subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roderich Schupp <roderich.sch...@gmail.com>
Subject Re: Segfault in Perl bindings when commit touches a large number of files
Date Wed, 20 May 2015 08:12:02 GMT
On Wed, May 20, 2015 at 6:19 AM, James McCoy <jamessan@debian.org> wrote:

> I'm still experiencing the crash in 1.9.0-rc1 unless I apply the
> original change I suggested to the generated
> subversion/bindings/swig/perl/native/svn_delta.c.  I'm not sure how that
> specific part of the file is generated, so I'll just attach a diff of
> the generated file.
>

Looking at your patch, the offending line may very well be the cause of the
crash:
it stores  something onto the top (thats the argvi index) of the Perl
argument stack (which
is also used to hold a Perl sub's return values), but doesn't make sure
that
the stack is large enough. Typically you should see generated code like this


if (argvi >= items) EXTEND(sp,1);       /* grow the stack by one if we're
past
                                                                the input
arguments (which are guaranteed
                                                                to be
allocated) */
ST(argvi++) = ...                                   /* push a return value
on top of the stack */

But the problem is deeper: the handling of svn_txdelta_apply's parameter
result_digest is wrong. It's a weird kind of output parameter: it's the
address
of an array of bytes for an MD5 checksum. But svn_txdelta_apply doesn't
actually store something in there, this address is "remembered" by the
returned
handler and baton and is filled in by the final call to the handler.
This is NOT how output parameters are handled in the Perl bindings:
output parameters in C become actual return values in Perl (since Perl can
return multiple values from a sub).
The generated code treats result_digest as a regular output parameter
(which won't work - at least it won't give you the actual MD5), but
also generates the offending line. The easiest fix would be to ignore
the passed in result_digest and set it to NULL when actually calling
svn_txdelta_apply (meaning: we're not interested). I think that's
what the Python bindings do.
I'll work on this over the weekend if nobody beats me too it.



Cheers, Roderich

Mime
View raw message