Bug 1107731

Summary: Perl core-dumps if a hash is tied to DB_File before spawning a thread
Product: [Fedora] Fedora Reporter: Petr Pisar <ppisar>
Component: perl-DB_FileAssignee: Petr Pisar <ppisar>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 19CC: perl-devel, ppisar, psabata
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1107728 Environment:
Last Closed: 2014-06-10 13:45:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Pisar 2014-06-10 13:41:25 UTC 
+++ This bug was initially created as a clone of Bug #1107728 +++

+++ This bug was initially created as a clone of Bug #1107542 +++

+++ This bug was initially created as a clone of Bug #1104827 +++

Description of problem:

Perl script using SDBM_File module is core dumping. Seems to match this upstream bug:  https://rt.perl.org/Public/Bug/Display.html?id=61912#txn-515026

[...]

Steps to Reproduce:

Create reproducer test script sdbm_test.pl containing the following lines, as described in the upstream bug report:

	#!/usr/bin/perl
	
	use strict;
	use Fcntl;
	use SDBM_File;
	use threads;
	use threads::shared;
	
	my %dbtest;
	tie(%dbtest, 'SDBM_File', "test.db", O_RDWR|O_CREAT, 0666);
	
	for (1 .. 2)
	{
	        my $thr = threads->new(\&testThread, $_);
	        $thr->detach();
	}
	sleep 4;
	
	sub testThread
	{
	        my $n = shift;
	        print "thread #" . $n . " started\n";
	}

Make script executable and run which produces the following output:

	[root@util6vm ~]# chmod u+x sdbm_test.pl 
	[root@util6vm ~]# ./sdbm_test.pl 

Expected results:

No errors.

Actual results:

	thread #1 started
	thread #2 started
	*** glibc detected *** /usr/bin/perl: double free or corruption (out): 0x0000000000e2c2c0 ***
	======= Backtrace: =========
	/lib64/libc.so.6[0x3d2ca76166]
	/lib64/libc.so.6[0x3d2ca78c93]
	/usr/lib64/perl5/auto/SDBM_File/SDBM_File.so(XS_SDBM_File_DESTROY+0xc0)[0x7f9d58fb06f0]

[...]

----

DB_File (BerkeleyDB binding) in Fedora 20 and newer is affected too.
Comment 1 Petr Pisar 2014-06-10 13:45:11 UTC 

*** This bug has been marked as a duplicate of bug 1107732 ***