Front page | perl.perl5.porters |
Postings from August 2016
# New Ticket Created by Brian Carpenter
# Please include the string: [perl #129027]
# in the subject line of all future correspondence about this issue.
# <URL: https://rt.perl.org/Ticket/Display.html?id=129027 >
The following script triggers a null pointer deref (Perl_mess_sv (util.c:1508)) in Perl v5.25.4 (v5.25.3-305-g8c6b0c7). May only affect -DDEBUGGING builds because removing the `D` flag stifles the crash.
#!perl -D200000
${qq$\x5F$}=q 0f0and s 0.0qq e&$&e0ee
free op at 61900000db00, recorded in slab 61500000fa80 at (eval 1) line 1.
ASAN:SIGSEGV
=================================================================
==6436==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000021 (pc 0x0000007fdc8f bp 0x7ffeef401250 sp 0x7ffeef4011a0 T0)
#0 0x7fdc8e in Perl_mess_sv /root/perl/util.c:1508:6
#1 0x7fd28b in Perl_vmess /root/perl/util.c:1561:12
#2 0x7fd28b in Perl_mess /root/perl/util.c:1391
#3 0x4e0415 in Perl_Slab_Free /root/perl/op.c:442:5
#4 0x4e215d in Perl_op_free /root/perl/op.c:855:9
#5 0x4e1da5 in Perl_op_free /root/perl/op.c:837:21
#6 0xa23982 in Perl_leave_scope /root/perl/scope.c:1109:6
#7 0xa56785 in S_pop_eval_context_maybe_croak /root/perl/pp_ctl.c:1605:5
#8 0xa55e46 in Perl_die_unwind /root/perl/pp_ctl.c:1733:13
#9 0x7ff91f in Perl_vcroak /root/perl/util.c:1791:5
#10 0x7ff80c in Perl_die /root/perl/util.c:1722:5
#11 0x8dc64f in Perl_pp_entersub /root/perl/pp_hot.c:3826:13
#12 0x7f1b53 in Perl_runops_debug /root/perl/dump.c:2234:23
#13 0x5a0ff6 in S_run_body /root/perl/perl.c:2524:2
#14 0x5a0ff6 in perl_run /root/perl/perl.c:2447
#15 0x4de68d in main /root/perl/perlmain.c:123:9
#16 0x7f0c50ba2b44 in __libc_start_main /build/glibc-uPj9cH/glibc-2.19/csu/libc-start.c:287
#17 0x4de2fc in _start (/root/perl/perl+0x4de2fc)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/perl/util.c:1508 Perl_mess_sv
==6436==ABORTING
Thread Previous