develooper Front page | perl.perl5.porters | Postings from February 2015

[perl #123863] Perl_regexec_flags: Assertion `prog->intflags & 0x00000100' failed (regexc.c:3123)

Thread Previous
Brian Carpenter
February 17, 2015 20:28
[perl #123863] Perl_regexec_flags: Assertion `prog->intflags & 0x00000100' failed (regexc.c:3123)
Message ID:
# New Ticket Created by  Brian Carpenter 
# Please include the string:  [perl #123863]
# in the subject line of all future correspondence about this issue. 
# <URL: >

Built v5.21.9 (v5.21.8-346-g04ffdf6) using the following command line:

./Configure -des -Dusedevel -DDEBUGGING -Dcc=afl-gcc -Doptimize=-O2\ -g && AFL_HARDEN=1 make -j8 test-prep

Bug found with AFL (

GDB output:
gdb-peda$ file ~/perl/perl
gdb-peda$ set args -f test01-min
gdb-peda$ r
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/".
perl: regexec.c:3123: Perl_regexec_flags: Assertion `prog->intflags & 0x00000100' failed.

Program received signal SIGABRT, Aborted.
RAX: 0x0 
RBX: 0x7fffffffe641 --> 0x662d006c726570 ('perl')
RCX: 0xffffffffffffffff 
RDX: 0x6 
RSI: 0x4b1d 
RDI: 0x4b1d 
RBP: 0x7ffff6ea9a07 --> 0x257325732500203a (': ')
RSP: 0x7fffffffdd98 --> 0x7ffff6d923e0 (<*__GI_abort+384>:	mov    rdx,QWORD PTR fs:0x10)
RIP: 0x7ffff6d8f165 (<*__GI_raise+53>:	cmp    rax,0xfffffffffffff000)
R8 : 0x7ffff7fdd700 (0x00007ffff7fdd700)
R9 : 0x6f727060206e6f69 ('ion `pro')
R10: 0x8 
R11: 0x206 
R12: 0xfa69cb ("prog->intflags & 0x00000100")
R13: 0xfaa720 ("Perl_regexec_flags")
R14: 0x7ffff6ea9a07 --> 0x257325732500203a (': ')
R15: 0xc33 ('3\x0c')
EFLAGS: 0x206 (carry PARITY adjust zero sign trap INTERRUPT direction overflow)
   0x7ffff6d8f15b <*__GI_raise+43>:	movsxd rdi,eax
   0x7ffff6d8f15e <*__GI_raise+46>:	mov    eax,0xea
   0x7ffff6d8f163 <*__GI_raise+51>:	syscall 
=> 0x7ffff6d8f165 <*__GI_raise+53>:	cmp    rax,0xfffffffffffff000
   0x7ffff6d8f16b <*__GI_raise+59>:	ja     0x7ffff6d8f182 <*__GI_raise+82>
   0x7ffff6d8f16d <*__GI_raise+61>:	repz ret 
   0x7ffff6d8f16f <*__GI_raise+63>:	nop
   0x7ffff6d8f170 <*__GI_raise+64>:	test   eax,eax
0000| 0x7fffffffdd98 --> 0x7ffff6d923e0 (<*__GI_abort+384>:	mov    rdx,QWORD PTR fs:0x10)
0008| 0x7fffffffdda0 --> 0xfa69cb ("prog->intflags & 0x00000100")
0016| 0x7fffffffdda8 --> 0x7ffff6eab9c1 --> 0x706c6568007325 ('%s')
0024| 0x7fffffffddb0 --> 0x7fffffffddd0 --> 0x3000000018 
0032| 0x7fffffffddb8 --> 0xc33 ('3\x0c')
0040| 0x7fffffffddc0 --> 0x7fffffffdec0 --> 0x7fffffffe641 --> 0x662d006c726570 ('perl')
0048| 0x7fffffffddc8 --> 0x7ffff6dc3fe6 (<__fxprintf+310>:	lea    rsp,[rbp-0x20])
0056| 0x7fffffffddd0 --> 0x3000000018 
Legend: code, data, rodata, value
Stopped reason: SIGABRT
0x00007ffff6d8f165 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64	../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.

Debian 7, kernel v3.2.63-2+deb7u2 x86_64, libc6 v2.13-38+deb7u7, GCC 4.9.2

Test case hexdump:
0000000 5f24 223d 2230 653b 6176 226c 2f73 2f2f
0000010 2267 6877 6c69 2065 2f73 2928 2f2f 006e
Thread Previous Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About