rpms / perl-threads-shared

Clone
Source Code
GIT

Blame SOURCES/threads-shared-1.60-threads-shared-fix-leak.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8-beta-stream-5.24 c8-beta-stream-5.30 c8-beta-stream-5.32 c8-stream-5.24 c8-stream-5.26 c8-stream-5.3 c8-stream-5.30 c8-stream-5.32 c8s-stream-5.30 c8s-stream-5.32 c9 c9-beta
  1.   5e5d868c9de62e5e048e1e37b1716d8c2d329b3c
  2.   SOURCES
  3.   threads-shared-1.60-threads-shared-fix-leak.patch
Blob History Raw
5e5d86 
From b52cdd7a8525325deba04554d8a00a578c397d56 Mon Sep 17 00:00:00 2001
5e5d86 
From: David Mitchell <davem@iabyn.com>
5e5d86 
Date: Thu, 11 Jul 2019 15:17:48 +0100
5e5d86 
Subject: [PATCH] threads::shared: fix leak
5e5d86 
MIME-Version: 1.0
5e5d86 
Content-Type: text/plain; charset=UTF-8
5e5d86 
Content-Transfer-Encoding: 8bit
5e5d86
5e5d86 
When assigning a shared reference value to a variable containing a
5e5d86 
shared string, the PV buffer in the shared space was leaked. For
5e5d86 
example:
5e5d86
5e5d86 
    my $s :shared = "foo";
5e5d86 
    my $t :shared  = shared_clone(\"bar");
5e5d86 
    $s = $t; # "foo" in shared space leaked
5e5d86
5e5d86 
This was showing up as failed smokes under ASan.
5e5d86
5e5d86 
Petr Písař: Ported to 1.60 from perl commit
5e5d86 
59c73bd3d62c5096a6f9b2e3cbe05e1ab4c158cf.
5e5d86
5e5d86 
Signed-off-by: Petr Písař <ppisar@redhat.com>
5e5d86 
---
5e5d86 
 shared.xs | 15 +++++++++++----
5e5d86 
 1 file changed, 11 insertions(+), 4 deletions(-)
5e5d86
5e5d86 
diff --git a/shared.xs b/shared.xs
5e5d86 
index 6cdf094..858c6d6 100644
5e5d86 
--- a/shared.xs
5e5d86 
+++ b/shared.xs
5e5d86 
@@ -818,12 +818,19 @@ sharedsv_scalar_store(pTHX_ SV *sv, SV *ssv)
5e5d86 
         SV *obj = SvRV(sv);
5e5d86 
         SV *sobj = Perl_sharedsv_find(aTHX_ obj);
5e5d86 
         if (sobj) {
5e5d86 
+            SV* tmpref;
5e5d86 
             SHARED_CONTEXT;
5e5d86 
-            (void)SvUPGRADE(ssv, SVt_RV);
5e5d86 
-            sv_setsv_nomg(ssv, &PL_sv_undef);
5e5d86 
+            /* Creating a tmp ref to sobj then assigning it to ssv ensures
5e5d86 
+             * that any previous contents of ssv are correctly freed
5e5d86 
+             * by sv_setsv(). Not sure if there is a better, API-legal way
5e5d86 
+             * to achieve this */
5e5d86 
+            tmpref = newSV_type(SVt_RV);
5e5d86 
+            SvRV_set(tmpref, sobj);
5e5d86 
+            SvROK_on(tmpref);
5e5d86 
+            SvREFCNT_inc_simple_NN(sobj);
5e5d86 
+            sv_setsv_nomg(ssv, tmpref);
5e5d86 
+            SvREFCNT_dec_NN(tmpref);
5e5d86
5e5d86 
-            SvRV_set(ssv, SvREFCNT_inc(sobj));
5e5d86 
-            SvROK_on(ssv);
5e5d86 
             if (SvOBJECT(sobj)) {
5e5d86 
                 /* Remove any old blessing */
5e5d86 
                 SvREFCNT_dec(SvSTASH(sobj));
5e5d86 
--
5e5d86 
2.20.1
5e5d86

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation