Skip Menu |

This queue is for tickets about the DBI CPAN distribution.

Report information
The Basics
Id: 86744
Status: open
Priority: 0/
Queue: DBI

People
Owner: Nobody in particular
Requestors: OSCHWALD [...] cpan.org
Cc: pali [...] cpan.org
AdminCc:

Bug Information
Severity: (no value)
Broken in: 1.627
Fixed in: (no value)



Subject: Possible memory corruption when using execute callback and _many_ params
When updating some code at work, I ran into an issue where any callback on an execute with _many_ params will cause DBI to fail. The output is: SV = PV(0x1b9f150) at 0x1ba0de8 REFCNT = 1 FLAGS = (POK,pPOK) PV = 0x1bd2f50 "test"\0 CUR = 4 LEN = 16 Invalid DBI handle 'test' at test-case.pl line 302. I have attached a simplified script that exhibits the issue. If I remove the callback, it works fine. It also seems to work fine when someone uses a sane number of params. This happens with both the MySQL and Pg drivers, which leads me to believe that the issue is with DBI itself.
Subject: test-case.pl

Message body is not shown because it is too large.

I am attaching a more readable test case that takes the number of params as an argument. The issue seems to start at 2046 params for me, which is obviously near 2^11. With some values, I get segmentation faults rather than the error I included in my first message. I am using Perl 5.16.3, and I tested it on multiple machines with both the MySQL and Pg drivers. Please let me know if you need any other information. Here is the output of 'perl -V' on my home box: Summary of my perl5 (revision 5 version 16 subversion 3) configuration: Platform: osname=linux, osvers=3.5.0-26-generic, archname=x86_64-linux uname='linux godesk 3.5.0-26-generic #40-ubuntu smp tue feb 26 19:57:24 utc 2013 x86_64 x86_64 x86_64 gnulinux ' config_args='-de -Dprefix=/home/greg/perl5/perlbrew/perls/perl-5.16.2 -Aeval:scriptdir=/home/greg/perl5/perlbrew/perls/perl-5.16.2/bin' hint=recommended, useposix=true, d_sigaction=define useithreads=undef, usemultiplicity=undef useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef use64bitint=define, use64bitall=define, uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler: cc='cc', ccflags ='-fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64', optimize='-O2', cppflags='-fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include' ccversion='', gccversion='4.7.2', gccosandvers='' intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16 ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8 alignbytes=8, prototype=define Linker and Libraries: ld='cc', ldflags =' -fstack-protector -L/usr/local/lib' libpth=/usr/local/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib /usr/lib libs=-lnsl -ldb -ldl -lm -lcrypt -lutil -lc perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc libc=, so=so, useshrplib=false, libperl=libperl.a gnulibc_version='2.15' Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E' cccdlflags='-fPIC', lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector' Characteristics of this binary (from libperl): Compile-time options: HAS_TIMES PERLIO_LAYERS PERL_DONT_CREATE_GVSV PERL_MALLOC_WRAP PERL_PRESERVE_IVUV USE_64_BIT_ALL USE_64_BIT_INT USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_PERLIO USE_PERL_ATOF Built under linux Compiled at Mar 12 2013 20:14:20 %ENV: PERLBREW_BASHRC_VERSION="0.59" PERLBREW_HOME="/home/greg/.perlbrew" PERLBREW_MANPATH="/home/greg/perl5/perlbrew/perls/perl-5.16.2/man" PERLBREW_PATH="/home/greg/perl5/perlbrew/bin:/home/greg/perl5/perlbrew/perls/perl-5.16.2/bin" PERLBREW_PERL="perl-5.16.2" PERLBREW_ROOT="/home/greg/perl5/perlbrew" PERLBREW_VERSION="0.59" @INC: /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/site_perl/5.16.3/x86_64-linux /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/site_perl/5.16.3 /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/5.16.3/x86_64-linux /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/5.16.3 /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/site_perl/5.16.2/x86_64-linux /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/site_perl/5.16.2 /home/greg/perl5/perlbrew/perls/perl-5.16.2/lib/site_perl .
Subject: test-case.pl
use warnings; use strict; use DBI; my $count = $ARGV[0]; my $place_holders = join(',', ('?') x $count); my $sql = <<"EOF"; SELECT * FROM information_schema.tables WHERE table_schema IN ( $place_holders) EOF my @params = ('test') x $count; my $dbh = DBI->connect( 'DBI:mysql:test', q{}, q{}, { Callbacks => { ChildCallbacks => { execute => sub { return; } } } } ); my $sth = $dbh->prepare($sql); $sth->execute(@params);
Also attaching a stack trace and a core dump.
Subject: core
Download core
application/octet-stream 13.2m

Message body not shown because it is not plain text.

Subject: strace
Download strace
application/octet-stream 49.4k

Message body not shown because it is not plain text.

Sending the previous mail has failed. Please contact your admin, they can find more details in the logs.
Sending the previous mail has failed. Please contact your admin, they can find more details in the logs.
I think this is fixed in DBI 1.628 (The change notes says Fixed stack corruption on callbacks RT#85562 RT#84974 [Aaron Schweiger]) Could you retest?
I am still experiencing this when using 1.628.
On Fri Jul 05 18:35:48 2013, OSCHWALD wrote: Show quoted text
> When updating some code at work, I ran into an issue where any > callback on an execute with _many_ params will cause DBI to fail. The > output is: > > SV = PV(0x1b9f150) at 0x1ba0de8 > REFCNT = 1 > FLAGS = (POK,pPOK) > PV = 0x1bd2f50 "test"\0 > CUR = 4 > LEN = 16 > Invalid DBI handle 'test' at test-case.pl line 302. > > I have attached a simplified script that exhibits the issue. If I > remove the callback, it works fine. It also seems to work fine when > someone uses a sane number of params. > > This happens with both the MySQL and Pg drivers, which leads me to > believe that the issue is with DBI itself.
Looks like this is a same problem as which I had: When custom callback set in https://metacpan.org/pod/DBI#HandleError is called by DBI, it triggered memory corruption. When I removed callback then problem disappeared. I debugged my problem and prepared a pull request with fix: https://github.com/perl5-dbi/dbi/pull/85 Everytime when DBI called external Perl callback and Perl needed to reallocate stack, then memory corruption occured and DBI either crashed or overwritten some random Perl variable on stack. Seems that this problem matches your description.