[perl #54224] segfault in perl_clone(), probably due to running out of memory

Front page | perl.perl5.porters | Postings from May 2008
[perl #54224] segfault in perl_clone(), probably due to running out of memory

From:
Niko Tyni
Date:
May 15, 2008 16:35
Subject:
[perl #54224] segfault in perl_clone(), probably due to running out of memory
Message ID:
rt-3.6.HEAD-11257-1210881031-1319.54224-75-0@perl.org
# New Ticket Created by  Niko Tyni 
# Please include the string:  [perl #54224]
# in the subject line of all future correspondence about this issue. 
# <URL: http://rt.perl.org/rt3/Ticket/Display.html?id=54224 >


This is a bug report for perl from Niko Tyni <ntyni@debian.org>,
generated with the help of perlbug 1.36 running under perl 5.10.0.


-----------------------------------------------------------------
As reported in <http://bugs.debian.org/343690>, the attached script
crashes 5.8.8, 5.10.0 and blead @33824 in a mostly reproducible way with
a segmentation fault.

Note that unlimiting the process stack size ('ulimit -s unlimited' or the
like) seems to be required, and it takes three or four tries on my amd64
SMP host to get it to crash. The sysctls may be required on Linux to keep
the system from swapping itself to death first (vm.overcommit_memory=2
means never overcommit, see proc(5)).

Severity set to "low" because I assume the system is running out of
memory during perl_clone(), which makes it mostly a user error. The
situation is not handled very gracefully, though.

Backtrace on 5.10.0 follows. The resulting core file is obscenely big. The
number of Perl_*_dup calls and the final crashing place in the stack
trace varies.

% debugperl ~/t.pl
sid% debugperl ~/t.pl
0
Thread creation failed: pthread_create returned 12 at /home/niko/t.pl
line 26.
Out of memory!
sid% debugperl ~/t.pl
0
Thread creation failed: pthread_create returned 12 at /home/niko/t.pl
line 26.
--76--
76
76
76

sid% debugperl ~/t.pl
0
Thread creation failed: pthread_create returned 12 at /home/niko/t.pl
line 26.
Thread creation failed: pthread_create returned 12 at /home/niko/t.pl
line 26.
zsh: segmentation fault (core dumped)  debugperl ~/t.pl

#0  0x00000000004833bf in S_more_bodies (my_perl=0x1d50da0, sv_type=SVt_PVAV) at sv.c:1065
#1  0x0000000000484536 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5d88, param=0x40601c20) at sv.c:10106
#2  0x00000000004844b6 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5d70, param=0x40601c20) at sv.c:10218
#3  0x00000000004845d0 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5d58, param=0x40601c20) at sv.c:10304
#4  0x0000000000484413 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5bd8, param=0x40601c20) at sv.c:10305
#5  0x0000000000485605 in Perl_gp_dup (my_perl=0x1d50da0, gp=0x9c9fc8, param=0x40601c20) at sv.c:9738
#6  0x0000000000483e59 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5bc0, param=0x40601c20) at sv.c:10172
#7  0x000000000046c973 in Perl_he_dup (my_perl=0x1d50da0, e=0x9c02f8, shared=-96 ' ', param=0x40601c20)
    at hv.c:189
#8  0x0000000000484023 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5b90, param=0x40601c20) at sv.c:10247
#9  0x00000000004855ca in Perl_gp_dup (my_perl=0x1d50da0, gp=0x9c9df8, param=0x40601c20) at sv.c:9736
#10 0x0000000000483e59 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9c5b78, param=0x40601c20) at sv.c:10172
#11 0x000000000046c973 in Perl_he_dup (my_perl=0x1d50da0, e=0x9c02b0, shared=-32 'à', param=0x40601c20)
    at hv.c:189
#12 0x0000000000484023 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9605d8, param=0x40601c20) at sv.c:10247
#13 0x0000000000483e47 in Perl_sv_dup (my_perl=0x1d50da0, sstr=0x9605c0, param=0x40601c20) at sv.c:10171
#14 0x0000000000498995 in perl_clone (proto_perl=0x91cda0, flags=2) at sv.c:11077
#15 0x00002b2f8a126244 in XS_threads_create (my_perl=0x91cda0, cv=<value optimized out>)
    at threads.xs:666
#16 0x0000000000479a78 in Perl_pp_entersub (my_perl=0x91cda0) at pp_hot.c:2847
#17 0x00000000004533f1 in Perl_runops_debug (my_perl=0x91cda0) at dump.c:1931
#18 0x0000000000472628 in Perl_call_sv (my_perl=0x91cda0, sv=0x9d5e08, flags=4) at perl.c:2653
#19 0x00002b2f8a127d6e in S_ithread_run (arg=<value optimized out>) at threads.xs:440
#20 0x00002b2f84787017 in start_thread () from /lib/libpthread.so.0
#21 0x00002b2f84a6154d in clone () from /lib/libc.so.6
#22 0x0000000000000000 in ?? ()


-----------------------------------------------------------------
---
Flags:
    category=core
    severity=low
---
Site configuration information for perl 5.10.0:

Configured by Debian Project at Thu May  8 11:57:24 UTC 2008.

Summary of my perl5 (revision 5 version 10 subversion 0) configuration:
  Platform:
    osname=linux, osvers=2.6.18-6-xen-amd64, archname=x86_64-linux-gnu-thread-multi
    uname='linux sid 2.6.18-6-xen-amd64 #1 smp thu apr 24 05:10:26 utc 2008 x86_64 gnulinux '
    config_args='-Dusethreads -Duselargefiles -Dccflags=-DDEBIAN -Dcccdlflags=-fPIC -Darchname=x86_64-linux-gnu -Dprefix=/usr -Dprivlib=/usr/share/perl/5.10 -Darchlib=/usr/lib/perl/5.10 -Dvendorprefix=/usr -Dvendorlib=/usr/share/perl5 -Dvendorarch=/usr/lib/perl5 -Dsiteprefix=/usr/local -Dsitelib=/usr/local/share/perl/5.10.0 -Dsitearch=/usr/local/lib/perl/5.10.0 -Dman1dir=/usr/share/man/man1 -Dman3dir=/usr/share/man/man3 -Dsiteman1dir=/usr/local/man/man1 -Dsiteman3dir=/usr/local/man/man3 -Dman1ext=1 -Dman3ext=3perl -Dpager=/usr/bin/sensible-pager -Uafs -Ud_csh -Ud_ualarm -Uusesfio -Uusenm -DDEBUGGING=-g -Doptimize=-O2 -Duseshrplib -Dlibperl=libperl.so.5.10.0 -Dd_dosuid -des'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=define, usemultiplicity=define
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2 -g',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include'
    ccversion='', gccversion='4.2.3 (Debian 4.2.3-5)', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib /lib64 /usr/lib64
    libs=-lgdbm -lgdbm_compat -ldb -ldl -lm -lpthread -lc -lcrypt
    perllibs=-ldl -lm -lpthread -lc -lcrypt
    libc=/lib/libc-2.7.so, so=so, useshrplib=true, libperl=libperl.so.5.10.0
    gnulibc_version='2.7'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -g -L/usr/local/lib'

Locally applied patches:
    

---
@INC for perl 5.10.0:
    /etc/perl
    /usr/local/lib/perl/5.10.0
    /usr/local/share/perl/5.10.0
    /usr/lib/perl5
    /usr/share/perl5
    /usr/lib/perl/5.10
    /usr/share/perl/5.10
    /usr/local/lib/site_perl
    .

---
Environment for perl 5.10.0:
    HOME=/home/niko
    LANG=en_US.UTF-8
    LANGUAGE (unset)
    LC_CTYPE=fi_FI.UTF-8
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/niko/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games:/sbin:/usr/sbin
    PERL_BADLANG (unset)
    SHELL=/bin/zsh
[perl #54224] segfault in perl_clone(), probably due to running out of memory by Niko Tyni
nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About