4. PostgreSQL Server (Address Sanitizer Enabled) Subprocess Went down at Function '__asan_memcpy'
| От | |
|---|---|
| Тема | 4. PostgreSQL Server (Address Sanitizer Enabled) Subprocess Went down at Function '__asan_memcpy' |
| Дата | |
| Msg-id | 00a901d96e26$8350bf20$89f23d60$@mails.tsinghua.edu.cn обсуждение исходный текст |
| Список | pgsql-bugs |
Description: PostgreSQL Server (Address Sanitizer Enabled) Subprocess Went down at Function ‘__asan_memcpy’
PostgreSQL Server Version: PostgreSQL 15.2 on x86_64-pc-linux-gnu, compiled by Ubuntu clang version 12.0.1, 64-bit
Discoverer: Jingzhou Fu, Jie Liang and Zhiyong Wu in WingTecher Lab of Tsinghua University and Shuimuyulin ltd
Email address: fjz22@mails.tsinghua.edu.cn , wuzy21@mails.tsinghua.edu.cn , ljiee@mail.tsinghua.edu.cn
PoC:
```sql
CREATE FUNCTION f1(cstring)
RETURNS interval_tbl
AS 'textin'
LANGUAGE internal STRICT IMMUTABLE;
CREATE FUNCTION interval_tbl_of(interval_tbl)
RETURNS cstring
AS 'textout'
LANGUAGE internal STRICT IMMUTABLE;
create type interval_tbl (
input = f1,
output = interval_tbl_of,
like = int8
);
SELECT interval_tbl_of('interval_tbl'::text::interval_tbl);
```
ASAN Report:
```
==2890==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x625000041218,0x625000041224) and [0x62500004121c, 0x625000041228) overlap
#0 0x519d74 in __asan_memcpy (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x519d74)
#1 0x1bd1956 in text_to_cstring (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1bd1956)
#2 0x1bd5515 in textout (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1bd5515)
#3 0xe84bc4 in ExecInterpExpr (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0xe84bc4)
#4 0xe81ced in ExecInterpExprStillValid (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0xe81ced)
#5 0x13589b4 in ExecEvalExprSwitchContext (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x13589b4)
#6 0x1358546 in evaluate_expr (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1358546)
#7 0x135d9c4 in evaluate_function (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x135d9c4)
#8 0x135b520 in simplify_function (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x135b520)
#9 0x134afda in eval_const_expressions_mutator (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x134afda)
#10 0x111caae in expression_tree_mutator (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x111caae)
#11 0x1355113 in eval_const_expressions_mutator (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1355113)
#12 0x111d807 in expression_tree_mutator (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x111d807)
#13 0x1355113 in eval_const_expressions_mutator (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1355113)
#14 0x1349342 in eval_const_expressions (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1349342)
#15 0x12a58ff in preprocess_expression (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x12a58ff)
#16 0x12a0185 in subquery_planner (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x12a0185)
#17 0x129ba26 in standard_planner (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x129ba26)
#18 0x129ae4b in planner (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x129ae4b)
#19 0x16e1e65 in pg_plan_query (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x16e1e65)
#20 0x16e2861 in pg_plan_queries (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x16e2861)
#21 0x16e924c in exec_simple_query (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x16e924c)
#22 0x16e7a62 in PostgresMain (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x16e7a62)
#23 0x144c17a in BackendRun (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x144c17a)
#24 0x144ad84 in BackendStartup (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x144ad84)
#25 0x14481e5 in ServerLoop (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x14481e5)
#26 0x1443e0e in PostmasterMain (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x1443e0e)
#27 0x106ebf1 in main (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x106ebf1)
#28 0x7fc0c3cfb082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#29 0x49fc0d in _start (/root/bin_original_asan/usr/local/pgsql/bin/postgres+0x49fc0d)
```
В списке pgsql-bugs по дате отправления:
Предыдущее
От:Дата:
Сообщение: 4. PostgreSQL Server Subprocess Went down at function 'pg_detoast_datum'
Следующее
От:Дата:
Сообщение: 6. PostgreSQL Server Subprocess Went down at Function 'has_dangerous_join_using'