develooper Front page | perl.perl5.porters | Postings from May 2016

[perl #128182] Segfault in Perl_pv_escape with assert fail, doqr/NUL/

Thread Previous
From:
Dan Collins
Date:
May 18, 2016 22:26
Subject:
[perl #128182] Segfault in Perl_pv_escape with assert fail, doqr/NUL/
Message ID:
rt-4.0.18-17639-1463610370-1124.128182-75-0@perl.org
# New Ticket Created by  Dan Collins 
# Please include the string:  [perl #128182]
# in the subject line of all future correspondence about this issue. 
# <URL: https://rt.perl.org/Ticket/Display.html?id=128182 >


Greetings Porters,

I have compiled bleadperl with the afl-gcc compiler using:

./Configure -Dusedevel -Dprefix='/usr/local/perl-afl' -Dcc='ccache afl-gcc' -Uuselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -Dusequadmath -des
AFL_HARDEN=1 make && make test

And then fuzzed the resulting binary using:

AFL_NO_VAR_CHECK=1 afl-fuzz -i in -o out bin/perl @@

After reducing testcases using `afl-tmin` and performing additional minimization by hand, I have located the following testcase that triggers an segfault in the perl interpreter. The testcase is the file below. On normal builds, this segfaults. On debug builds, this returns an assert fail.

dcollins@nightshade64:~$ cat f3i0
do
qr//dcollins@nightshade64:~$
dcollins@nightshade64:~$ od -c f3i0
0000000   d   o  \n   q   r   /  \0   /
0000010
dcollins@nightshade64:~$ ls -l f3i0
-rw-r----- 1 dcollins afl 8 May 18 17:01 f3i0
dcollins@nightshade64:~$ ./perl/perl f3i0
Segmentation fault
dcollins@nightshade64:~$ ./perldebug/perl f3i0
perl: pp_ctl.c:3690: S_require_file: Assertion `PL_valid_types_PVX[((svtype)((_svcur)->sv_flags & 0xff)) & 0xf] || ((svtype)((_svcur)->sv_flags & 0xff)) == SVt_REGEXP' failed.
Aborted


Debugging tool output is below. A git bisect was performed and reported the following:

41188aa0f6683329a6ebb1811827fce0a096df6e is the first bad commit
commit 41188aa0f6683329a6ebb1811827fce0a096df6e
Author: Tony Cook <tony@develop-help.com>
Date:   Tue Sep 3 10:17:35 2013 +1000

    [perl #117265] correctly handle overloaded strings

:100644 100644 d79bf44da7adb960f017908188b6b2563799066d 3988c788738312cc9dcc15e948114261e0a0ddac M      doio.c
:100644 100644 896f709fc96234f8c6fb5ab73ae91432c65b412a 0f686d46d7078057cf210b3ef695fe404756ce08 M      embed.fnc
:100644 100644 3662b97d3a21031dcc82bc6d610ac1dbab8fbbfc 7e0f83ea7f8735b6d3bf0e18cefa560cb5d5619f M      embed.h
:040000 040000 83b4e1f174ce6d0bf2f6d6a573a74977289d51e5 5e26489a420e08692733eba6e747117749923c75 M      ext
:100644 100644 a5742b892abb2a404ee66f5d23240d0a6dc1db3e a2727f41a17e6255a74a7a26652e4ceb0eafdfcb M      inline.h
:100644 100644 e4cee6918c567c387e054bd57f097f7fda996bb6 5adc8d495a97bd15f6ecdb4ead223c01007c0c1b M      perl.h
:100644 100644 7de7085d6b4f0352a08fa256c4885e891f617d35 c2cc3197ce67a8370b862c8fa28411a942fa1007 M      perlio.c
:100644 100644 7fd27f8531f748818442e84176b7d3b52537b13f 243bcac7c303ef8386020730af72a341399ad215 M      pp_ctl.c
:100644 100644 88aaa0a6b163ebe25f6c60f6a202f377708fde40 7281242c1c492479a47d8e8420da0b3150a32a25 M      proto.h
:040000 040000 282fc858a0d9fe08d94515675db6a7f5326263f7 0d8ba633b8b0694cb278ba783a68566bca51bed7 M      t
bisect run success



**GDB**

dcollins@nightshade64:~$ gdb --args ./perl/perl ./f3i0
GNU gdb (GDB) 7.10
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./perl/perl...done.
(gdb) run
Starting program: /home/dcollins/perl/perl ./f3i0
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00000000004d1883 in Perl_pv_escape (dsv=0x86d120,
    str=0x86cfb8 "\b\206\207", count=8753688, max=17507376, escaped=0x0,
    flags=0) at dump.c:213
213                          else if ( (pv+readsize < end) && isDIGIT((U8)*(pv+r                                                                                                                     eadsize)) )
(gdb) bt
#0  0x00000000004d1883 in Perl_pv_escape (dsv=0x86d120,
    str=0x86cfb8 "\b\206\207", count=8753688, max=17507376, escaped=0x0,
    flags=0) at dump.c:213
#1  0x0000000000565d27 in S_require_file (sv=0x859228) at pp_ctl.c:3688
#2  0x00000000005675ff in Perl_pp_require () at pp_ctl.c:4124
#3  0x0000000000508326 in Perl_runops_standard () at run.c:41
#4  0x0000000000448e80 in S_run_body (oldscope=1) at perl.c:2517
#5  0x0000000000448a2f in perl_run (my_perl=0x857010) at perl.c:2440
#6  0x000000000041e730 in main (argc=2, argv=0x7fffffffe658,
    env=0x7fffffffe670) at perlmain.c:116
(gdb) info locals
u = 0
c = 0 '\000'
esc = 92 '\\'
dq = 92 '\\'
octbuf = "\\0\000\064\000\065\066\067\070\071ABCDF", '\000' <repeats 16 times>
wrote = 290820
chsize = 2
readsize = 1
isuni = false
pv = 0x898fff ""
end = 0x10c61d0 <error: Cannot access memory at address 0x10c61d0>
(gdb) l
208                          if ( (flags & PERL_PV_ESCAPE_DWIM) && c != '\0' ) {
209                             chsize = my_snprintf( octbuf, PV_ESCAPE_OCTBUFSIZE,
210                                           isuni ? "%cx{%02"UVxf"}" : "%cx%02"UVxf,
211                                           esc, u);
212                          }
213                          else if ( (pv+readsize < end) && isDIGIT((U8)*(pv+readsize)) )
214                                 chsize = my_snprintf( octbuf, PV_ESCAPE_OCTBUFSIZE,
215                                                       "%c%03o", esc, c);
216                             else
217                                 chsize = my_snprintf( octbuf, PV_ESCAPE_OCTBUFSIZE,
(gdb)


**VALGRIND**

dcollins@nightshade64:~$ valgrind ./perl/perl ./f3i0
==43712== Memcheck, a memory error detector
==43712== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==43712== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==43712== Command: ./perl/perl ./f3i0
==43712==
==43712== Use of uninitialised value of size 8
==43712==    at 0x4D188B: Perl_pv_escape (dump.c:213)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D15E3: Perl_pv_escape (dump.c:169)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D15F9: Perl_pv_escape (dump.c:171)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D170F: Perl_pv_escape (dump.c:185)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D171B: Perl_pv_escape (dump.c:185)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Use of uninitialised value of size 8
==43712==    at 0x4D1723: Perl_pv_escape (dump.c:185)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D1749: Perl_pv_escape (dump.c:187)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D174E: Perl_pv_escape (dump.c:187)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D1753: Perl_pv_escape (dump.c:187)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D1758: Perl_pv_escape (dump.c:187)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x4D175D: Perl_pv_escape (dump.c:187)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Use of uninitialised value of size 8
==43712==    at 0x5BE9221: _itoa_word (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BEC98C: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D1912: Perl_pv_escape (dump.c:217)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BE9228: _itoa_word (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BEC98C: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D1912: Perl_pv_escape (dump.c:217)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BECA0F: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D1912: Perl_pv_escape (dump.c:217)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BEC4B9: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D1912: Perl_pv_escape (dump.c:217)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BEC542: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D1912: Perl_pv_escape (dump.c:217)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BECA0F: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D18C0: Perl_pv_escape (dump.c:214)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BEC4B9: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D18C0: Perl_pv_escape (dump.c:214)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Conditional jump or move depends on uninitialised value(s)
==43712==    at 0x5BEC542: vfprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5C16248: vsnprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x5BF3D11: snprintf (in /lib/x86_64-linux-gnu/libc-2.22.so)
==43712==    by 0x4D18C0: Perl_pv_escape (dump.c:214)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==
==43712== Invalid read of size 1
==43712==    at 0x4D1883: Perl_pv_escape (dump.c:213)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==  Address 0x5f64dd0 is 0 bytes after a block of size 4,080 alloc'd
==43712==    at 0x4C28C0F: malloc (vg_replace_malloc.c:299)
==43712==    by 0x4DC92B: Perl_safesysmalloc (util.c:153)
==43712==    by 0x51850E: S_more_sv (sv.c:307)
==43712==    by 0x52CA51: Perl_newSV_type (sv.c:9559)
==43712==    by 0x436656: Perl_newXS_len_flags (op.c:8997)
==43712==    by 0x4363C8: Perl_newXS_flags (op.c:8939)
==43712==    by 0x5BA3A1: Perl_boot_core_UNIVERSAL (universal.c:1090)
==43712==    by 0x448343: S_parse_body (perl.c:2266)
==43712==    by 0x4475CF: perl_parse (perl.c:1681)
==43712==    by 0x41E717: main (perlmain.c:114)
==43712==
==43712== Invalid read of size 1
==43712==    at 0x4D15CA: Perl_pv_escape (dump.c:166)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==  Address 0x5f64dd0 is 0 bytes after a block of size 4,080 alloc'd
==43712==    at 0x4C28C0F: malloc (vg_replace_malloc.c:299)
==43712==    by 0x4DC92B: Perl_safesysmalloc (util.c:153)
==43712==    by 0x51850E: S_more_sv (sv.c:307)
==43712==    by 0x52CA51: Perl_newSV_type (sv.c:9559)
==43712==    by 0x436656: Perl_newXS_len_flags (op.c:8997)
==43712==    by 0x4363C8: Perl_newXS_flags (op.c:8939)
==43712==    by 0x5BA3A1: Perl_boot_core_UNIVERSAL (universal.c:1090)
==43712==    by 0x448343: S_parse_body (perl.c:2266)
==43712==    by 0x4475CF: perl_parse (perl.c:1681)
==43712==    by 0x41E717: main (perlmain.c:114)
==43712==
==43712==
==43712== More than 10000000 total errors detected.  I'm not reporting any more.
==43712== Final error counts will be inaccurate.  Go fix your program!
==43712== Rerun with --error-limit=no to disable this cutoff.  Note
==43712== that errors may occur in your program without prior warning from
==43712== Valgrind, because errors are no longer being displayed.
==43712==
==43712==
==43712== Process terminating with default action of signal 11 (SIGSEGV)
==43712==  Access not within mapped region at address 0x6B571C8
==43712==    at 0x4D15CA: Perl_pv_escape (dump.c:166)
==43712==    by 0x565D26: S_require_file (pp_ctl.c:3688)
==43712==    by 0x5675FE: Perl_pp_require (pp_ctl.c:4124)
==43712==    by 0x508325: Perl_runops_standard (run.c:41)
==43712==    by 0x448E7F: S_run_body (perl.c:2517)
==43712==    by 0x448A2E: perl_run (perl.c:2440)
==43712==    by 0x41E72F: main (perlmain.c:116)
==43712==  If you believe this happened as a result of a stack
==43712==  overflow in your program's main thread (unlikely but
==43712==  possible), you can try to increase the size of the
==43712==  main thread stack using the --main-stacksize= flag.
==43712==  The main thread stack size used in this run was 8388608.
==43712==
==43712== HEAP SUMMARY:
==43712==     in use at exit: 25,775,750 bytes in 553 blocks
==43712==   total heap usage: 758 allocs, 205 frees, 128,453,238 bytes allocated
==43712==
==43712== LEAK SUMMARY:
==43712==    definitely lost: 184 bytes in 1 blocks
==43712==    indirectly lost: 1,972 bytes in 21 blocks
==43712==      possibly lost: 0 bytes in 0 blocks
==43712==    still reachable: 25,773,594 bytes in 531 blocks
==43712==         suppressed: 0 bytes in 0 blocks
==43712== Rerun with --leak-check=full to see details of leaked memory
==43712==
==43712== For counts of detected and suppressed errors, rerun with: -v
==43712== Use --track-origins=yes to see where uninitialised values come from
==43712== ERROR SUMMARY: 10000000 errors from 21 contexts (suppressed: 0 from 0)
Segmentation fault


**PERL -V**

dcollins@nightshade64:~$ perl/perl  -V
Summary of my perl5 (revision 5 version 25 subversion 1) configuration:
  Commit id: 9e17953912c0ab4f21dd642345727a44c388a0af
  Platform:
    osname=linux, osvers=4.5.0-2-amd64, archname=x86_64-linux-ld
    uname='linux nightshade64 4.5.0-2-amd64 #1 smp debian 4.5.3-2 (2016-05-08) x86_64 gnulinux '
    config_args='-Dusedevel -Dprefix=/usr/local/perl-afl -Dcc=ccache afl-gcc -Duselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -DDEBUGGING -DDEBUG_LEAKING_SCALARS -des'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    use64bitint=define, use64bitall=define, uselongdouble=define
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='ccache afl-gcc', ccflags ='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-g',
    cppflags='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include'
    ccversion='', gccversion='6.1.0', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678, doublekind=3
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16, longdblkind=3
    ivtype='long', ivsize=8, nvtype='long double', nvsize=16, Off_t='off_t', lseeksize=8
    alignbytes=16, prototype=define
  Linker and Libraries:
    ld='ccache afl-gcc', ldflags =' -fstack-protector-strong -L/usr/local/lib'
    libpth=/usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib
    libs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.22.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.22'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -g -L/usr/local/lib -fstack-protector-strong'


Characteristics of this binary (from libperl):
  Compile-time options: HAS_TIMES PERLIO_LAYERS PERL_COPY_ON_WRITE
                        PERL_DONT_CREATE_GVSV
                        PERL_HASH_FUNC_ONE_AT_A_TIME_HARD PERL_MALLOC_WRAP
                        PERL_OP_PARENT PERL_PRESERVE_IVUV PERL_USE_DEVEL
                        USE_64_BIT_ALL USE_64_BIT_INT USE_LARGE_FILES
                        USE_LOCALE USE_LOCALE_COLLATE USE_LOCALE_CTYPE
                        USE_LOCALE_NUMERIC USE_LOCALE_TIME USE_LONG_DOUBLE
                        USE_PERLIO USE_PERL_ATOF
  Built under linux
  Compiled at May 17 2016 20:01:23
  @INC:
    /usr/local/perl-afl/lib/site_perl/5.25.1/x86_64-linux-ld
    /usr/local/perl-afl/lib/site_perl/5.25.1
    /usr/local/perl-afl/lib/5.25.1/x86_64-linux-ld
    /usr/local/perl-afl/lib/5.25.1
    /usr/local/perl-afl/lib/site_perl/5.24.0
    /usr/local/perl-afl/lib/site_perl
    .


Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About