Bug 806543
Summary: | perl dumps core in Socket.so | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Tom Lane <tgl> | ||||
Component: | perl | Assignee: | Petr Pisar <ppisar> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | rawhide | CC: | cweyl, hhorak, iarnell, kasal, lkundrak, mmaslano, ppisar, psabata, rc040203, tcallawa | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | perl-Socket-2.001-1.fc17 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-04-11 03:59:51 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Tom Lane
2012-03-24 15:32:42 UTC
After some further experimentation, it seems that you can get it to fail with hand invocation, it's just somewhat less likely than when being driven by the RPM script. Once a failure has occurred, cd to rpmpath.../mysql-5.5.22/mysql-test and do perl ./mysql-test-run.pl If it's going to fail, the failure will happen almost immediately: <mock-chroot>[mockbuild@rh3 mysql-test]$ perl ./mysql-test-run.pl Logging: ./mysql-test-run.pl 120324 11:46:54 [Note] Plugin 'FEDERATED' is disabled. MySQL Version 5.5.22 Segmentation fault (core dumped) If it gets further than that, just hit control-C and try again. Also, in case of interest, here is a link to a koji build showing the failure: http://koji.fedoraproject.org/koji/taskinfo?taskID=3928370 We upgraded Socket module because of a buffer overflow in older versions. Curiously, I put the same version (perl-Socket-2.000-1.fc16) into F16 too, in updates-testing at time of your testing. So it should fail too. The backtrace reminds me memcpy() on overlaping areas which segfaults with SSE2-optimizied glibc. (In reply to comment #2) > Curiously, I put the same version (perl-Socket-2.000-1.fc16) into F16 too, in > updates-testing at time of your testing. So it should fail too. No, because I don't have that machine subscribed to updates-testing; it's still using perl-Socket-1.94-197.fc16.x86_64 I installed debuginfo packages and now see this: Program terminated with signal 11, Segmentation fault. #0 __memset_sse2 () at ../sysdeps/x86_64/memset.S:464 464 L(P6Q3): mov %rdx,-0x1e(%rdi) (gdb) bt #0 __memset_sse2 () at ../sysdeps/x86_64/memset.S:464 #1 0x00007effd471ca10 in memset (__len=30, __ch=0, __dest=0x7fff24a3d370) at /usr/include/bits/string3.h:85 #2 XS_Socket_unpack_sockaddr_un (my_perl=0x604010, cv=<optimized out>) at Socket.xs:715 #3 0x00007effd73c076a in Perl_pp_entersub (my_perl=0x604010) at pp_hot.c:3046 #4 0x00007effd73b7b36 in Perl_runops_standard (my_perl=0x604010) at run.c:41 #5 0x00007effd7359e6b in S_run_body (oldscope=1, my_perl=0x604010) at perl.c:2350 #6 perl_run (my_perl=0x604010) at perl.c:2268 #7 0x0000000000400d39 in main (argc=2, argv=0x7fff24a3b4a8, env=0x7fff24a3b4c0) at perlmain.c:120 (gdb) f 1 #1 0x00007effd471ca10 in memset (__len=30, __ch=0, __dest=x/2) at /usr/include/bits/string3.h:85 warning: Source file is more recent than executable. 85 return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest)); (gdb) f 2 #2 XS_Socket_unpack_sockaddr_un (my_perl=0x604010, cv=<optimized out>) at Socket.xs:715 715 Zero(&addr+sockaddrlen, sizeof(addr)-sockaddrlen, char); I have not looked at the code surrounding this, but gdb says that addr is of type struct sockaddr_un, which means that "&addr + sockaddrlen" is going to add sockaddrlen times sizeof(struct sockaddr_un) to the address of addr. Surely that should be "((char *) &addr) + sockaddrlen"? Thanks for investigation. This line was added by the perl-Socket upgrade to initialize the unused memory. Your explanation seems correct. I will need to check what the Zero() does with last argument (char). I got failure in fedpkg local and the ./mysql-test-run.pl failed right now because of no space left on device. How much disk space the test requires? (In reply to comment #5) > I got failure in fedpkg local and the ./mysql-test-run.pl failed right now > because of no space left on device. How much disk space the test requires? On the machine I was doing this morning's test on, the mysql build tree is occupying about 1.4G at the point where I stopped it. I'm not sure how much more it might need to run to completion. I think you might be able to provoke the error without so much disk space if you just install the current mysql-test RPM (with its dependencies, particularly mysql-server) and do cd /usr/share/mysql-test sudo -u mysql perl ./mysql-test-run Again note that it might not fail the first time; in my manual tests it only seems to fail maybe one time in three or so. I wonder whether the Koji environment uses different address-space-randomization rules... (In reply to comment #6) > I think you might be able to provoke the error without so much disk space if > you just install the current mysql-test RPM (with its dependencies, > particularly mysql-server) and do > > cd /usr/share/mysql-test > sudo -u mysql perl ./mysql-test-run I confirmed this way will provoke the failure with current F17 RPMs. The crash case looks like: [tgl@rhlap mysql-test]$ sudo -u mysql perl ./mysql-test-run Logging: ./mysql-test-run 120326 12:57:11 [Note] Plugin 'FEDERATED' is disabled. MySQL Version 5.5.21 [tgl@rhlap mysql-test]$ echo $? 139 If it gets further than that, just control-C and try again. Thanks. This way I can reproduce it. I verified your diagnosis by examining core dump and filed bug report to the upstream (https://rt.cpan.org/Public/Bug/Display.html?id=76067). Created attachment 572965 [details]
Proposed fix
I think perl-Socket-2.000-3.fc18 fixes this issue in F18. I cannot reproduce it with this build anymore. perl-Socket-2.000-3.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/perl-Socket-2.000-3.fc17 perl-Socket-2.000-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/perl-Socket-2.000-2.fc16 *** Bug 806922 has been marked as a duplicate of this bug. *** Package perl-Socket-2.000-3.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing perl-Socket-2.000-3.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-4760/perl-Socket-2.000-3.fc17 then log in and leave karma (feedback). perl-Socket-2.001-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. perl-Socket-2.001-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. perl-Socket-2.001-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |