Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed memory bug: properly root repeated/map field when assigning. #8639

Merged
merged 2 commits into from May 22, 2021

Conversation

@haberman
Copy link
Contributor

@haberman haberman commented May 22, 2021

Previously the protobuf extension would not properly root memory from a repeated field or map when assigning to a message field (see the attached test case). If there is no direct reference to the repeated field from Ruby, this will result in a memory error if there is a GC and the repeated field is subsequently accessed (for example, in #encode).

The fix is to do the appropriate upb_arena_fuse() operation when this assignment is performed. This will cause the Union/Find machinery to ensure that the memory for the repeated field or map lives as long as the message.

The the new test case does not actually crash on my machine, but it does trigger a Valgrind error that I can confirm is fixed by the code in this PR. In the future we should make sure that our CI tests are running tests under Valgrind so we can catch future memory errors of this kind.

Also added an explicit check that upb_arena_fuse() succeeded. This is not related to the bugfix, but it is another measure to help ensure that the memory model of the extension is correct.

Fixes: #8559

Previously the protobuf extension would not properly root
memory from a repeated field or map when assigning to a
message field (see the attached test case).  This could cause
crashes if the repeated field is subsequently accessed.
@fowles
fowles approved these changes May 22, 2021
@haberman
Copy link
Contributor Author

@haberman haberman commented May 22, 2021

JDK failure is unrelated. Merging.

@haberman haberman merged commit 367e469 into protocolbuffers:3.17.x May 22, 2021
52 of 54 checks passed
52 of 54 checks passed
@github-actions
Check for spelling errors
Details
@protobuf-kokoro
Linux Java JDK 7 Kokoro build failed
Details
@protobuf-kokoro
MacOS Obj-C CocoaPods Integration Kokoro build started.
Details
@protobuf-kokoro
Bazel Kokoro build successful
Details
@protobuf-kokoro
Dist artifact installation Kokoro build successful
Details
@protobuf-kokoro
Linux 32-bit Kokoro build successful
Details
@protobuf-kokoro
Linux C# Kokoro build successful
Details
@protobuf-kokoro
Linux C++ Distcheck Kokoro build successful
Details
@protobuf-kokoro
Linux C++ TC Malloc Kokoro build successful
Details
@protobuf-kokoro
Linux Java Linkage Monitor Kokoro build successful
Details
@protobuf-kokoro
Linux Java Oracle 7 Kokoro build successful
Details
@protobuf-kokoro
Linux JavaScript Kokoro build successful
Details
@protobuf-kokoro
Linux PHP Kokoro build successful
Details
@protobuf-kokoro
Linux Python 2.7 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 2.7 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.5 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.5 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.6 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.6 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.7 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.7 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.8 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.8 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.9 Kokoro build successful
Details
@protobuf-kokoro
Linux Python 3.9 C++ Kokoro build successful
Details
@protobuf-kokoro
Linux Python Release Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby 2.4 Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby 2.5 Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby 2.6 Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby 2.7 Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby 3.0 Kokoro build successful
Details
@protobuf-kokoro
Linux Ruby Release Kokoro build successful
Details
@protobuf-kokoro
MacOS C++ Kokoro build successful
Details
@protobuf-kokoro
MacOS C++ Distcheck Kokoro build successful
Details
@protobuf-kokoro
MacOS JavaScript Kokoro build successful
Details
@protobuf-kokoro
MacOS Obj-C OS X Kokoro build successful
Details
@protobuf-kokoro
MacOS Obj-C iOS Debug Kokoro build successful
Details
@protobuf-kokoro
MacOS Obj-C iOS Release Kokoro build successful
Details
@protobuf-kokoro
MacOS PHP7.0 Kokoro build successful
Details
@protobuf-kokoro
MacOS PHP7.3 Kokoro build successful
Details
@protobuf-kokoro
MacOS Python Kokoro build successful
Details
@protobuf-kokoro
MacOS Python C++ Kokoro build successful
Details
@protobuf-kokoro
MacOS Python Release Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby 2.4 Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby 2.5 Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby 2.6 Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby 2.7 Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby 3.0 Kokoro build successful
Details
@protobuf-kokoro
MacOS Ruby Release Kokoro build successful
Details
@mergeable
Mergeable Mergeable Run has been Completed!
Details
@protobuf-kokoro
Windows C# Kokoro build successful
Details
@protobuf-kokoro
Windows Csharp Release Kokoro build successful
Details
@protobuf-kokoro
Windows Python Release Kokoro build successful
Details
@google-cla
cla/google All necessary CLAs are signed
stanhu added a commit to stanhu/pg_query that referenced this pull request May 24, 2021
google-protobuf 3.15.x has a bug that causes a seg fault in Ruby under
certain conditions (protocolbuffers/protobuf#8639). Use
google-protobuf 3.17.1 instead.
lfittl pushed a commit to pganalyze/pg_query that referenced this pull request May 24, 2021
google-protobuf 3.15.x has a bug that causes a seg fault in Ruby under
certain conditions (protocolbuffers/protobuf#8639). Use
google-protobuf 3.17.1 instead.
mehulagg pushed a commit to mehulagg/gitlab that referenced this pull request May 31, 2021
Due to protocolbuffers/protobuf#8559,
google-protobuf v3.15.8 can seg fault in the FindCommits RPC call if the
options hash is garbage collected before gRPC encodes the message. This
was fixed in google-protobuf v3.17.1 via
protocolbuffers/protobuf#8639.

Unfortunately, pg_query has a hard dependency on google-protobuf
v3.15.x.  This was bumped in
pganalyze/pg_query#212, but an official version
has not yet been tagged.

In addition, pganalyze/pg_query#213 would relax
the dependency so that google-protobuf can be upgraded without having to
update pg_query.

Until pg_query releases a new version, we use our fork to ensure this
seg fault cannot happen.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/330998

Changelog: fixed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants