Front page | perl.perl5.porters |
Postings from February 2012
On Wed, Feb 01, 2012 at 09:37:49PM +0000, Nicholas Clark wrote:
> I'm finding it really hard to replicate the OP's problem. The memory map
> on Linux (at least x86), FreeBSD (x86), OS X (x86) and AIX (Power?) doesn't
> fail in the right way.
>
> I have this suspicion that ia64 Linux would sort of be right, except that
> it's (obviously) not 32 bit. :-)
>
> $ perl -MConfig -le 'print "$Config{archname}: " . []'
> ia64-linux-gnu-thread-multi: ARRAY(0x6000000000024120)
>
> Note how the heap isn't at the bottom of address space.
I can reproduce it on 32-bit x86, 5.8.2:
$ ./perl -e '$a[1073840232]=1'
Segmentation fault (core dumped)
It dies in av_extend(), due to trying to malloc slightly more than
2^30 * sizeof(SV*)
and the calculated size wraps round to something small, which then causes
the SEGV while trying to fill the array with &PL_sv_undef.
This has been fixed by the MEM_WRAP_CHECK mechanism added in 5.8.4, so I'm
closing the ticket.
$ ./perl -e '$a[1073840232]=1'
panic: array extend at -e line 1.
--
"Do not dabble in paradox, Edward, it puts you in danger of fortuitous wit."
-- Lady Croom, "Arcadia"