[Bug 643298] [abrt] bucardo-4.4.0-2.fc13: Process /usr/bin/perl was killed by signal 11 (SIGSEGV)

bugzilla at redhat.com bugzilla at redhat.com
Thu Nov 18 10:12:38 UTC 2010 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=643298

Petr Pisar <ppisar at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ppisar at redhat.com

--- Comment #5 from Petr Pisar <ppisar at redhat.com> 2010-11-18 05:12:37 EST ---
It does not have to be problem within perl. There is lot of XS modules (Pg,
DBI) that can confuse perl as they manipulate with internal data structures by
hand.

Quick investigation shows mg_free() is called from Perl_sv_clear(). The
mg_free() is macro expanded to Perl_mg_free() which is probably in-lined by
compiler because it's not shown in the backtrace.

The backtrace shows EIP out of mapped memmory. Thus the program has been killed
by SIGSEGV.

The EIP equals to EAX. It's computed indirect address clearly. I guess it's
following code:

Perl_mg_free(pTHX_ SV *sv)
{
    MAGIC* mg;
    MAGIC* moremagic;

    PERL_ARGS_ASSERT_MG_FREE;

    for (mg = SvMAGIC(sv); mg; mg = moremagic) {
        const MGVTBL* const vtbl = mg->mg_virtual;
        moremagic = mg->mg_moremagic;
        if (vtbl && vtbl->svt_free)
→           CALL_FPTR(vtbl->svt_free)(aTHX_ sv, mg);

More precisely, it could be the vtbl->svt_free pointer that is called as data
structure destructor. However it points to invalid text memory
(EIP=0x0a03bd58).

Problem is nobody knows where the vtbl->svt_free is set. It can come from any
DBI or Pg code, however gdb does not see Perl variables and perl debuger does
not see C variables.

Also reporter should note whether he can reproduce this bug or it was just a
spurious event. Because without stable reproducer it's hard to debug it.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the perl-devel mailing list