develooper Front page | perl.perl5.porters | Postings from April 2003

[perl #21982] SIGSEGV in Perl_gv_check: entry filled with ASCII '0000'

From:
perlbug-followup
Date:
April 17, 2003 10:06
Subject:
[perl #21982] SIGSEGV in Perl_gv_check: entry filled with ASCII '0000'
Message ID:
rt-21982-55311.16.6800158003294@bugs6.perl.org
# New Ticket Created by  stephens@ion09.dev.ionink.com 
# Please include the string:  [perl #21982]
# in the subject line of all future correspondence about this issue. 
# <URL: http://rt.perl.org/rt2/Ticket/Display.html?id=21982 >



This is a bug report for perl from stephens@ion09.dev.ionink.com,
generated with the help of perlbug 1.34 running under perl v5.8.0.


-----------------------------------------------------------------
[Please enter your report here]

I have a set of Perl modules that cause memory corruption and subsequent SIGSEGV.  This bug seems to go back to at least Perl 5.6.1.

At first I was using a stock perl5.6.1 and perl5.8.0 on RedHat 8.0.  They were Configured without -Dusemyalloc, this was crashing in a libc malloc() internal function, in both perl5.6.1 and perl5.8.0, during parsing.  I recompiled perl5.8.0 with -Dusemymalloc and -Doptimize='-g', to rule out problems with libc malloc().

Here is the stacktrace from gdb:

====================================================================

Current directory is /tmp/stephens/perl-5.8.0-debug/src/perl-5.8.0/
GNU gdb Red Hat Linux (5.2.1-4)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
/tmp/stephens/perl-5.8.0-debug/src/perl-5.8.0/test4.pl: No such file or directory.
(gdb) cd /home/stephens/ion/src/uml2code/test
Working directory /home/stephens/ion/src/uml2code/test.
(gdb) run test4.pl
Starting program: /tmp/stephens/perl-5.8.0-debug/src/perl-5.8.0/perl test4.pl

Program received signal SIGSEGV, Segmentation fault.
0x080698ba in Perl_gv_check (stash=0x8247b80) at gv.c:1153
(gdb) bt
#0  0x080698ba in Perl_gv_check (stash=0x8247b80) at gv.c:1153
#1  0x08069915 in Perl_gv_check (stash=0x823a850) at gv.c:1157
#2  0x08069915 in Perl_gv_check (stash=0x816108c) at gv.c:1157
#3  0x0805fe4d in S_parse_body (env=0x0, xsinit=0x805caa0 <xs_init>) at perl.c:1548
#4  0x0805efec in perl_parse (my_perl=0x815ff08, xsinit=0x805caa0 <xs_init>, argc=2, argv=0xbfffe0e4, env=0x0)
    at perl.c:1041
#5  0x0805ca52 in main (argc=2, argv=0xbfffe0e4, env=0xbfffe0f0) at perlmain.c:83
#6  0x420158d4 in __libc_start_main () from /lib/i686/libc.so.6
(gdb) up
#1  0x08069915 in Perl_gv_check (stash=0x823a850) at gv.c:1157
(gdb) up
#2  0x08069915 in Perl_gv_check (stash=0x816108c) at gv.c:1157
(gdb) p hv
$1 = (struct hv *) 0x823a850
(gdb) p *hv
$2 = {sv_any = 0x8236468, sv_refcnt = 4, sv_flags = 536870923}
(gdb) p hv->sv_any
$3 = (struct xpvhv *) 0x8236468
(gdb) p *(hv->sv_any)
$4 = {xhv_array = 0x81d9c08 "", xhv_fill = 3, xhv_max = 7, xhv_keys = 3, xnv_nv = 0, xmg_magic = 0x0, 
  xmg_stash = 0x0, xhv_riter = -1, xhv_eiter = 0x0, xhv_pmroot = 0x0, xhv_name = 0x81fe628 "UML"}
(gdb) do
#1  0x08069915 in Perl_gv_check (stash=0x823a850) at gv.c:1157
(gdb) p *(hv->sv_any)
$5 = {xhv_array = 0x8166e08 "\003\003\003\003\003\0034\v (\022\v", xhv_fill = 13, xhv_max = 31, xhv_keys = 16, 
  xnv_nv = 0, xmg_magic = 0x0, xmg_stash = 0x0, xhv_riter = -1, xhv_eiter = 0x0, xhv_pmroot = 0x0, 
  xhv_name = 0x82c5128 "UML::MetaMetaModel"}
(gdb) do
#0  0x080698ba in Perl_gv_check (stash=0x8247b80) at gv.c:1153
(gdb) p entry
$6 = (struct he *) 0x3030303
(gdb) p (char)0x30
$7 = 48 '0'
(gdb) l
1148	
1149	    if (!HvARRAY(stash))
1150		return;
1151	    for (i = 0; i <= (I32) HvMAX(stash); i++) {
1152		for (entry = HvARRAY(stash)[i]; entry; entry = HeNEXT(entry)) {
1153		    if (HeKEY(entry)[HeKLEN(entry)-1] == ':' &&
1154			(gv = (GV*)HeVAL(entry)) && (hv = GvHV(gv)))
1155		    {
1156			if (hv != PL_defstash && hv != stash)
1157			     gv_check(hv);              /* nested package */
(gdb) p i
$8 = 0
(gdb) 

====================================================================

The first entry of the "stash" hash array in the "UML::MetaMetaModel" stash appears to be corrupted, which send "entry" into outer space to a planet filled with ASCII '0' ("zero", not null) characters.

The script "test4.pl" is part of a UML meta-meta-model toolkit, "uml2code", I am working on.  It generates a Perl (, XMI or Java) implementation of the UML meta-model by bootstrapping from with a meta-meta-model, which is a subset of the meta-model.  Whew!

You can download uml2code at http://kurtstephens.com/pub/uml2code/release/uml2code-20030417.tar.gz

I have not been able to get it to happen with a smaller code set.  The failure maybe related to the really hairy Data::Dumper code in uml2code/test/gen/UML/MetaModel.pm.

Prerequisites for uml2code are Parse::RecDescent and XML::Writer.

Something related: If you run perl -DT test4.pl it doesn't SIGSEGV, it fail with "Can't call method "generalization" on unblessed reference at ../lib/perl/UML/MetaMetaModel/Util.pm line 269." (after a really long time; go eat lunch).  This die() is probably my fault.


Please let me know how I can help.

Thanks,
Kurt Stephens
ks.perl@kurtstephens.com

====================================================================


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=core
    severity=critical
---
Site configuration information for perl v5.8.0:

Configured by stephens at Thu Apr 17 01:49:56 EDT 2003.

Summary of my perl5 (revision 5.0 version 8 subversion 0) configuration:
  Platform:
    osname=linux, osvers=2.4.18-24.8.0, archname=i686-linux
    uname='linux ion09 2.4.18-24.8.0 #1 fri jan 31 06:51:30 est 2003 i686 i686 i386 gnulinux '
    config_args='-des -Dusemymalloc -Uinstalluserbinperl -Dprefix=/tmp/stephens/perl-5.8.0-debug -Doptimize=-g'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=y, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-DDEBUGGING -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm',
    optimize='-g',
    cppflags='-DDEBUGGING -fno-strict-aliasing -I/usr/include/gdbm'
    ccversion='', gccversion='3.2 20020903 (Red Hat Linux 8.0 3.2-7)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lgdbm -ldb -ldl -lm -lc -lcrypt -lutil
    perllibs=-lnsl -ldl -lm -lc -lcrypt -lutil
    libc=/lib/libc-2.2.93.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.2.93'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
    cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    

---
@INC for perl v5.8.0:
    /home/stephens/local/lib/site_perl/5.6.1
    /home/stephens/local/lib/site_perl/5.6.1
    /tmp/stephens/perl-5.8.0-debug/lib/5.8.0/i686-linux
    /tmp/stephens/perl-5.8.0-debug/lib/5.8.0
    /tmp/stephens/perl-5.8.0-debug/lib/site_perl/5.8.0/i686-linux
    /tmp/stephens/perl-5.8.0-debug/lib/site_perl/5.8.0
    /tmp/stephens/perl-5.8.0-debug/lib/site_perl
    .

---
Environment for perl v5.8.0:
    HOME=/home/stephens
    LANG=en_US.UTF-8
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/stephens/local/bin:/home/stephens/bin:/home/stephens/ion/src/bin:/home/stephens/ion/src/sbin:/home/stephens/ion/bin:/usr/sbin:/sbin:/iimp/app/p/java/prod/bin:/iimp/app/prod/bin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin
    PERL5LIB=/home/stephens/local/lib/site_perl/5.6.1:/home/stephens/local/lib/site_perl/5.6.1:
    PERL_BADLANG (unset)
    SHELL=/bin/bash




nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About