Skip Menu |

This queue is for tickets about the Future-AsyncAwait CPAN distribution.

Report information
The Basics
Id: 130464
Status: resolved
Priority: 0/
Queue: Future-AsyncAwait
People
Owner: Nobody in particular
Requestors: leonerd-cpan [...] leonerd.org.uk
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 0.33

History Show all quoted text
  Sat Sep 07 23:46:08 2019 leonerd-cpan [...] leonerd.org.uk - Ticket created
Subject: Possible segfault/memory corruption
Hard to pin down specifics but a test case in my new Device-Chip-CC1101 driver: $ perl -Mblib cc1101.pl D1 D2 corrupted double-linked list Aborted leo@shy:~/src/perl/Device-Chip-CC1101 $ perl -Mblib cc1101.pl D1 D2 corrupted double-linked list Aborted leo@shy:~/src/perl/Device-Chip-CC1101 $ perl -Mblib cc1101.pl D1 malloc(): unsorted double linked list corrupted Aborted leo@shy:~/src/perl/Device-Chip-CC1101 $ perl -Mblib cc1101.pl D1 D2 Register 0x00: value=29 Register 0x01: value=2E Register 0x02: value=3F ... (runs fine) D1 and D2 are prints to STDERR either side of a $chip->change_config call on an SPI adapter running via Device::BusPirate. -- Paul Evans
  Sat Sep 07 23:59:57 2019 leonerd-cpan [...] leonerd.org.uk - Correspondence added
Some help from valgrind $ valgrind perl -Mblib cc1101.pl ==32464== Memcheck, a memory error detector ==32464== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==32464== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info ==32464== Command: perl -Mblib cc1101.pl ==32464== D1 ==32464== Invalid write of size 8 ==32464== at 0x5B1A1AE: pp_leaveasync (AsyncAwait.xs:1754) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x5B1CF48: S_docatch.isra.12.constprop.33 (docatch.c.inc:20) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x15DD54: Perl_call_sv (perl.c:3004) ==32464== by 0x5B1A12D: MY_future_done_from_stack (AsyncAwait.xs:1568) ==32464== by 0x5B1A12D: pp_leaveasync (AsyncAwait.xs:1747) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x166116: S_run_body (perl.c:2694) ==32464== by 0x166116: perl_run (perl.c:2617) ==32464== by 0x13C401: main (perlmain.c:122) ==32464== Address 0x4c1c9e8 is 8 bytes inside a block of size 1,024 free'd ==32464== at 0x4837D7B: realloc (vg_replace_malloc.c:826) ==32464== by 0x1CB6F9: Perl_safesysrealloc (util.c:271) ==32464== by 0x1E8CA4: Perl_av_extend_guts (av.c:159) ==32464== by 0x229AD7: Perl_stack_grow (scope.c:57) ==32464== by 0x1EA8F0: S_pushav (pp_hot.c:1123) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x22C658: S_docatch (pp_ctl.c:3241) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x15DD54: Perl_call_sv (perl.c:3004) ==32464== by 0x5B1A12D: MY_future_done_from_stack (AsyncAwait.xs:1568) ==32464== by 0x5B1A12D: pp_leaveasync (AsyncAwait.xs:1747) ==32464== by 0x1EA685: Perl_runops_standard (run.c:41) ==32464== by 0x5B1CF48: S_docatch.isra.12.constprop.33 (docatch.c.inc:20) ==32464== Block was alloc'd at ==32464== at 0x483577F: malloc (vg_replace_malloc.c:299) ==32464== by 0x1CB131: Perl_safesysmalloc (util.c:153) ==32464== by 0x1E8C0A: Perl_av_extend_guts (av.c:178) ==32464== by 0x229B70: Perl_new_stackinfo (scope.c:78) ==32464== by 0x15F152: Perl_init_stacks (perl.c:4293) ==32464== by 0x15F570: perl_construct (perl.c:271) ==32464== by 0x13C325: main (perlmain.c:117) ==32464== -- Paul Evans
  Sun Sep 08 00:06:05 2019 leonerd-cpan [...] leonerd.org.uk - Correspondence added
==32464== at 0x5B1A1AE: pp_leaveasync (AsyncAwait.xs:1754) Seems somewhat plausible; the line of code is 1754 mPUSHs(ret); and the block of memory had been alloced but freed by the stack management code. I bet this is case for SPAGAIN; -- Paul Evans
  Sun Sep 08 00:11:28 2019 leonerd-cpan [...] leonerd.org.uk - Correspondence added
Yep; SPAGAIN required. Patch attached. -- Paul Evans
Subject: rt130464.patch
=== modified file 'lib/Future/AsyncAwait.xs' --- lib/Future/AsyncAwait.xs 2019-08-30 11:26:48 +0000 +++ lib/Future/AsyncAwait.xs 2019-09-08 04:08:35 +0000 @@ -1732,7 +1732,6 @@ PERL_CONTEXT *cx = CX_CUR(); SV *f = NULL; SV *ret; - SV **oldsp = PL_stack_base + cx->blk_oldsp; SuspendedState *state = suspendedstate_get(find_runcv(0)); if(state && state->returning_future) { @@ -1747,6 +1746,9 @@ ret = future_done_from_stack(f, mark); } + SPAGAIN; + SV **oldsp = PL_stack_base + cx->blk_oldsp; + /* Pop extraneous stack items */ while(SP > oldsp) POPs;
  Sun Sep 08 00:11:28 2019 leonerd-cpan [...] leonerd.org.uk - Status changed from 'new' to 'patched'
  Sun Sep 08 07:30:28 2019 leonerd-cpan [...] leonerd.org.uk - Correspondence added
Fixed in 0.33 -- Paul Evans
  Sun Sep 08 07:30:28 2019 leonerd-cpan [...] leonerd.org.uk - Status changed from 'patched' to 'resolved'
  Sun Sep 08 07:30:29 2019 leonerd-cpan [...] leonerd.org.uk - Fixed in 0.33 added