Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#2358 closed defect (fixed)

Segfault in swq_select_finish_summarize

Reported by: gagern Owned by: Mateusz Łoskot
Priority: normal Milestone: 1.5.2
Component: OGR_SF Version: 1.5.0
Severity: normal Keywords: ogrsql
Cc: warmerdam

Description

I hit this while using qgis, when I tried to classify attributes from a newly created vector layer with unsaved features and therefore empty attribute table in the file. This backtrace is from gdal 1.3.1, but I could reproduce it with 1.5.0 as well.

#0  0xb7ba67c4 in swq_select_finish_summarize (select_info=0x96b47d0) at swq.c:2233
#1  0xb7b37ecb in OGRGenSQLResultsLayer::PrepareSummary (this=0x96d74c0) at ogr_gensql.cpp:507
#2  0xb7b38b1c in OGRGenSQLResultsLayer::GetFeature (this=0x96d74c0, nFID=0) at ogr_gensql.cpp:725
#3  0xb7b38bcc in OGRGenSQLResultsLayer::GetNextFeature (this=0x96d74c0) at ogr_gensql.cpp:682
#4  0xb7b45273 in OGR_L_GetNextFeature (hLayer=0x96d74c0) at ogrlayer.cpp:446
#5  0xb5d2f873 in QgsOgrProvider::getUniqueValues (this=0x9693ea0, index=0, uniqueValues=@0xbfed1810)
    at /var/tmp/portage/sci-geosciences/qgis-0.10.0/work/qgis_0.10.0/src/providers/ogr/qgsogrprovider.cpp:1284

Reason seems to be that select_info->column_summary == NULL in swq_select_finish_summarize because column_summary gets allocated in swq_select_summarize when the first row of the result is processed, but OGRGenSQLResultsLayer::PrepareSummary never calls that function if there are no data rows.

I'm not sure what correct behaviour should be, probably an empty result set. Definitely not a crash.

Attachments (2)

ticket2358.patch (539 bytes) - added by gagern 12 years ago.
Patch skipping sort for empty result set
gdal-2358-reproduce-test.tar.bz2 (1.2 KB) - added by Mateusz Łoskot 12 years ago.
Simple test that reproduces QGIS steps and confirms the segmentation fault in OGR SQL engine (see README)

Download all attachments as: .zip

Change History (7)

Changed 12 years ago by gagern

Attachment: ticket2358.patch added

Patch skipping sort for empty result set

comment:1 Changed 12 years ago by mloskot

Milestone: 1.6.0
Owner: changed from warmerdam to Mateusz Łoskot
Status: newassigned

I'm taking this ticket.

comment:2 Changed 12 years ago by warmerdam

Cc: warmerdam added
Component: defaultOGR_SF
Keywords: ogrsql added

Mateusz,

I'm marking this as milestone 1.5.2. Please try to introduce a test in the autotest for this, likely in autotest/ogr/ogr_sql_test.py.

Thanks,

comment:3 Changed 12 years ago by warmerdam

Milestone: 1.6.01.5.2

comment:4 Changed 12 years ago by Mateusz Łoskot

Resolution: fixed
Status: assignedclosed

Fixed in trunk (r14426) and branches/1.5 (r14427)

comment:5 Changed 12 years ago by Mateusz Łoskot

FYI, when fixing the segfault issue, I've noticed that the OGR provider in QGIS causes memory leak. I've submitted bug ticket: http://trac.osgeo.org/qgis/ticket/1083

Changed 12 years ago by Mateusz Łoskot

Simple test that reproduces QGIS steps and confirms the segmentation fault in OGR SQL engine (see README)

Note: See TracTickets for help on using tickets.