
==31358== at 0x5E4AB4A: zorba::simplestore::XmlTree::removeType(zorba::simplestore::XmlNode const*) (node_items.cpp:242)
==31358== by 0x5E4C91F: zorba::simplestore::XmlNode::destroyInternal(bool) (node_items.cpp:877)
==31358== by 0x5E4C882: zorba::simplestore::XmlNode::destroyInternal(bool) (node_items.cpp:860)
==31358== by 0x5E4C65E: zorba::simplestore::XmlNode::destroy(bool) (node_items.cpp:819)
==31358== by 0x5EE7290: zorba::simplestore::FastXmlLoader::abortload() (loader_fast.cpp:177)
==31358== by 0x5EEDD01: zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&) (loader_dtd.cpp:322)
==31358== by 0x5F12F3F: zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&, zorba::store::LoadProperties const&) (store.cpp:1014)
==31358== by 0x5AA44C4: zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (parse_fragment_impl.cpp:230)
==31358== by 0x5892CD0: zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (plan_iterator.h:535)
==31358== by 0x5B54712: zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
==31358== by 0x5B540A8: zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) (plan_wrapper.cpp:151)
==31358== by 0x5481E54: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
==31358== Address 0xabc2c48 is 56 bytes inside a block of size 184 free'd
==31358== at 0x4C2A4BC: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==31358== by 0x5EE7216: zorba::simplestore::FastXmlLoader::abortload() (loader_fast.cpp:165)
==31358== by 0x5EEDD01: zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&) (loader_dtd.cpp:322)
==31358== by 0x5F12F3F: zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&, zorba::store::LoadProperties const&) (store.cpp:1014)
==31358== by 0x5AA44C4: zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (parse_fragment_impl.cpp:230)
==31358== by 0x5892CD0: zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (plan_iterator.h:535)
==31358== by 0x5B54712: zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
==31358== by 0x5B540A8: zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) (plan_wrapper.cpp:151)
==31358== by 0x5481E54: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
==31358== by 0x5481B58: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&) (serializer.cpp:2734)
==31358== by 0x541FA38: zorba::XQueryImpl::serialize(std::ostream&, zorba::rchandle<zorba::PlanWrapper>&, Zorba_SerializerOptions const*) (xqueryimpl.cpp:1305)
==31358== by 0x541ECA5: zorba::XQueryImpl::execute(std::ostream&, Zorba_SerializerOptions const*) (xqueryimpl.cpp:1131)
==31358==
==31358== Invalid read of size 8
==31358== at 0x5E4AB76: zorba::simplestore::XmlTree::removeType(zorba::simplestore::XmlNode const*) (node_items.cpp:244)
==31358== by 0x5E4C91F: zorba::simplestore::XmlNode::destroyInternal(bool) (node_items.cpp:877)
==31358== by 0x5E4C882: zorba::simplestore::XmlNode::destroyInternal(bool) (node_items.cpp:860)
==31358== by 0x5E4C65E: zorba::simplestore::XmlNode::destroy(bool) (node_items.cpp:819)
==31358== by 0x5EE7290: zorba::simplestore::FastXmlLoader::abortload() (loader_fast.cpp:177)
==31358== by 0x5EEDD01: zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&) (loader_dtd.cpp:322)
==31358== by 0x5F12F3F: zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&, zorba::store::LoadProperties const&) (store.cpp:1014)
==31358== by 0x5AA44C4: zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (parse_fragment_impl.cpp:230)
==31358== by 0x5892CD0: zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (plan_iterator.h:535)
==31358== by 0x5B54712: zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
==31358== by 0x5B540A8: zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) (plan_wrapper.cpp:151)
==31358== by 0x5481E54: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
==31358== Address 0xabc2c48 is 56 bytes inside a block of size 184 free'd
==31358== at 0x4C2A4BC: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==31358== by 0x5EE7216: zorba::simplestore::FastXmlLoader::abortload() (loader_fast.cpp:165)
==31358== by 0x5EEDD01: zorba::simplestore::FragmentXmlLoader::loadXml(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&) (loader_dtd.cpp:322)
==31358== by 0x5F12F3F: zorba::simplestore::Store::loadDocument(zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, zorba::rstring<zorba::rstring_classes::rep<zorba::atomic_int, std::char_traits<char>, std::allocator<char> > > const&, std::istream&, zorba::store::LoadProperties const&) (store.cpp:1014)
==31358== by 0x5AA44C4: zorba::FnZorbaParseXmlFragmentIterator::nextImpl(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (parse_fragment_impl.cpp:230)
==31358== by 0x5892CD0: zorba::Batcher<zorba::FnZorbaParseXmlFragmentIterator>::produceNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanState&) const (plan_iterator.h:535)
==31358== by 0x5B54712: zorba::PlanIterator::consumeNext(zorba::store::ItemHandle<zorba::store::Item>&, zorba::PlanIterator const*, zorba::PlanState&) (plan_iterator.cpp:109)
==31358== by 0x5B540A8: zorba::PlanWrapper::next(zorba::store::ItemHandle<zorba::store::Item>&) (plan_wrapper.cpp:151)
==31358== by 0x5481E54: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&, zorba::SAX2_ContentHandler*) (serializer.cpp:2782)
==31358== by 0x5481B58: zorba::serializer::serialize(zorba::rchandle<zorba::store::Iterator>, std::ostream&) (serializer.cpp:2734)
==31358== by 0x541FA38: zorba::XQueryImpl::serialize(std::ostream&, zorba::rchandle<zorba::PlanWrapper>&, Zorba_SerializerOptions const*) (xqueryimpl.cpp:1305)
==31358== by 0x541ECA5: zorba::XQueryImpl::execute(std::ostream&, Zorba_SerializerOptions const*) (xqueryimpl.cpp:1131)
==31358==
The following execution error occurred as expected:
http://www.w3.org/2005/xqt-errors:FODC0006: http://www.w3.org/2005/xqt-errors:FODC0006invalid content passed to parse-xml:parse(): loader parsing error: Opening and ending tag mismatch: root line 0 and bad
[line 4][column 1][file zorba/sandbox/test/rbkt/Queries/zorba/parsing_and_serializing/parse-fragment-skip-root-47.xq]
testdriver: test runtime was 9268363us
testdriver: success
==31358==
==31358== HEAP SUMMARY:
==31358== in use at exit: 2,368 bytes in 2 blocks
==31358== total heap usage: 26,474 allocs, 26,472 frees, 12,336,013 bytes allocated
==31358==
==31358== LEAK SUMMARY:
==31358== definitely lost: 128 bytes in 1 blocks
==31358== indirectly lost: 2,240 bytes in 1 blocks
==31358== possibly lost: 0 bytes in 0 blocks
==31358== still reachable: 0 bytes in 0 blocks
==31358== suppressed: 0 bytes in 0 blocks
==31358== Rerun with --leak-check=full to see details of leaked memory
==31358==
==31358== For counts of detected and suppressed errors, rerun with: -v
==31358== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 2 from 2)
To manage notifications about this bug go to:
https://bugs.launchpad.net/zorba/+bug/1020953/+subscriptions
References
