[Rpm-maint] rpm4.14 makes perl-RPM4 testsuite to segfault
Thierry Vignaud
thierry.vignaud at gmail.com
Thu Oct 5 09:34:58 UTC 2017
On 5 October 2017 at 10:15, Panu Matilainen <pmatilai at redhat.com> wrote:
>>>> Yeah, I'm getting segfaults all the way to rpm 4.11.x, didn't test
>>>> earlier because this already shows it's not a regression in 4.14.x but
>>>> something else. A bug in perl-RPM4 perhaps, as compiling it with -Og makes
>>>> the crash go away, other optimization levels make it blow up with different
>>>> levels of spectacular. I dont see anything obvious in there but that doesn't
>>>> mean much, I know diddly about perl and its extensions.
>>>
>>>
>>> I ran it with some added debugging on rpm side which I'm more familiar
>>> with, and the crash happens because a totally garbage pointer is passed to
>>> headerFree(). Well indeed, it was passing the address of the header pointer
>>> variable as the header itself into the callback, and when you try do stuff
>>> with that, well...
>>>
>>> This fixes it:
>>>
>>> diff --git a/src/RPM4.xs b/src/RPM4.xs
>>> index 04c65ee..6604477 100644
>>> --- a/src/RPM4.xs
>>> +++ b/src/RPM4.xs
>>> @@ -246,7 +246,7 @@ static void *
>>> s_what = "INST_START";
>>> if (h) {
>>> mXPUSHs(newSVpv("header", 0));
>>> - mXPUSHs(sv_setref_pv(newSVpvs(""), bless_header, &h));
>>> + mXPUSHs(sv_setref_pv(newSVpvs(""), bless_header, h));
>>> #ifdef HDRPMMEM
>>
>>
>>
>> Oh and you'll want to fix the debug printf too, even though it's obviously
>> harmless (but then useless for debugging):
>>
>>> PRINTF_NEW(bless_header, &h, -1);
>>
>> ^^
>
>
> Blech, one of those days...
>
> The above is closer to mark but still not quite right and will crash too,
> only in a different way because the refcount is wrong. Here's the real deal:
>
> diff --git a/src/RPM4.xs b/src/RPM4.xs
> index 04c65ee..f7cfd33 100644
> --- a/src/RPM4.xs
> +++ b/src/RPM4.xs
> @@ -246,9 +246,9 @@ static void *
> s_what = "INST_START";
> if (h) {
> mXPUSHs(newSVpv("header", 0));
> - mXPUSHs(sv_setref_pv(newSVpvs(""), bless_header, &h));
> + mXPUSHs(sv_setref_pv(newSVpvs(""), bless_header,
> headerLink(h)));
> #ifdef HDRPMMEM
> - PRINTF_NEW(bless_header, &h, -1);
> + PRINTF_NEW(bless_header, h, -1);
> #endif
> }
> break;
>
> - Panu -
>
Thanks
Now remains the issue with several builds on the same spec object
More information about the Rpm-maint
mailing list