develooper Front page | perl.perl5.porters | Postings from July 2018

[perl #133369] Null pointer dereference in S_SvREFCNT_dec

From:
Brian Carpenter
Date:
July 13, 2018 13:41
Subject:
[perl #133369] Null pointer dereference in S_SvREFCNT_dec
Message ID:
rt-4.0.24-24055-1531489254-947.133369-75-0@perl.org
# New Ticket Created by  Brian Carpenter 
# Please include the string:  [perl #133369]
# in the subject line of all future correspondence about this issue. 
# <URL: https://rt.perl.org/Ticket/Display.html?id=133369 >


./perl -e 'for$0(qw(0 0)){push@r,qr/@r(?{})/}' triggers a null pointer
dereference and segfault in v5.29.0-87-ga13f1de.

==10676==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000
(pc 0x0000007060c8 bp 0x7fffb4efe100 sp 0x7fffb4efe0e0 T0)
==10676==The signal is caused by a READ memory access.
==10676==Hint: address points to the zero page.
    #0 0x7060c7 in S_SvREFCNT_dec /root/perl/./inline.h:212:11
    #1 0x7305f0 in S_free_codeblocks /root/perl/regcomp.c:6268:9
    #2 0x9b59ca in Perl_leave_scope /root/perl/scope.c
    #3 0x9df198 in Perl_dounwind /root/perl/pp_ctl.c:1549:9
    #4 0x5b5846 in S_my_exit_jump /root/perl/perl.c:5240:9
    #5 0x5c092e in Perl_my_failure_exit /root/perl/perl.c:5227:5
    #6 0x9e1d2f in Perl_die_unwind /root/perl/pp_ctl.c:1796:5
    #7 0x7ce081 in Perl_vcroak /root/perl/util.c:1715:5
    #8 0x7c6b5b in Perl_croak /root/perl/util.c:1760:5
    #9 0x70362b in S_reg /root/perl/regcomp.c
    #10 0x77618a in S_regatom /root/perl/regcomp.c:12960:15
    #11 0x77232c in S_regpiece /root/perl/regcomp.c:12004:11
    #12 0x762ea2 in S_regbranch /root/perl/regcomp.c:11932:18
    #13 0x6f451c in S_reg /root/perl/regcomp.c:11663:10
    #14 0x77618a in S_regatom /root/perl/regcomp.c:12960:15
    #15 0x77232c in S_regpiece /root/perl/regcomp.c:12004:11
    #16 0x762ea2 in S_regbranch /root/perl/regcomp.c:11932:18
    #17 0x6f451c in S_reg /root/perl/regcomp.c:11663:10
    #18 0x6dc4ba in Perl_re_op_compile /root/perl/regcomp.c:7224:9
    #19 0x9c4274 in Perl_pp_regcomp /root/perl/pp_ctl.c:108:14
    #20 0x7c17d8 in Perl_runops_debug /root/perl/dump.c:2536:23
    #21 0x5b0831 in S_run_body /root/perl/perl.c
    #22 0x5afe7b in perl_run /root/perl/perl.c:2617:2
    #23 0x50da47 in main /root/perl/perlmain.c:122:9
    #24 0x7f39127c182f in __libc_start_main
/build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
    #25 0x436d28 in _start (/root/perl/perl+0x436d28)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/perl/./inline.h:212:11 in
S_SvREFCNT_dec
==10676==ABORTING




nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About