develooper Front page | perl.perl5.porters | Postings from November 2000

[ID 20001130.008] yet another utf8 regex core dump

Thread Next
Jarkko Hietaniemi
November 30, 2000 11:55
[ID 20001130.008] yet another utf8 regex core dump
Message ID:

This is a bug report for perl from,
generated with the help of perlbug 1.33 running under perl v5.7.0.

[Please enter your report here]

This is a cut-down regexp.t test (original form was "aaa,b,c,d" =~
/^([^,]*,){3,}d/, there are four similar in there, search for "3,}" in
t/op/re_tests).  The panic hits at the freeing of r->startp so I guess
someone's been stomping on the submatches again, see e.g change #7879)

mimosa$ ./perl -Ilib -Mutf8 -we '"," =~ /([^,]*,)*/'
assertion botched (chunk's tail overwrite?): *(unsigned int *)((caddr_t)ovp + nbytes - sizeof (unsigned int)) == 0x55555555
zsh: 14316 IOT instruction (core dumped)  ./perl -Ilib -Mutf8 -we "," =~ /([^,]*,)*/
mimosa$ gdb ./perl core
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.7"...
Core was generated by `./perl -Ilib -Mutf8 -we "," =~ /([^,]*,)*/'.
Program terminated with signal 6, Abort.
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/lib/
Reading symbols from /usr/platform/SUNW,Ultra-5_10/lib/
Reading symbols from /usr/lib/locale/iso_8859_1/
#0  0xff216b94 in _libc_kill () from /usr/lib/
(gdb) where
#0  0xff216b94 in _libc_kill () from /usr/lib/
#1  0xff1b9388 in abort () from /usr/lib/
#2  0x33df0 in botch (diag=0x16dfa8 "chunk's tail overwrite",
    s=0x16e008 "*(unsigned int *)((caddr_t)ovp + nbytes - sizeof (unsigned int)) == 0x55555555") at malloc.c:997
#3  0x35798 in free (mp=0x1d85a8) at malloc.c:1624
#4  0x9c148 in Perl_pregfree (r=0x1a9408) at regcomp.c:4501
#5  0x6e274 in S_op_clear (o=0x1a9488) at op.c:832
#6  0x6dfd0 in Perl_op_free (o=0x1a9488) at op.c:736
#7  0x6df28 in Perl_op_free (o=0x1a8248) at op.c:724
#8  0x29b64 in perl_destruct (my_perl=0x197c08) at perl.c:404
#9  0x27a70 in main (argc=5, argv=0xffbef60c, env=0xffbef624) at perlmain.c:55

[Please do not change anything below this line]
Site configuration information for perl v5.7.0:

Configured by jhi at Thu Nov 30 19:27:18 EET 2000.

Summary of my perl5 (revision 5.0 version 7 subversion 0) configuration:
    osname=solaris, osvers=2.7, archname=sun4-solaris-64int
    uname='sunos 5.7 generic_106541-05 sun4u sparc '
    config_args='-des -Dusedevel -Doptimize=-g -Duse64bitint'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=undef d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=define use64bitall=undef uselongdouble=undef
    ccversion='', gccversion='2.8.1', gccosandvers='solaris2.7'
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=87654321
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, usemymalloc=y, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' '
    libpth=/lib /usr/lib /usr/ccs/lib
    libs=-lsocket -lnsl -ldl -lm -lc -lcrypt -lsec
    perllibs=-lsocket -lnsl -ldl -lm -lc -lcrypt -lsec
    libc=/lib/, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags='-fPIC', lddlflags='-G'

Locally applied patches:

@INC for perl v5.7.0:

Environment for perl v5.7.0:
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PERL_BADLANG (unset)

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About