Re: "double free" segfault back in pyscopg2 2.5
| От | Daniele Varrazzo |
|---|---|
| Тема | Re: "double free" segfault back in pyscopg2 2.5 |
| Дата | |
| Msg-id | 1371741740.3159.7.camel@risotto.smithersbet.com обсуждение исходный текст |
| Ответ на | "double free" segfault back in pyscopg2 2.5 ("Gangadharan S.A." <gangadharan@gmail.com>) |
| Список | psycopg |
On Thu, 2013-06-20 at 19:34 +0530, Gangadharan S.A. wrote: > Hi, > > > It looks like the "double free" segfault from pyscopg2 2.0.8 > ( http://comments.gmane.org/gmane.comp.python.db.psycopg.devel/4964 ) > is back in version 2.5: [...] > As before, the problem seems to be that when de-allocing the > connection, we are calling conn_close before untracking the object. > conn_close allows other threads to run and call the garbage collector, > which ends up running dealloc a second time on this object. So we free > the same memory a second time and hence the double free error. > > > The fix would be to call conn_close after untracking the object in > connection_type.c:connection_dealloc(). I see: sorry, I've broken it in commit 5aafe38f. Looks like in that commit I've fixed the cursor and broken the connection. > The script used to reproduce the issue back in > http://comments.gmane.org/gmane.comp.python.db.psycopg.devel/4964 will > not reproduce the issue any more because we don't rollback the > in-progress transaction during connection close anymore. The only way > I reliably could reproduce the issue in a test script was to introduce > a sleep in the C code at connection_int.c:conn_close() after > Py_BEGIN_ALLOW_THREADS and then run garbage collector from another > thread during the sleep. > > > Thanks, > Gangadharan Thank *you* very much. Open ticket #166. I had in mind to release a new version in the next days: will include this correction too. -- Daniele
В списке psycopg по дате отправления: