[perl #129106] null ptr deref, segfault Perl_sv_vcatpvfn_flags(sv.c:12398)

# New Ticket Created by  Brian Carpenter 
# Please include the string:  [perl #129106]
# in the subject line of all future correspondence about this issue. 
# <URL: https://rt.perl.org/Ticket/Display.html?id=129106 >


Fuzzing Perl v5.25.4-20-gc2f7c0b* with AFL, ASAN and libdislocator.

1713 lines of Debug output later...
http://pastebin.com/JiMN4fZP

==19229==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x00000097c6ee bp 0x7fffba9d9130 sp 0x7fffba9d8b80 T0)
    #0 0x97c6ed in Perl_sv_vcatpvfn_flags /root/perl/sv.c:12398:21
    #1 0x967dc8 in Perl_sv_vsetpvfn /root/perl/sv.c:10815:5
    #2 0x967dc8 in Perl_vnewSVpvf /root/perl/sv.c:9429
    #3 0xc23d60 in PerlIO_vprintf /root/perl/perlio.c:4977:10
    #4 0x7d4cd9 in Perl_dump_vindent /root/perl/dump.c:520:5
    #5 0x7d4cd9 in Perl_dump_indent /root/perl/dump.c:511
    #6 0x7e0887 in Perl_do_sv_dump /root/perl/dump.c:1580:2
    #7 0x7f12a2 in Perl_sv_dump /root/perl/dump.c:2193:2
    #8 0x9478b4 in Perl_sv_clear /root/perl/sv.c:6639:4
    #9 0x94c452 in Perl_sv_free2 /root/perl/sv.c:6956:9
    #10 0x4e38b7 in S_SvREFCNT_dec /root/perl/./inline.h:189:6
    #11 0x4e38b7 in Perl_op_clear /root/perl/op.c:973
    #12 0x4e2195 in Perl_op_free /root/perl/op.c:854:9
    #13 0x4e1de5 in Perl_op_free /root/perl/op.c:837:21
    #14 0xa23a72 in Perl_leave_scope /root/perl/scope.c:1109:6
    #15 0xa56865 in S_pop_eval_context_maybe_croak /root/perl/pp_ctl.c:1605:5
    #16 0xa55f26 in Perl_die_unwind /root/perl/pp_ctl.c:1733:13
    #17 0x7ffa2f in Perl_vcroak /root/perl/util.c:1791:5
    #18 0x7ff91c in Perl_die /root/perl/util.c:1722:5
    #19 0x9b7459 in Perl_pp_divide /root/perl/pp.c:1555:17
    #20 0x7f1c63 in Perl_runops_debug /root/perl/dump.c:2234:23
    #21 0x5a10a6 in S_run_body /root/perl/perl.c:2525:2
    #22 0x5a10a6 in perl_run /root/perl/perl.c:2448
    #23 0x4de6cd in main /root/perl/perlmain.c:123:9
    #24 0x7f74425e5b44 in __libc_start_main /build/glibc-uPj9cH/glibc-2.19/csu/libc-start.c:287
    #25 0x4de33c in _start (/root/perl/perl+0x4de33c)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/perl/sv.c:12398 Perl_sv_vcatpvfn_flags
==19229==ABORTING

• [perl #129106] null ptr deref, segfault Perl_sv_vcatpvfn_flags(sv.c:12398) by Father Chrysostomos via RT
• [perl #129106] null ptr deref, segfault Perl_sv_vcatpvfn_flags(sv.c:12398) by Brian Carpenter