PERL PERL5 PORTERS 29 PERL 34180 SEGFAULT IN PERL CLONE UNDER ITHREADS AND CUSTOM PERLIO LAYER

PERL PERL5 PORTERS 29 PERL 34180 SEGFAULT IN PERL CLONE UNDER ITHREADS AND CUSTOM PERLIO LAYER

Date: 19 Feb 2005 02:20:28 -0000

Subject: [perl #34180] segfault in perl_clone under ithreads and custom PerlIO layer

From: perlbug-followup@no-spam (Stas Bekman)

# New Ticket Created by Stas Bekman # Please include the string: [perl #34180]
# in the subject line of all future correspondence about this issue. # <URL: https://rt.perl.org/rt3/Ticket/Display.html?id=34180 >

This is a bug report for perl from stas@no-spam generated with the help of perlbug 1.35 running under perl v5.8.6.

-----------------------------------------------------------------

We have yet another chicken-n-egg problem with perl_clone. If you do a simple:

use threads;
my $thread = threads->create(sub {}, undef)

and STDOUT is opened to some PerlIO layer, an attempt to clone it will be performed. The problem is that this cloning happens too early:

perl-5.8.6/sv.c:10859:

#ifdef PERLIO_LAYERS /* Clone PerlIO tables as soon as we can handle general xx_dup() */
PerlIO_clone(aTHX_ proto_perl, param);
#endif
xx_dup() works for the core perl, but it doesn't take into account that a custom PerlIO layer may need other bits set in my_perl. In the above case I get a segfault because PL_defstash is bogus. it's set only after PerlIO_clone is called. (line 10954)
I get this segfault:

#0 0x404c8a04 in Perl_gv_fetchpv (my_perl=0x85e6540,
nambeg=0x404939d0 "Apache::RequestRec", add=1, sv_type=11) at gv.c:670
#1 0x40479f37 in PerlIOApache_getarg (my_perl=0x85e6540, f=0x828634c,
param=0xbfffe9c0, flags=1) at modperl_io_apache.c:87
#2 0x405c55b5 in PerlIOBase_dup (my_perl=0x85e6540, f=0x83576c4, o=0x828634c,
param=0xbfffe9c0, flags=1) at perlio.c:2187
#3 0x405c1e50 in PerlIO_fdupopen (my_perl=0x85e6540, f=0x828634c,
param=0xbfffe9c0, flags=1) at perlio.c:542
#4 0x40555faf in Perl_fp_dup (my_perl=0x85e6540, fp=0x828634c, type=0 '\0',
param=0xbfffe9c0) at sv.c:9505
#5 0x405c22a5 in PerlIO_clone (my_perl=0x85e6540, proto=0x8abfb10,
param=0xbfffe9c0) at perlio.c:650
#6 0x4055a6fe in perl_clone (proto_perl=0x8abfb10, flags=2) at sv.c:10859
#7 0x4078aa50 in Perl_ithread_create (my_perl=0x8abfb10, obj=0x0,
classname=0x82dc948 "threads", init_function=0x8153728, params=0x815377c)
at threads.xs:426
#8 0x4078b3f7 in XS_threads_new (my_perl=0x8abfb10, cv=0x82f0698)
at threads.xs:687

the segfault happens here:

if (!stash)
stash = PL_defstash;
if (!stash || !SvREFCNT(stash)) /* symbol table under destruction */

PL_defstash == 0xabababab here
PerlIOApache_getarg happens to call gv_fetchpv which needs a valid PL_defstash.

How do we resolve this problem?

This is not the first time we hit a segfault, due to PerlIO+clone. Some of those are still unresolved (e.g. perl -m still segfaults under threads)

[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
category=core severity=high ---
Site configuration information for perl v5.8.6:

Configured by stas at Sun Nov 28 13:23:47 EST 2004.

Summary of my perl5 (revision 5 version 8 subversion 6) configuration:
Platform:
osname=linux, osvers=2.6.8.1-12mdk, archname=i686-linux-thread-multi uname='linux rabbit.stason.org 2.6.8.1-12mdk #1 fri oct 1 12:53:41 cest 2004 i686 mobile intel(r) pentium(r) 4 - m cpu 2.00ghz unknown gnulinux '
config_args='-des -Dprefix=/home/stas/perl/5.8.6-ithread -Dusethreads -Doptimize=-g -Duseshrplib -Dusedevel -Accflags=-DDEBUG_LEAKING_SCALARS'
hint=recommended, useposix=true, d_sigaction=define usethreads=define use5005threads=undef useithreads=define usemultiplicity=define useperlio=define d_sfio=undef uselargefiles=define usesocks=undef use64bitint=undef use64bitall=undef uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler:
cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUG_LEAKING_SCALARS -DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm',
optimize='-g',
cppflags='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUG_LEAKING_SCALARS -DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include -I/usr/include/gdbm'
ccversion='', gccversion='3.4.1 (Mandrakelinux 10.1 3.4.1-4mdk)', gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
alignbytes=4, prototype=define Linker and Libraries:
ld='cc', ldflags =' -L/usr/local/lib'
libpth=/usr/local/lib /lib /usr/lib libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -lc perllibs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc libc=/lib/libc-2.3.3.so, so=so, useshrplib=true, libperl=libperl.so gnulibc_version='2.3.3'
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/home/stas/perl/5.8.6-ithread/lib/5.8.6/i686-linux-thread-multi/CORE'

cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:

---
@no-spam for perl v5.8.6:
/home/stas/perl/5.8.6-ithread/lib/5.8.6/i686-linux-thread-multi /home/stas/perl/5.8.6-ithread/lib/5.8.6
/home/stas/perl/5.8.6-ithread/lib/site_perl/5.8.6/i686-linux-thread-multi /home/stas/perl/5.8.6-ithread/lib/site_perl/5.8.6
/home/stas/perl/5.8.6-ithread/lib/site_perl .

---
Environment for perl v5.8.6:
HOME=/home/stas LANG=en_GB LANGUAGE=en_GB:en LC_ADDRESS=en_CA LC_COLLATE=en_GB LC_CTYPE=en_GB LC_IDENTIFICATION=en_CA LC_MEASUREMENT=en_CA LC_MESSAGES=en_GB LC_MONETARY=en_CA LC_NAME=en_CA LC_NUMERIC=en_CA LC_PAPER=en_CA LC_SOURCED=1
LC_TELEPHONE=en_CA LC_TIME=en_GB LD_LIBRARY_PATH (unset)
LOGDIR (unset)
PATH=/usr//bin:/bin:/usr/bin:.:/usr/local/bin:/usr/X11R6/bin/:/usr/games:/home/stas/bin:/home/stas/bin:/usr/local/bin:/usr/X11R6/bin:/usr/java/j2re1.4.0/bin/

PERLDOC_PAGER=less -R PERL_BADLANG (unset)
SHELL=/bin/tcsh