develooper Front page | perl.perl5.porters | Postings from January 2003

[perl #9394] Re: [ID 20020525.002] coredump/bad free warning in blead with SIGWARN

From:
Nicholas Clark
Date:
January 17, 2003 13:52
Subject:
[perl #9394] Re: [ID 20020525.002] coredump/bad free warning in blead with SIGWARN
Message ID:
20030117214639.GG297@Bagpuss.unfortu.net
OK. I found this via the RT web interface, and added a comment there, but
it's not yet shown up here despite the fact that I added
perl5-porters@perl.org as a CC

On Sun, May 26, 2002 at 05:46:06AM +0300, Jarkko Hietaniemi wrote:
> #!./perl -w
> 
> my @warnings;
> 
> BEGIN {
>     push @warnings, \'FOO';
> }
> 
> $SIG{__WARN__} = sub {
>     push @warnings, $_[0];
> };
> 
> my $instruction;
> my $expect;
> 
> $instruction = shift @warnings;
> $instruction = $$instruction;
> $expect      = "\"$instruction\"";
> $instruction = shift @warnings;
> 
> __END__

I have Jarkko's test case down to:

#!./perl

my @warnings;

BEGIN {
    push @warnings, \'FOO';
}

my $instruction = shift @warnings;
$instruction = $$instruction;


Sadly it causes a the `impossible' happened bug in valgrind, so I'm at a
bit of a loss. However, with this version the SEGV happens in global
destruction. So, if I change the above to Devel::Peek::Dump $instruction
before and after the last line, I see:

SV = RV(0x817a1ac) at 0x81791dc
  REFCNT = 1
  FLAGS = (PADMY,ROK)
  RV = 0x8179230
  SV = PV(0x816aaf4) at 0x8179230
    REFCNT = 1
    FLAGS = (POK,READONLY,pPOK)
    PV = 0x816e338 "FOO"\0
    CUR = 3
    LEN = 4
SV = UNKNOWN(0xff) (0x817a1ac) at 0x81791dc
  REFCNT = 1
  FLAGS = (PADMY)

but if I take the BEGIN block out no SEGV, and I see this:

SV = RV(0x8179f34) at 0x81791f4
  REFCNT = 1
  FLAGS = (PADMY,ROK)
  RV = 0x81791dc
  SV = PV(0x816aadc) at 0x81791dc
    REFCNT = 2
    FLAGS = (POK,READONLY,pPOK)
    PV = 0x8179e70 "FOO"\0
    CUR = 3
    LEN = 4
SV = PV(0x816aa10) at 0x81791f4
  REFCNT = 1
  FLAGS = (PADMY,POK,pPOK)
  PV = 0x81805e0 "FOO"\0
  CUR = 3
  LEN = 4


What is so special about the BEGIN block that it is trashing the stack,
and causing a later SEGV? Is there some dangling reference to an SV
constant held in an OP that gets freed up when the BEGIN block completes?

(this is still a bug in current blead)

Nicholas Clark



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About