Bug#780369: libxml-libxml-perl: Segmentation fault (and others) when using replaceNode()

Manfred Stock manfred.stock+debian at gmail.com
Thu Mar 12 20:37:54 UTC 2015 

Package: libxml-libxml-perl
Version: 2.0116+dfsg-1+b1
Severity: normal

Dear Maintainer,

while preparing our code base for Jessie, I ran into segmentation faults (and
others, like "general protection", see below) when executing certain unit tests
of our code. They still run perfectly fine on Wheezy and Squeeze, so this seems
to be a regression in Jessie. I was able extract a smaller script (attached)
which exposes this problem, not on every run, but nearly always. When running
it, I get errors like these in the console:
 Segmentation fault

 PmmREFCNT_dec: REFCNT decremented below 0 for 1cf0000! at /usr/lib/x86_64-linux-gnu/perl5/5.20/XML/LibXML.pm line 1588.
 Segmentation fault

 PmmREFCNT_dec: REFCNT decremented below 0 for e80000! at /usr/lib/x86_64-linux-gnu/perl5/5.20/XML/LibXML.pm line 1588.
 *** Error in `perl': free(): invalid pointer: 0x0000000000e80000 ***
 Aborted

And dmesg:
 traps: perl[20231] general protection ip:7ffc7a4b3ced sp:7fff9315b280 error:0 in LibXML.so[7ffc7a46b000+69000]
 perl[20232]: segfault at 50 ip 00007f606617cced sp 00007fff5a53c020 error 4 in LibXML.so[7f6066134000+69000]

When I remove the comment sign from '$doc2->adoptNode($node);', I'm not able to
reproduce the issue anymore. Doing an importNode() instead does not solve the
issue (which would also be kind-of surprising, as this most likely already gets
done according to the XML::LibXML::Node documentation). So using adoptNode()
might be a workaround (maybe actually the proper way to do this, but as far as
I read and understood the documentation, it should not be necessary - and, in
my opinion, certainly should not result in a segfault when running a Perl
script when it is not done...).

One final thing I tried was to setup a local::lib in a sid-chroot, and install
XML::LibXML with cpanm. Installing the version that is in Wheezy did not result
in segfaults, but the latest from CPAN did. Then I played a little with the
versions, and the newest one where I never saw the segfaults was 2.0113, every
version afterwards had this issue (for curiosity, I tried 2.0118 (latest
version on CPAN at the time of this writing) on Wheezy in this way too, and
there, it actually worked). This probably is an upstream bug, but I haven't
tested anything other than Debian (but had the issue on kFreeBSD Jessie, too).

Best regards
Manfred

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-0.bpo.4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_CH.utf8, LC_CTYPE=de_CH.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages libxml-libxml-perl depends on:
ii  libc6                         2.19-15
ii  libxml-namespacesupport-perl  1.11-1
ii  libxml-sax-perl               0.99+dfsg-2
ii  libxml2                       2.9.1+dfsg1-5
ii  perl                          5.20.2-2
ii  perl-base [perlapi-5.20.0]    5.20.2-2
ii  zlib1g                        1:1.2.8.dfsg-2+b1

libxml-libxml-perl recommends no packages.

libxml-libxml-perl suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: segfault.pl
Type: text/x-perl
Size: 703 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20150312/4c62141d/attachment.pl>

More information about the pkg-perl-maintainers mailing list