Zorba

Segfault with parse-xml:parse() and file:read-text()

Bug #1089264 reported by Chris Hillery
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Zorba
Confirmed
High
Nicolae Brinza

Bug Description

The query and input file are attached. Save them to the same directory and run repro.xq with Zorba.

The query is probably weird because the following:

  return $foo/[@testCaseName eq "Catalog001"]

probably should not have the / in it to get the desired behaviour of selecting elements with the corresponding attributes. However, of course Zorba should not crash. And, in fact, the query should be valid; if you replace the file:read-text() call with the actual string content of failures.xml, then the query runs OK and produces the output "[ true ]", so the bug has something to do with parsing the result of file:read-text().

Revision history for this message
Chris Hillery (ceejatec) wrote :

Matthias, any idea who best to assign this bug to?

Changed in zorba:
importance: Undecided → High
assignee: nobody → Matthias Brantner (matthias-brantner)
Revision history for this message
Chris Hillery (ceejatec) wrote :
Revision history for this message
Chris Hillery (ceejatec) wrote :
Matthias Brantner (matthias-brantner)
Changed in zorba:
milestone: none → 2.8
status: New → Confirmed
assignee: Matthias Brantner (matthias-brantner) → Nicolae Brinza (nbrinza)
Revision history for this message
Matthias Brantner (matthias-brantner) wrote :

Assigning to Nicolae. It seems to be a problem in the parse function if the option <opt:parse-external-parsed-entity/> is specified. In this case, the node returned by the parse function contains an invalid tree pointer.

I think that it is a severe bug because the nodes returned by the parser function seem to be useless. That's why I marked it for 2.8 but it shouldn't hold up the release.

Revision history for this message
Matthias Brantner (matthias-brantner) wrote :
Download full text (3.6 KiB)

The stack trace of the crash is as follows:

(gdb) where
#0 0x00007ffff74b9d52 in zorba::simplestore::XmlTree::getCollectionId (this=0x201) at /home/mbrantner/zorba/sandbox/src/store/naive/node_items.cpp:137
#1 0x00007ffff752850f in zorba::simplestore::XmlNode::getCollectionId (this=0x7c3da0) at /home/mbrantner/zorba/sandbox/src/store/naive/node_items.h:507
#2 0x00007ffff75285c4 in zorba::simplestore::XmlNode::compare2 (this=0x7c3da0, other=0x750d20) at /home/mbrantner/zorba/sandbox/src/store/naive/node_items.h:1598
#3 0x00007ffff75298d2 in zorba::simplestore::StoreNodeSortIterator::ComparisonFunction::operator() (this=0x7fffffffce6f, n1=0x7c3da0, n2=0x750d20) at /home/mbrantner/zorba/sandbox/src/store/naive/node_iterators.h:452
#4 0x00007ffff752afb2 in std::__insertion_sort<__gnu_cxx::__normal_iterator<zorba::simplestore::XmlNode**, std::vector<zorba::simplestore::XmlNode*, std::allocator<zorba::simplestore::XmlNode*> > >, zorba::simplestore::StoreNodeSortIterator::ComparisonFunction> (__first=..., __last=..., __comp=...) at /usr/include/c++/4.6/bits/stl_algo.h:2129
#5 0x00007ffff752a99d in std::__final_insertion_sort<__gnu_cxx::__normal_iterator<zorba::simplestore::XmlNode**, std::vector<zorba::simplestore::XmlNode*, std::allocator<zorba::simplestore::XmlNode*> > >, zorba::simplestore::StoreNodeSortIterator::ComparisonFunction> (__first=..., __last=..., __comp=...) at /usr/include/c++/4.6/bits/stl_algo.h:2201
#6 0x00007ffff752a335 in std::sort<__gnu_cxx::__normal_iterator<zorba::simplestore::XmlNode**, std::vector<zorba::simplestore::XmlNode*, std::allocator<zorba::simplestore::XmlNode*> > >, zorba::simplestore::StoreNodeSortIterator::ComparisonFunction> (__first=..., __last=..., __comp=...) at /usr/include/c++/4.6/bits/stl_algo.h:5447
#7 0x00007ffff752829f in zorba::simplestore::StoreNodeSortOrAtomicIterator::next (this=0x7378b0, result=...) at /home/mbrantner/zorba/sandbox/src/store/naive/node_iterators.cpp:438
#8 0x00007ffff72147d3 in zorba::NodeSortIterator::nextImpl (this=0x761a40, result=..., planState=...) at /home/mbrantner/zorba/sandbox/src/runtime/core/nodeid_iterators.cpp:164
#9 0x00007ffff6fab3a9 in zorba::Batcher<zorba::NodeSortIterator>::produceNext (this=0x761a40, result=..., planState=...) at /home/mbrantner/zorba/sandbox/src/runtime/base/plan_iterator.h:535
#10 0x00007ffff71a7763 in zorba::PlanIterator::consumeNext (result=..., iter=0x761a40, planState=...) at /home/mbrantner/zorba/sandbox/src/runtime/base/plan_iterator.cpp:109
#11 0x00007ffff71a70f9 in zorba::PlanWrapper::next (this=0x737180, result=...) at /home/mbrantner/zorba/sandbox/src/runtime/api/plan_wrapper.cpp:151
#12 0x00007ffff6a9ee93 in zorba::serializer::serialize (this=0x7fffffffd300, aObject=..., aOStream=..., aHandler=0x0, aEmitAttributes=false) at /home/mbrantner/zorba/sandbox/src/api/serialization/serializer.cpp:2676
#13 0x00007ffff6a9eba9 in zorba::serializer::serialize (this=0x7fffffffd300, aObject=..., aOStream=..., aEmitAttributes=false) at /home/mbrantner/zorba/sandbox/src/api/serialization/serializer.cpp:2625
#14 0x00007ffff6a384ff in zorba::XQueryImpl::serialize (this=0x718710, os=..., aWrapper=..., opt=0x7fffffffd6d0) at /home/mbrantner...

Read more...

Chris Hillery (ceejatec)
Changed in zorba:
milestone: 2.8 → 2.9
Dana Florescu (dflorescu)
tags: added: store
tags: added: segfault
Dana Florescu (dflorescu)
tags: added: xml-parser
removed: store
Dana Florescu (dflorescu)
Changed in zorba:
milestone: 2.9 → 3.0
Chris Hillery (ceejatec)
Changed in zorba:
milestone: 3.0 → none
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.