[postgis-devel] Issue 119 in postgis: ST_AsSVGcrashedDBbackendwith large geometries.

Paragon Corporation lr at pcorp.us
Thu Mar 12 23:31:31 PDT 2009


Olivier,

Sorry it took me so long to get to this.  I finally got around to installing
valgrind and running it on the offending piece of code, but not sure what
the below is telling me aside from I have a buffer overflow.

FYI - I did a make check and that passed with flying colors (even the SVG
test -- so its just the torture test that is failing.  I wonder if its
because the coordinates are invalid (e.g. these can't be transformed to
mercator for example, but then again it only seems to crash this box and not
others).

For your info -- I am running -- as it says 8.3.1, Postgis 1.4 SVN (latest
snapshot), Proj 4.6.0, GEOS 3.1 -- about a week old.

The GCC I compiled PostGIS with is version 4.3.1 20080507 prelease (this is
Open SUSE 11 and I am running a newer gcc on this box than any other box I
have).

More gcc stuff (Using built-in specs.
Target: i586-suse-linux
Configured with: ../configure --prefix=/usr --with-local-prefix=/usr/local
--infodir=/usr/share/info --mandir=/usr/share/man --libdir=/usr/lib
--libexecdir=/usr/lib --enable-languages=c,c++,objc,fortran,obj-c++,java,ada
--enable-checking=release --with-gxx-include-dir=/usr/include/c++/4.3
--enable-ssp --disable-libssp --with-bugurl=http://bugs.opensuse.org/
--with-pkgversion='SUSE Linux' --disable-libgcj --with-slibdir=/lib
--with-system-zlib --enable-__cxa_atexit --enable-libstdcxx-allocator=new
--disable-libstdcxx-pch --program-suffix=-4.3
--enable-version-specific-runtime-libs --enable-linux-futex
--without-system-libunwind --with-cpu=generic --build=i586-suse-linux
Thread model: posix
gcc version 4.3.1 20080507 (prerelease) [gcc-4_3-branch revision 135036]
(SUSE Linux) )

---VALGRIND error below and valgrind log is attached.

postgres at linux:/projects> echo "SELECT ST_AsSVG(foo1.the_geom) FROM ((SELECT
ST_Buffer(ST_SetSRID(ST_Point(i,j),4326), j)  As the_geom FROM
generate_series(-10,50,10) As i CROSS JOIN generate_series(40,70, 20) As j))
As foo1;" | valgrind --leak-check=yes -v --run-libc-freeres=no
--show-reachable=yes --log-file=/projects/valgrind/valgrindlog postgres
--single -D /var/lib/pgsql/data testpostgis

PostgreSQL stand-alone backend 8.3.1
backend> 	 1: st_assvg	(typeid = 25, len = -1, typmod = -1, byval =
f)
	----
	 1: st_assvg = "M 30 -40 L 29.231411216129224 -32.196387119354874
26.955181300451478 -24.692662705396422 23.258784492101825
-17.777190679215931 18.284271247461923 -11.715728752538123
12.222809320784123 -6.741215507898211 5.307337294603634 -3.04481869954855
-2.196387119354815 -0.76858878387079 -9.999999999999936 0
-17.803612880645058 -0.768588783870769 -25.307337294603514 -3.0448186995485
-32.222809320784023 -6.741215507898147 -38.284271247461838
-11.715728752538034 -43.258784492101753 -17.777190679215828
-46.955181300451429 -24.692662705396309 -49.231411216129196
-32.196387119354753 -50 -39.999999999999872 -49.231411216129246
-47.803612880644991 -46.955181300451528 -55.307337294603457
-43.258784492101896 -62.222809320783959 -38.284271247462016
-68.284271247461788 -32.222809320784236 -73.258784492101711
-25.307337294603744 -76.955181300451414 -17.803612880645286
-79.231411216129189 -10.000000000000149 -80 -2.196387119355007
-79.231411216129246 5.307337294603469 -76.955181300451528 12.222809320783984
-73.258784492101881 18.284271247461817 -68.284271247461987
23.258784492101753 -62.222809320784179 26.955181300451436
-55.307337294603684 29.231411216129203 -47.803612880645218 Z"(typeid = 25,
len = -1, typmod = -1, byval = f)
	----
*** buffer overflow detected ***: postgres terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x48)[0x45014c8]
/lib/libc.so.6[0x44ff500]
/lib/libc.so.6[0x44feb88]
/lib/libc.so.6(__overflow+0x53)[0x4488f23]
/lib/libc.so.6(__printf_fp+0x1066)[0x44623f6]
/lib/libc.so.6(_IO_vfprintf+0x3dc)[0x445c2bc]
/lib/libc.so.6(__vsprintf_chk+0xa7)[0x44fec37]
/lib/libc.so.6(__sprintf_chk+0x2d)[0x44feb7d]
/usr/lib/postgresql/postgis-1.4.so[0x7c8cda0]
/usr/lib/postgresql/postgis-1.4.so[0x7c8cf69]
/usr/lib/postgresql/postgis-1.4.so(geometry_to_svg+0x313)[0x7c8d673]
/usr/lib/postgresql/postgis-1.4.so(assvg_geometry+0x88)[0x7c8da48]
postgres[0x81760b7]
postgres(ExecProject+0x1b5)[0x8175cc5]
postgres(ExecNestLoop+0x11f)[0x81869ff]
postgres(ExecProcNode+0x280)[0x81750f0]
postgres(ExecutorRun+0x34b)[0x817335b]
postgres[0x8213253]
postgres(PortalRun+0x169)[0x8214619]
postgres[0x820f4df]
postgres(PostgresMain+0xcef)[0x8210ccf]
postgres(main+0xa35)[0x8199b35]
/lib/libc.so.6(__libc_start_main+0xe5)[0x44345f5]
postgres[0x808c161]
======= Memory map: ========
04000000-0401b000 r-xp 00000000 08:01 2861194    /lib/ld-2.8.so
0401b000-0401c000 r--p 0001a000 08:01 2861194    /lib/ld-2.8.so
0401c000-0401d000 rw-p 0001b000 08:01 2861194    /lib/ld-2.8.so
0401d000-0401e000 rw-p 0401d000 00:00 0 
0401e000-0401f000 r-xp 00000000 08:01 1837368
/usr/local/lib/valgrind/x86-linux/vgpreload_core.so
0401f000-04020000 r--p 00000000 08:01 1837368
/usr/local/lib/valgrind/x86-linux/vgpreload_core.so
04020000-04021000 rw-p 00001000 08:01 1837368
/usr/local/lib/valgrind/x86-linux/vgpreload_core.so
04021000-04028000 r-xp 00000000 08:01 1837387
/usr/local/lib/valgrind/x86-linux/vgpreload_memcheck.so
04028000-04029000 r--p 00006000 08:01 1837387
/usr/local/lib/valgrind/x86-linux/vgpreload_memcheck.so
04029000-0402a000 rw-p 00007000 08:01 1837387
/usr/local/lib/valgrind/x86-linux/vgpreload_memcheck.so
0402a000-04031000 r--s 00000000 08:01 2304311
/usr/lib/gconv/gconv-modules.cache
04031000-04032000 r--p 00000000 08:01 2269329
/usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
04032000-04034000 rw-p 04032000 00:00 0 
04039000-0406e000 r-xp 00000000 08:01 2238931    /usr/lib/libxslt.so.1.1.23
0406e000-0406f000 r--p 00035000 08:01 2238931    /usr/lib/libxslt.so.1.1.23
0406f000-04070000 rw-p 00036000 08:01 2238931    /usr/lib/libxslt.so.1.1.23
04070000-041b7000 r-xp 00000000 08:01 2237005    /usr/lib/libxml2.so.2.6.32
041b7000-041bb000 r--p 00147000 08:01 2237005    /usr/lib/libxml2.so.2.6.32
041bb000-041bc000 rw-p 0014b000 08:01 2237005    /usr/lib/libxml2.so.2.6.32
041bc000-041bd000 rw-p 041bc000 00:00 0 
041bd000-041c7000 r-xp 00000000 08:01 2861204    /lib/libpam.so.0.81.12
041c7000-041c8000 r--p 0000a000 08:01 2861204    /lib/libpam.so.0.81.12
041c8000-041c9000 rw-p 0000b000 08:01 2861204    /lib/libpam.so.0.81.12
041c9000-0420a000 r-xp 00000000 08:01 2238888    /usr/lib/libssl.so.0.9.8
0420a000-0420b000 r--p 00040000 08:01 2238888    /usr/lib/libssl.so.0.9.8
0420b000-0420e000 rw-p 00041000 08:01 2238888    /usr/lib/libssl.so.0.9.8
0420e000-0420f000 rw-p 0420e000 00:00 0 
0420f000-0433a000 r-xp 00000000 08:01 2239217    /usr/lib/libcrypto.so.0.9.8
0433a000-04342000 r--p 0012a000 08:01 2239217    /usr/lib/libcrypto.so.0.9.8
04342000-0434f000 rw-p 00132000 08:01 2239217    /usr/lib/libcrypto.so.0.9.8
0434f000-04353000 rw-p 0434f000 00:00 0 
04353000-0437c000 r-xp 00000000 08:01 2239651
/usr/lib/libgssapi_krb5.so.2.2
0437c000-0437d000 r--p 00028000 08:01 2239651
/usr/lib/libgssapi_krb5.so.2.2
0437d000-0437e000 rw-p 00029000 08:01 2239651
/usr/lib/libgssapi_krb5.so.2.2
0437e000-0438b000 r-xp 00000000 08:01 2861130    /lib/libcrypt-2.8.so
0438b000-0438c000 r--p 0000c000 08:01 2861130    /lib/libcrypt-2.8.so
0438c000-0438d000 rw-p 0000d000 08:01 2861130    /lib/libcrypt-2.8.so
0438d000-043b4000 rw-p 0438d000 00:00 0 
043b4000-043b6000 r-xp 00000000 08:01 2861141    /lib/libdl-2.8.so
043b6000-043b7000 r--p 00001000 08:01 2861141    /lib/libdl-2.8.so
043b7000-043b8000 rw-p 00002000 08:01 2861141    /lib/libdl-2.8.so
043b8000-043dc000 r-xp 00000000 08:01 2861213    /lib/libm-2.8.so
043dc000-043dd000 r--p 00023000 08:01 2861213    /lib/libm-2.8.so
043dd000-043de000 rw-p 00024000 08:01 2861213    /lib/libm-2.8.so
043de000-0441b000 r-xp 00000000 08:01 2238420
/usr/lib/libldap-2.4.so.2.0.5
0441b000-0441c000 r--p 0003c000 08:01 2238420
/usr/lib/libldap-2.4.so.2.0.5
0441c000-0441d000 rw-p 0003d000 08:01 2238420
/usr/lib/libldap-2.4.so.2.0.5
0441d000-0441e000 rw-p 0441d000 00:00 0 
0441e000-0455b000 r-xp 00000000 08:01 2861154    /lib/libc-2.8.so
0455b000-0455d000 r--p 0013d000 08:01 2861154    /lib/libc-2.8.so
0455d000-0455e000 rw-p 0013f000 08:01 2861154    /lib/libc-2.8.so
0455e000-04561000 rw-p 0455e000 00:00 0 
04561000-045f2000 r-xp 00000000 08:01 2238918    /usr/lib/libkrb5.so.3.3
045f2000-045f4000 r--p 00090000 08:01 2238918    /usr/lib/libkrb5.so.3.3
045f4000-045f5000 rw-p 00092000 08:01 2238918    /usr/lib/libkrb5.so.3.3
045f5000-045f7000 r-xp 00000000 08:01 2859034    /lib/libcom_err.so.2.1
045f7000-045f8000 r--p 00001000 08:01 2859034    /lib/libcom_err.so.2.1
045f8000-045f9000 rw-p 00002000 08:01 2859034    /lib/libcom_err.so.2.1
045f9000-0460b000 r-xp 00000000 08:01 2861210    /lib/libz.so.1.2.3
0460b000-0460c000 r--p 00011000 08:01 2861210    /lib/libz.so.1.2.3
0460c000-0460d000 rw-p 00012000 08:01 2861210    /lib/libz.so.1.2.3
0460d000-04620000 r-xp 00000000 08:01 2861174    /lib/libaudit.so.0.0.0
04620000-04621000 r--p 00012000 08:01 2861174    /lib/libaudit.so.0.0.0
04621000-04622000 rw-p 00013000 08:01 2861174    /lib/libaudit.so.0.0.0
04622000-04623000 rw-p 04622000 00:00 0 
04623000-04646000 r-xp 00000000 08:01 2239684    /usr/lib/libk5crypto.so.3.1
04646000-04647000 r--p 00022000 08:01 2239684    /usr/lib/libk5crypto.so.3.1
04647000-04648000 rw-p 00023000 08:01 2239684    /usr/lib/libk5crypto.so.3.1
04648000-0464f000 r-xp 00000000 08:01 2239486
/usr/lib/libkrb5support.so.0.1
0464f000-04650000 r--p 00006000 08:01 2239486
/usr/lib/libkrb5support.so.0.1
04650000-04651000 rw-p 00007000 08:01 2239486
/usr/lib/libkrb5support.so.0.1
04651000-04653000 r-xp 00000000 08:01 2861191    /lib/libkeyutils-1.2.so
04653000-04654000 r--p 00001000 08:01 2861191    /lib/libkeyutils-1.2.so
04654000-04655000 rw-p 00002000 08:01 2861191    /lib/libkeyutils-1.2.so
04655000-04664000 r-xp 00000000 08:01 2861169    /lib/libresolv-2.8.so
04664000-04665000 r--p 0000f000 08:01 2861169    /lib/libresolv-2.8.so
04665000-04666000 rw-p 00010000 08:01 2861169    /lib/libresolv-2.8.so
04666000-04668000 rw-p 04666000 00:00 0 
04668000-04675000 r-xp 00000000 08:01 2239570
/usr/lib/liblber-2.4.so.2.0.5
04675000-04676000 r--p 0000c000 08:01 2239570
/usr/lib/liblber-2.4.so.2.0.5
04676000-04677000 rw-p 0000d000 08:01 2239570
/usr/lib/liblber-2.4.so.2.0.5
04677000-04678000 rw-p 04677000 00:00 0 
04678000-0468f000 r-xp 00000000 08:01 2239478    /usr/lib/libsasl2.so.2.0.22
0468f000-04690000 r--p 00016000 08:01 2239478    /usr/lib/libsasl2.so.2.0.22
04690000-04691000 rw-p 00017000 08:01 2239478    /usr/lib/libsasl2.so.2.0.22
04691000-04693000 rw-p 04691000 00:00 0 
04693000-04a93000 rwxp 04693000 00:00 0 
04a93000-04a9a000 r-xp 00000000 08:01 2861170    /lib/libnss_compat-2.8.so
04a9a000-04a9b000 r--p 00006000 08:01 2861170    /lib/libnss_compat-2.8.so
04a9b000-04a9c000 rw-p 00007000 08:01 2861170    /lib/libnss_compat-2.8.so
04a9c000-04aaf000 r-xp 00000000 08:01 2859016    /lib/libnsl-2.8.so
04aaf000-04ab0000 r--p 00012000 08:01 2859016    /lib/libnsl-2.8.so
04ab0000-04ab1000 rw-p 00013000 08:01 2859016    /lib/libnsl-2.8.so
04ab1000-04ab3000 rw-p 04ab1000 00:00 0 
04ab3000-04abb000 r-xp 00000000 08:01 2861125    /lib/libnss_nis-2.8.so
04abb000-04abc000 r--p 00007000 08:01 2861125    /lib/libnss_nis-2.8.so
04abc000-04abd000 rw-p 00008000 08:01 2861125    /lib/libnss_nis-2.8.so
04abd000-04ac6000 r-xp 00000000 08:01 2861148    /lib/libnss_files-2.8.so
04ac6000-04ac7000 r--p 00008000 08:01 2861148    /lib/libnss_files-2.8.so
04ac7000-04ac8000 rw-p 00009000 08:01 2861148    /lib/libnss_files-2.8.so
04ac8000-04bac000 r--p 00000000 08:01 2269266
/usr/lib/locale/en_US.utf8/LC_COLLATE
04bac000-04beb000 r--p 00000000 08:01 2269269
/usr/lib/locale/en_US.utf8/LC_CTYPE
04beb000-057eb000 rwxp 04beb000 00:00 0 
057eb000-07c5b000 rw-s 00000000 00:09 1736705    /SYSV00000001 (deleted)
07c5b000-07cc2000 r-xp 00000000 08:01 2304483
/usr/lib/postgresql/postgis-1.4.so
07cc2000-07cc3000 r--p 00067000 08:01 2304483
/usr/lib/postgresql/postgis-1.4.so
07cc3000-07cc4000 rw-p 00068000 08:01 2304483
/usr/lib/postgresql/postgis-1.4.so
07cd3000-07ce6000 r-xp 00000000 08:01 1804763
/usr/local/lib/libgeos_c.so.1.5.0
07ce6000-07ce7000 r--p 00012000 08:01 1804763
/usr/local/lib/libgeos_c.so.1.5.0
07ce7000-07ce8000 rw-p 00013000 08:01 1804763
/usr/local/lib/libgeos_c.so.1.5.0
07ce8000-07d1a000 r-xp 00000000 08:01 1804717
/usr/local/lib/libproj.so.0.5.4
07d1a000-07d1b000 r--p 00031000 08:01 1804717
/usr/local/lib/libproj.so.0.5.4
07d1b000-07d1d000 rw-p 00032000 08:01 1804717
/usr/local/lib/libproj.so.0.5.4
07d1d000-07e65000 r-xp 0000000Aborted

Thanks,
Regina
-------------- next part --------------
A non-text attachment was scrubbed...
Name: valgrindlog
Type: application/octet-stream
Size: 42879 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20090313/41888839/attachment.obj>


More information about the postgis-devel mailing list