NetBSD Problem Report #52849

From www@NetBSD.org  Fri Dec 22 15:53:07 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id B0A887A174
	for <gnats-bugs@gnats.NetBSD.org>; Fri, 22 Dec 2017 15:53:07 +0000 (UTC)
Message-Id: <20171222155306.9F95F7A1E9@mollari.NetBSD.org>
Date: Fri, 22 Dec 2017 15:53:06 +0000 (UTC)
From: plavoie@hvc.rr.com
Reply-To: plavoie@hvc.rr.com
To: gnats-bugs@NetBSD.org
Subject: libedit core dumps on saving history file with psql from postgresql*-client packages on amd64 platform
X-Send-Pr-Version: www-1.0

>Number:         52849
>Category:       lib
>Synopsis:       libedit core dumps on saving history file with psql from postgresql*-client packages on amd64 platform
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Dec 22 15:55:00 +0000 2017
>Last-Modified:  Sun Dec 24 03:10:01 +0000 2017
>Originator:     Paul J Lavoie
>Release:        -current from past several months
>Organization:
>Environment:
NetBSD dipper 8.99.9 NetBSD 8.99.9 (GENERIC) #2: Thu Dec 14 14:11:23 UTC 2017  root@dipper:/usr/obj/sys/arch/amd64/compile/GENERIC amd64
>Description:
Postgresql for the past few months (since 10 was introduced into
pkgsrc at least back in October) would fail to save its history file
on exit, producing a core dump. Copy/paste of multi-line input within
an X session would also only input the first line of text. This was
found to also apply to postgresql96-client when checked a couple weeks
ago, which had been working fine in the summer.

Having become frustrated with this and having some time, I've spent
the past couple of days hunting down this issue. Compiling -current
with MKDEBUGLIB enabled, I found that psql was crashing on the exit
code inside the history_save_fp() function, specifically the first
line:

if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1)

due to a null being passed as fp. 

I've recompiled postgresql10-client to use the
READLINE_DEFAULT=readline to avoid the libedit variant, and have found
that the application now works properly, in both use cases.

Given that postgresql works with readline, but not with libedit, I'm
inclined to think that some recent change in libedit has broken
compatibility.

I may look further to see if I can pinpoint the issue.
>How-To-Repeat:
Grab -current
Grab pkgsrc
Compile postgresql10-client (or postgresql96-client)
Connect to postgresql db with the command utility 'psql'
Exit application
Watch core dump.
>Fix:
Workaround: compile postgresql*-client with readline instead of libedit.

>Release-Note:

>Audit-Trail:
From: Valery Ushakov <uwe@stderr.spb.ru>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/52849: libedit core dumps on saving history file with psql
 from postgresql*-client packages on amd64 platform
Date: Sat, 23 Dec 2017 21:04:26 +0300

 On Fri, Dec 22, 2017 at 15:55:00 +0000, plavoie@hvc.rr.com wrote:

 > Having become frustrated with this and having some time, I've spent
 > the past couple of days hunting down this issue. Compiling -current
 > with MKDEBUGLIB enabled, I found that psql was crashing on the exit
 > code inside the history_save_fp() function, specifically the first
 > line:
 >
 > if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1)
 > 
 > due to a null being passed as fp. 

 Is there a sack trace?

 From a quick look 1.58 of history.c (from Sep 1) looks highly
 suspicious as it introduced a call like 

   history_save_fp(h, va_arg(va, size_t), va_arg(va, FILE *));

 and of course C99 even cites that as an example of UB:

        3.4.4
        [#1] unspecified behavior
        behavior where this International Standard provides  two  or
        more  possibilities  and  imposes no further requirements on
        which is chosen in any instance

        [#2] EXAMPLE  An example  of  unspecified  behavior  is  the
        order in which the arguments to a function are evaluated.

 -uwe

From: "Valeriy E. Ushakov" <uwe@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52849 CVS commit: src/lib/libedit
Date: Sat, 23 Dec 2017 18:25:04 +0000

 Module Name:	src
 Committed By:	uwe
 Date:		Sat Dec 23 18:25:03 UTC 2017

 Modified Files:
 	src/lib/libedit: history.c

 Log Message:
 The order in which the arguments to a function are evaluated is
 undefined, so don't use va_arg() twice.

 PR lib/52849


 To generate a diff of this commit:
 cvs rdiff -u -r1.58 -r1.59 src/lib/libedit/history.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Valery Ushakov <uwe@stderr.spb.ru>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/52849: libedit core dumps on saving history file with psql
 from postgresql*-client packages on amd64 platform
Date: Sat, 23 Dec 2017 21:28:13 +0300

 On Sat, Dec 23, 2017 at 21:04:26 +0300, Valery Ushakov wrote:

 > From a quick look 1.58 of history.c (from Sep 1) looks highly
 > suspicious as it introduced a call like 
 > 
 >   history_save_fp(h, va_arg(va, size_t), va_arg(va, FILE *));
 > 
 > and of course C99 even cites that as an example if UB:

 I've committed a fix in history.c revision 1.59.  Please, can you
 update and test?  TIA!

 -uwe

From: Paul J Lavoie <plavoie@hvc.rr.com>
To: gnats-bugs@NetBSD.org
Cc: lib-bug-people@netbsd.org,
 gnats-admin@netbsd.org,
 netbsd-bugs@netbsd.org
Subject: Re: lib/52849: libedit core dumps on saving history file with psql
 from postgresql*-client packages on amd64 platform
Date: Sat, 23 Dec 2017 20:15:01 -0500

 The core dump issue has been fixed by this change.

 The odd issue with the multi-line copy/paste still remains, though. Not =
 sure how to collect more info on that one.

 > On Dec 23, 2017, at 1:30 PM, Valery Ushakov <uwe@stderr.spb.ru> wrote:
 >=20
 > The following reply was made to PR lib/52849; it has been noted by =
 GNATS.
 >=20
 > From: Valery Ushakov <uwe@stderr.spb.ru>
 > To: gnats-bugs@NetBSD.org
 > Cc:=20
 > Subject: Re: lib/52849: libedit core dumps on saving history file with =
 psql
 > from postgresql*-client packages on amd64 platform
 > Date: Sat, 23 Dec 2017 21:28:13 +0300
 >=20
 > On Sat, Dec 23, 2017 at 21:04:26 +0300, Valery Ushakov wrote:
 >=20
 >> =46rom a quick look 1.58 of history.c (from Sep 1) looks highly
 >> suspicious as it introduced a call like=20
 >>=20
 >>  history_save_fp(h, va_arg(va, size_t), va_arg(va, FILE *));
 >>=20
 >> and of course C99 even cites that as an example if UB:
 >=20
 > I've committed a fix in history.c revision 1.59.  Please, can you
 > update and test?  TIA!
 >=20
 > -uwe
 >=20

>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.