Re: puzzling JSON bug
| От | Tom Lane |
|---|---|
| Тема | Re: puzzling JSON bug |
| Дата | |
| Msg-id | 9384.1365104363@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | puzzling JSON bug (Andrew Dunstan <andrew@dunslane.net>) |
| Ответы |
Re: puzzling JSON bug
|
| Список | pgsql-hackers |
Andrew Dunstan <andrew@dunslane.net> writes:
> David Wheeler has presented me with a nasty bug case.
> If I do this:
> select '{"members": { "add": [3, 4]}}'::json #> '{members,add}';
> then I get a crash.
> If I comment out the pfree() at json.c:parse_object_field() lines 378-9
> then I get back the right result but instead get a warning like this:
> WARNING: problem in alloc set ExprContext: bogus aset link in block
> 0x1efaa80, chunk 0x1efb1f0
> I'm not quite sure where I should go looking for what I've done wrong here.
Routine array-overrun memory stomp. The chunk header data for "fname"'s
alloc chunk is being overwritten here:
Watchpoint 2: *(int *) 1075253088
Old value = 1074925616
New value = -1
0x50fe14 in get_array_start (state=0x40170e88) at jsonfuncs.c:688
688 _state->array_level_index[lex_level] = -1;
It appears that lex_level is 2 but only enough room for 2 entries has
been allocated in array_level_index[].
regards, tom lane
В списке pgsql-hackers по дате отправления: