[perl #130224] null ptr deref + segfault in Perl_sv_setpv_bufsize(sv.c:4956)

# New Ticket Created by  Brian Carpenter 
# Please include the string:  [perl #130224]
# in the subject line of all future correspondence about this issue. 
# <URL: https://rt.perl.org/Ticket/Display.html?id=130224 >


Triggered while fuzzing Perl v5.25.7-26-g7332835.

./perl -e '$$.=$A=*$=0'
ASAN:SIGSEGV
=================================================================
==8166==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x0000009394e3 bp 0x0c4200002236 sp 0x7ffc09d74b20 T0)
    #0 0x9394e2 in Perl_sv_setpv_bufsize /root/perl/sv.c:4956:5
    #1 0x8a6ab0 in Perl_pp_concat /root/perl/pp_hot.c:292:13
    #2 0x7f63bb in Perl_runops_debug /root/perl/dump.c:2260:23
    #3 0x5a06c3 in S_run_body /root/perl/perl.c:2526:2
    #4 0x5a06c3 in perl_run /root/perl/perl.c:2449
    #5 0x4de6cd in main /root/perl/perlmain.c:123:9
    #6 0x7f592806bb44 in __libc_start_main
/build/glibc-daoqzt/glibc-2.19/csu/libc-start.c:287
    #7 0x4de33c in _start (/root/perl/perl+0x4de33c)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/perl/sv.c:4956 Perl_sv_setpv_bufsize
==8166==ABORTING

• [perl #130224] null ptr deref + segfault in Perl_sv_setpv_bufsize(sv.c:4956) by Brian Carpenter
• Re: [perl #130224] null ptr deref + segfault inPerl_sv_setpv_bufsize (sv.c:4956) by Aaron Crane
• Re: [perl #130224] null ptr deref + segfault inPerl_sv_setpv_bufsize (sv.c:4956) by Dave Mitchell