[libapache2-mod-perl2] 01/01: Apply upstream 2.0.9 patches fixing crashes in modperl_interp_unselect(). Thanks to Patrick Matthäi. (Closes: #803043)

Niko Tyni ntyni at moszumanska.debian.org
Sun Nov 15 20:16:52 UTC 2015 

This is an automated email from the git hooks/post-receive script.

ntyni pushed a commit to branch jessie
in repository libapache2-mod-perl2.

commit e2f527e533e633c35c85d1d82529e2b56e768520
Author: Niko Tyni <ntyni at debian.org>
Date:   Sun Nov 15 20:42:06 2015 +0200

    Apply upstream 2.0.9 patches fixing crashes in modperl_interp_unselect(). Thanks to Patrick Matthäi. (Closes: #803043)
---
 debian/changelog                                   |  8 ++++
 ...nterp-refcnt-when-freeing-interpreter-in-.patch | 53 ++++++++++++++++++++++
 ...interp-refcnt-to-1-in-modperl_interp_sele.patch | 42 +++++++++++++++++
 debian/patches/series                              |  2 +
 4 files changed, 105 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index a776b43..52b938f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+libapache2-mod-perl2 (2.0.9~1624218-2+deb8u1) jessie; urgency=medium
+
+  * Apply upstream 2.0.9 patches fixing crashes in
+    modperl_interp_unselect(). Thanks to Patrick Matthäi.
+    (Closes: #803043)
+
+ -- Niko Tyni <ntyni at debian.org>  Sun, 15 Nov 2015 20:42:27 +0200
+
 libapache2-mod-perl2 (2.0.9~1624218-2) unstable; urgency=medium
 
   * Add autopkgtest support.
diff --git a/debian/patches/0001-Decrement-interp-refcnt-when-freeing-interpreter-in-.patch b/debian/patches/0001-Decrement-interp-refcnt-when-freeing-interpreter-in-.patch
new file mode 100644
index 0000000..9f08d64
--- /dev/null
+++ b/debian/patches/0001-Decrement-interp-refcnt-when-freeing-interpreter-in-.patch
@@ -0,0 +1,53 @@
+From 514800554f704d0fe90fefd70016583099d7944b Mon Sep 17 00:00:00 2001
+From: Steve Hay <stevehay at apache.org>
+Date: Mon, 3 Nov 2014 08:41:03 +0000
+Subject: [PATCH] Decrement interp->refcnt when freeing interpreter in
+ modperl_interp_unselect()
+
+The case where interp->refcnt==1 was not being handled correctly. Prior to r1562772 the refcnt was decremented to 0 but then the function returned early, wrongly not freeing the interpreter, leading to deadlock in the event MPM. Following that change the interpreter was now freed, but the refcnt was wrongly no longer decremented.
+
+This change decrements the refcnt (always) and frees the interpreter as well (unless the refcnt is still > 0). An extra safety check is also made, to return early if the interpreter has already been unselected, although with correct refcnting now, we do not expect this to happen.
+
+This patch is based on investigations and a tentative patch suggested by Richard M Kandarian:
+http://marc.info/?t=140191218700004&r=1&w=2
+
+git-svn-id: https://svn.apache.org/repos/asf/perl/modperl/trunk@1636289 13f79535-47bb-0310-9956-ffa450edef68
+---
+ src/modules/perl/modperl_interp.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/src/modules/perl/modperl_interp.c b/src/modules/perl/modperl_interp.c
+index 430a2af..a984006 100644
+--- a/src/modules/perl/modperl_interp.c
++++ b/src/modules/perl/modperl_interp.c
+@@ -273,17 +273,24 @@ apr_status_t modperl_interp_unselect(void *data)
+     modperl_interp_t *interp = (modperl_interp_t *)data;
+     modperl_interp_pool_t *mip = interp->mip;
+ 
+-    MP_ASSERT(interp && MpInterpIN_USE(interp));
++    MP_ASSERT(interp && MpInterpIN_USE(interp) && interp->refcnt > 0);
+     MP_TRACE_i(MP_FUNC, "unselect(interp=%pp): refcnt=%d",
+                interp, interp->refcnt);
+ 
+-    if (interp->refcnt > 1) {
+-        --interp->refcnt;
++    --interp->refcnt;
++
++    if (interp->refcnt > 0) {
+         MP_TRACE_i(MP_FUNC, "interp=0x%lx, refcnt=%d -- interp still in use",
+                    (unsigned long)interp, interp->refcnt);
+         return APR_SUCCESS;
+     }
+ 
++    if (!MpInterpIN_USE(interp)){
++        MP_TRACE_i(MP_FUNC, "interp=0x%pp, refcnt=%d -- interp already not in use",
++                   interp, interp->refcnt);
++        return APR_SUCCESS;
++    }
++
+     MpInterpIN_USE_Off(interp);
+ 
+     modperl_thx_interp_set(interp->perl, NULL);
+-- 
+2.5.1
+
diff --git a/debian/patches/0002-Initialize-interp-refcnt-to-1-in-modperl_interp_sele.patch b/debian/patches/0002-Initialize-interp-refcnt-to-1-in-modperl_interp_sele.patch
new file mode 100644
index 0000000..e9690ee
--- /dev/null
+++ b/debian/patches/0002-Initialize-interp-refcnt-to-1-in-modperl_interp_sele.patch
@@ -0,0 +1,42 @@
+From c7979a708a7be018e5e22680314ea580b2ac2c7a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20Kalu=C5=BEa?= <jkaluza at apache.org>
+Date: Tue, 28 Apr 2015 06:51:12 +0000
+Subject: [PATCH] Initialize interp->refcnt to 1 in modperl_interp_select.
+
+Reasoning:
+1. All calls of MP_INTERPa do not increment interp->refcnt, so refcnt
+   used to be 0 before this commit. But there is always matching
+   MP_INTERP_PUTBACK, which calls modperl_interp_unselect which decreases
+   the refcnt, so it was possible to get negative refcnt or crash with
+   threaded MPMs, because reference counting has been broken.
+2. modperl_interp_select increases the refcount if it finds the PerlInterp in
+   ccfg, so it makes sense to increase it (it means set to 1) during
+   initialization too. Otherwise the refcnt would be incremented for the caller
+   in some cases, but wouldn't be in other.
+
+This commit fixes the crash seen on worker MPM when PerlInterp has been used
+by two threads and the first one freed PerlInterp during
+modperl_interp_unselect.
+
+
+git-svn-id: https://svn.apache.org/repos/asf/perl/modperl/trunk@1676417 13f79535-47bb-0310-9956-ffa450edef68
+---
+ src/modules/perl/modperl_interp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/modules/perl/modperl_interp.c b/src/modules/perl/modperl_interp.c
+index a984006..67dd2e4 100644
+--- a/src/modules/perl/modperl_interp.c
++++ b/src/modules/perl/modperl_interp.c
+@@ -460,7 +460,7 @@ modperl_interp_t *modperl_interp_select(request_rec *r, conn_rec *c,
+     interp = modperl_interp_get(s);
+     MP_TRACE_i(MP_FUNC, "  --> got %pp (perl=%pp)", interp, interp->perl);
+     ++interp->num_requests; /* should only get here once per request */
+-    interp->refcnt = 0;
++    interp->refcnt = 1;
+ 
+     /* set context (THX) for this thread */
+     PERL_SET_CONTEXT(interp->perl);
+-- 
+2.5.1
+
diff --git a/debian/patches/series b/debian/patches/series
index 5280589..91bc232 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,5 @@ avoid-db-linkage.patch
 380-Fix-reload.t-as-per-r1565579.-Reported-in-CPAN-RT-96.patch
 420-Mark-failing-tests-in-t-perl-ithreads3.t-as-TODO.patch
 430-Don-t-call-modperl_threaded_mpm-et-al.-from-XS-code.patch
+0001-Decrement-interp-refcnt-when-freeing-interpreter-in-.patch
+0002-Initialize-interp-refcnt-to-1-in-modperl_interp_sele.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libapache2-mod-perl2.git

More information about the Pkg-perl-cvs-commits mailing list