Skip Menu |

This queue is for tickets about the DBD-Pg CPAN distribution.

Report information
The Basics
Id: 130681
Status: resolved
Priority: 0/
Queue: DBD-Pg
People
Owner: greg [...] turnstep.com
Requestors: chazmcgarvey [...] brokenzipper.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 3.9.0
Fixed in: 3.10.1
Attachments
signature.asc

History Show all quoted text
  Wed Oct 09 11:54:24 2019 chazmcgarvey [...] brokenzipper.com - Ticket created
Date: Wed, 09 Oct 2019 09:38:39 -0600
To: undisclosed-recipients:;
From: chazmcgarvey [...] brokenzipper.com
From e81047b90678ab7053f93e870b7249f5bfb77b9c Mon Sep 17 00:00:00 2001 From: Charles McGarvey <chazmcgarvey@brokenzipper.com> Date: Thu, 26 Sep 2019 22:19:28 -0600 Subject: [PATCH] Fix a segfault related to async statements To: bug-DBD-Pg@rt.cpan.org Hi friends, After upgrading to DBD::Pg 3.10.0, my async app now dies on "Segmentation fault" or "double free or corruption". The exact place it dies is inconsistent, but capturing various backtraces reveals it's always in PQclear. So it seems like we're attempting to free a result more than once. It crashes consistently in my complex app, but I haven't yet succeeded in reproducing it in a test file. :-( Here's a sample backtrace: #0 0x00007fe110a45a90 in free () from /lib64/libc.so.6 #1 0x00007fe10d30f9fe in PQclear () from /usr/lib64/postgresql-11/lib64/libpq.so.5 #2 0x00007fe10d358089 in _result () from .../lib/perl5/x86_64-linux/auto/DBD/Pg/Pg.so #3 0x00007fe10d35994c in pg_st_deallocate_statement.isra () from .../lib/perl5/x86_64-linux/auto/DBD/Pg/Pg.so #4 0x00007fe10d365023 in pg_st_destroy () from .../lib/perl5/x86_64-linux/auto/DBD/Pg/Pg.so #5 0x00007fe10d352ea6 in XS_DBD__Pg__st_DESTROY () from .../lib/perl5/x86_64-linux/auto/DBD/Pg/Pg.so #6 0x00007fe10d3939b8 in XS_DBI_dispatch () from .../lib/perl5/x86_64-linux/auto/DBI/DBI.so #7 0x000055c2a3321179 in Perl_pp_entersub () ... I bisected to b312efb (made prior to 3.9.0). I took a stab at fixing the problem and came to this solution. This does alleviate the segfaults for me, though I'd need someone more familiar with this code to verify it's the right solution. And that it doesn't introduce memory leaks. Pull request: https://github.com/bucardo/dbdpg/pull/60 Regards, Charles M. --- dbdimp.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/dbdimp.c b/dbdimp.c index c88321f..73a6712 100644 --- a/dbdimp.c +++ b/dbdimp.c @@ -684,6 +684,8 @@ void dbd_db_destroy (SV * dbh, imp_dbh_t * imp_dbh) if (imp_dbh->async_sth->result) { TRACE_PQCLEAR; PQclear(imp_dbh->async_sth->result); + if (imp_dbh->last_result == imp_dbh->async_sth->result) + imp_dbh->last_result = NULL; } imp_dbh->async_sth = NULL; } @@ -5169,8 +5171,13 @@ long pg_db_result (SV *h, imp_dbh_t *imp_dbh) if (imp_dbh->async_sth) { if (imp_dbh->async_sth->result) { /* For potential multi-result sets */ - TRACE_PQCLEAR; - PQclear(imp_dbh->async_sth->result); + if (imp_dbh->sth_result_owner == (long int)imp_dbh->async_sth) { + imp_dbh->sth_result_owner = 0; + } + else { + TRACE_PQCLEAR; + PQclear(imp_dbh->async_sth->result); + } } imp_dbh->async_sth->result = result; } -- 2.21.0
  Sat Oct 12 08:00:11 2019 greg [...] turnstep.com - Status changed from 'new' to 'open'
  Sat Oct 12 08:00:58 2019 greg [...] turnstep.com - Subject changed from (no value) to 'Segfault when using async'
  Sat Oct 12 08:09:21 2019 greg [...] turnstep.com - Correspondence added
That looks like a good diagnosis and fix. I will try to make some tests that trigger the issue.
  Thu Oct 17 10:19:05 2019 greg [...] turnstep.com - Correspondence added
Got pulled away, but hope to have time for this in next few days.
  Thu Oct 17 10:20:05 2019 greg [...] turnstep.com - Taken
  Thu Oct 17 10:20:06 2019 greg [...] turnstep.com - Broken in 3.9.0 added
  Thu Oct 17 10:20:06 2019 greg [...] turnstep.com - Broken in 3.9.1 added
  Thu Jan 09 11:36:35 2020 greg [...] turnstep.com - Correspondence added
Made some changes: see d859fa296130aa947c5230fa8d08e4746600ff04 and earlier
  Thu Jan 09 13:42:04 2020 chazmcgarvey [...] brokenzipper.com - Correspondence added
Subject: Re: [rt.cpan.org #130681] Segfault when using async
Date: Thu, 9 Jan 2020 11:13:11 -0700
To: bug-DBD-Pg [...] rt.cpan.org
From: Charles McGarvey <chazmcgarvey [...] brokenzipper.com>
On 1/9/20 9:36 AM, Greg Sabino Mullane via RT wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=130681 > > > Made some changes: see d859fa296130aa947c5230fa8d08e4746600ff04 and earlier >
Nice, d859fa29 does indeed solve this for me. Thanks, -- Charles McGarvey
Download signature.asc
application/pgp-signature 195b

Message body not shown because it is not plain text.

  Sun Jan 19 08:23:28 2020 greg [...] turnstep.com - Status changed from 'open' to 'resolved'
  Sun Jan 19 08:23:28 2020 greg [...] turnstep.com - Fixed in 3.10.1 added
  Sun Jan 19 08:23:28 2020 greg [...] turnstep.com - Broken in 3.10.0 added
  Sun Jan 19 08:23:39 2020 greg [...] turnstep.com - Broken in 3.9.1 deleted
  Sun Jan 19 08:23:39 2020 greg [...] turnstep.com - Broken in 3.10.0 deleted