Front page | perl.perl5.porters |
Postings from July 2005
Re: Scalar leaked in 'local $0' under ithreads + taint mode
Thread Previous
|
Thread Next
From:
Steve Hay
Date:
July 7, 2005 05:59
Subject:
Re: Scalar leaked in 'local $0' under ithreads + taint mode
Message ID:
42CD2687.9010203@uk.radan.com
Dave Mitchell wrote:
>On Thu, Feb 24, 2005 at 01:32:25PM +0000, Steve Hay wrote:
>
>
>>Stas Bekman wrote:
>>
>>
>>
>>>The following scalar leak is reproduced under any perl 5.8+ w/ithreads:
>>>
>>>#!/usr/bin/perl -T
>>>use Devel::Peek;
>>>use threads;
>>>
>>>local $0 = "test"; # <== XXX: leaks scalar
>>>my $thr = threads->new(sub { Dump $0 });
>>>$thr->join; # <== XXX: triggers the leak
>>>
>>>[...]
>>>Scalars leaked: 1
>>>leaked: sv=0x816dc1c flags=0x084046007 refcnt=0, Perl interpreter: 0x8102770
>>>
>>>As the dump shows that leaked scalar is MG_OBJ = 0x816dc1c. This magic
>>>object is a taint magic (and it happens under -T).
>>>
>>>
>>>
>>Is this anything to do with the following comment found in
>>scope.c::S_save_scalar_at()
>>
>> /* XXX SvMAGIC() is *shared* between osv and sv. This can
>> * lead to coredumps when both SVs are destroyed without one
>> * of their SvMAGIC() slots being NULLed. */
>>
>>
>
>Looks like the leak has been fixed by my change #24942, which fixed
>local() and magic (and specifically removed the code related to that XXX
>comment above)
>
Hmm. I just retried this with current blead and I find that it
(apparently) works OK with a debug build, but crashes with a release build.
Fortunately, release builds on Win32 have debugging symbols anyway
(since they are stored in separate files), so I am able to get a stack
trace:
win32_checkTLS(interpreter * 0x73204441) line 57
PerlEnvGetenv(IPerlEnv * 0x01857670, const char * 0x280b79b8 `string')
line 454 + 19 bytes
PerlIO_debug(const char * 0x280b79e0 `string') line 461 + 14 bytes
PerlIO_clone(interpreter * 0x018b2ad4, interpreter * 0x00234494,
clone_params * 0x0140fc80) line 643
perl_clone_using(interpreter * 0x00234494, unsigned long 6, IPerlMem *
0x0185761c, IPerlMem * 0x01857638, IPerlMem * 0x01857654, IPerlEnv *
0x01857670, IPerlStdIO * 0x018576a8, IPerlLIO * 0x01857744, IPerlDir *
0x018577ac, IPerlSock * 0x018577d8, IPerlProc * 0x01857888) line 11383
perl_clone_host(interpreter * 0x00234494, unsigned long 6) line 315 + 67
bytes
perl_clone(interpreter * 0x00234494, unsigned long 6) line 11183 + 11 bytes
Perl_ithread_create(interpreter * 0x00000000, sv * 0x00000000, char *
0x018325e4, sv * 0x002354cc, sv * 0x01828c64) line 424 + 8 bytes
XS_threads_new(interpreter * 0x00000002, cv * 0x018a83f4) line 687 + 32
bytes
Perl_pp_entersub(interpreter * 0x01234494) line 2789
Perl_runops_standard(interpreter * 0x00234494) line 38 + 45 bytes
S_run_body(interpreter * 0x00234494, long 1) line 2231 + 10 bytes
perl_run(interpreter * 0x00234494) line 2160 + 10 bytes
RunPerl(int 3, char * * 0x00232440, char * * 0x00232d08) line 217 + 6 bytes
PERL! mainCRTStartup + 227 bytes
KERNEL32! 77e8141a()
Do you guys get a similar effect with release vs debug builds?
------------------------------------------------
Radan Computational Ltd.
The information contained in this message and any files transmitted with it are confidential and intended for the addressee(s) only. If you have received this message in error or there are any problems, please notify the sender immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Radan Computational Ltd. The recipient(s) of this message should check it and any attached files for viruses: Radan Computational will accept no liability for any damage caused by any virus transmitted by this email.
Thread Previous
|
Thread Next