develooper Front page | perl.perl5.porters | Postings from June 2012

[perl #50528] Perl 5.10.0 segfaults on Format with my variables

Thread Next
From:
Father Chrysostomos via RT
Date:
June 28, 2012 13:17
Subject:
[perl #50528] Perl 5.10.0 segfaults on Format with my variables
Message ID:
rt-3.6.HEAD-28836-1340914660-328.50528-15-0@perl.org
On Tue Feb 05 16:33:41 2008, davem wrote:
> On Mon, Feb 04, 2008 at 07:22:29AM -0800, Stephan Springl wrote:
> > Thank you for your work on perl.  Unfortunately, perl 5.10.0
segfaults on
> > the following program:
> > 
> > ==============================================
> > sub f ($); # Comment out to get right result!
> > sub f ($) {
> >    my $test = $_[0];
> >    write;
> >    format STDOUT =
> > @<<<<<<<
> > $test
> > .
> > }
> > f(1);
> > f(2);
> > ==============================================
> 
> Thanks for the concise test case.

That was actually your own test case, from #22977. :-)

> 
> P5Pers:
> 
> The bug is due to the fact that in the presence of prototypes, after the
> real sub is compiled, its body is physically copied across to a new CV,
> which messes the CvOUTSIDE field of any child anon or format subs.
> The anon subs are fixed up by looking through the parent's pad for any
> '&' entries which point to the children that need fixing. There isn't a
> similar way to find formats, so they can't be fixed up.
> 
> The two solutions seem to be:
> 
> a) have pointers in parent pads to formats, or

Zefram did that in commit 421f30ed1e, but it can cause a crash.  A
format’s CvOUTSIDE must never be touched, because a format can be cloned
at any time, so its CvOUTSIDE must always be available for it to close
over.  If CvOUTSIDE is weakened, the outer sub could be freed, causing
the format to point to its grandfather.  Then cloning will read random
pad items from the wrong pad.

> b) rejig newATTRSUB in such a way that it doesn't have to do the
> abomination of copying the CV body.

Like copying it in perly.y:subname instead?

An alternative fix would be to have the outer pad hold a weak reference
on the format.

-- 

Father Chrysostomos


---
via perlbug:  queue: perl5 status: resolved
https://rt.perl.org:443/rt3/Ticket/Display.html?id=50528

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About