Front page | perl.perl5.porters |
Postings from June 2013
On Wed Nov 14 16:16:30 2007, John.Wiersba@thomson.com wrote: > This bug manifests on AIX, Solaris, Cygwin. I have not been able to > find > a version of this program which reproduces the bug on my Linux box (perl > 5.8.5). > > #!/usr/bin/perl -w > use strict; > $| = 1; > my $d1 = "["; > my $d2 = "]"; > $_ = "abc xxxxx"; > pos = 0; > my @x = /abc/g; > print "<$#+><$#->\n"; > my $x = pos $_; > > produces: > > <0><41> > > This bug is visible also on AIX where the output is > > <0><805468008> > > There are many variations on this, sometimes producing huge values for > $#-. > This causes perl to abort with "Out of memory" when, for example, > copying @- > to another array. > With 5.8.8, I can duplicate the odd second values. If I run the above program with perl-5.8.0, 5.8.3, or 5.8.8 using valgrind, I see something like: ==13447== Use of uninitialised value of size 4 ==13447== at 0x40C5256: _itoa_word (_itoa.c:195) ==13447== by 0x40C8AE1: vfprintf (vfprintf.c:1613) ==13447== by 0x4169ABC: __vsprintf_chk (vsprintf_chk.c:86) ==13447== by 0x41699FC: __sprintf_chk (sprintf_chk.c:33) ==13447== by 0x80BA575: Perl_sv_2pv_flags (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80B247E: Perl_pp_concat (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80AA5F2: Perl_runops_standard (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x806393B: perl_run (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x8060024: main (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== ==13447== Conditional jump or move depends on uninitialised value(s) ==13447== at 0x40C525E: _itoa_word (_itoa.c:195) ==13447== by 0x40C8AE1: vfprintf (vfprintf.c:1613) ==13447== by 0x4169ABC: __vsprintf_chk (vsprintf_chk.c:86) ==13447== by 0x41699FC: __sprintf_chk (sprintf_chk.c:33) ==13447== by 0x80BA575: Perl_sv_2pv_flags (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80B247E: Perl_pp_concat (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80AA5F2: Perl_runops_standard (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x806393B: perl_run (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x8060024: main (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== ==13447== Conditional jump or move depends on uninitialised value(s) ==13447== at 0x40C694F: vfprintf (vfprintf.c:1613) ==13447== by 0x4169ABC: __vsprintf_chk (vsprintf_chk.c:86) ==13447== by 0x41699FC: __sprintf_chk (sprintf_chk.c:33) ==13447== by 0x80BA575: Perl_sv_2pv_flags (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80B247E: Perl_pp_concat (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80AA5F2: Perl_runops_standard (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x806393B: perl_run (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x8060024: main (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== ==13447== Conditional jump or move depends on uninitialised value(s) ==13447== at 0x40C6973: vfprintf (vfprintf.c:1613) ==13447== by 0x4169ABC: __vsprintf_chk (vsprintf_chk.c:86) ==13447== by 0x41699FC: __sprintf_chk (sprintf_chk.c:33) ==13447== by 0x80BA575: Perl_sv_2pv_flags (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80B247E: Perl_pp_concat (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x80AA5F2: Perl_runops_standard (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x806393B: perl_run (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== by 0x8060024: main (in /home/mhorsfall/perl5/perlbrew/perls/perl-5.8.0/bin/perl5.8.0) ==13447== <0><0> With 5.10.1, 5.17.6, or blead, I see no memory errors at all. I believe this has been fixed in passing, is this set to close? -- Matthew Horsfall (alh)Thread Next