Front page | perl.perl5.porters |
Postings from June 2019
On Thu, 20 Jun 2019 02:44:34 -0700, imdb95@gmail.com wrote: > I am trying to build Perl with American Fuzzing Lop, but have failed. > I write this report with builtin perlbug. > Clang+llvm: clang+llvm-4.0.0-x86_64-linux-gnu-ubuntu-16.04 ( > http://releases.llvm.org/4.0.0/clang+llvm-4.0.0-x86_64-linux-gnu- > ubuntu-16.04.tar.xz > ) > AFL: afl-2.52b > The version I want to build is: perl 5, version 31, subversion 1 > ******************************* > ./miniperl -v > > This is perl 5, version 31, subversion 1 (v5.31.1 (UNKNOWN-miniperl)) > built > for x86_64-linux > ******************************* > Following is building log: > ******************************** > [Run]: AFL_USE_ASAN=1 ./Configure -des -Dusedevel -DDEBUGGING > -Dcc=afl-clang-fast -Doptimize=-g > [Output]: => Success > > [Run]: AFL_USE_ASAN=1 make > [Output]: > ... > afl-clang-fast -fstack-protector-strong -L/usr/local/lib -o miniperl \ > opmini.o perlmini.o gv.o toke.o perly.o pad.o regcomp.o dump.o > util.o > mg.o reentr.o mro_core.o keywords.o hv.o > av.o run.o pp_hot.o sv.o pp.o scope.o pp_ctl.o pp_sys.o doop.o doio.o > regexec.o utf8.o taint.o deb.o universal.o g > lobals.o perlio.o perlapi.o numeric.o mathoms.o locale.o pp_pack.o > pp_sort.o caretx.o dquote.o time64.o miniperlma > in.o -lpthread -lnsl -ldl -lm -lcrypt -lutil -lc > afl-clang-fast 2.52b by <lszekeres@google.com> > ./miniperl -w -Ilib -Idist/Exporter/lib -MExporter -e '<?>' || sh -c > 'echo > > &2 Failed to build miniperl. Please ru > n make minitest; exit 1' > ================================================================= > ==16743==ERROR: AddressSanitizer: heap-use-after-free on address > 0x6020000006b0 at pc 0x00000045c609 bp 0x7fff1fe02 > b50 sp 0x7fff1fe022f8 > READ of size 2 at 0x6020000006b0 thread T0 > #0 0x45c608 in __interceptor_setlocale > /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler- > rt/lib/asa > n/../sanitizer_common/sanitizer_common_interceptors.inc:2875:5 > #1 0x887905 in Perl_upg_version /root/Fuzz/perl/./vutil.c:717:17 > #2 0x8853ed in Perl_new_version /root/Fuzz/perl/./vutil.c:551:12 > #3 0xb31ee3 in S_require_version /root/Fuzz/perl/pp_ctl.c:3719:10 > #4 0xb31ee3 in Perl_pp_require /root/Fuzz/perl/pp_ctl.c:4345 > #5 0x863dbc in Perl_runops_debug /root/Fuzz/perl/dump.c:2537:23 > #6 0x5d0f4c in Perl_call_sv /root/Fuzz/perl/perl.c:3043:6 > #7 0x5bbc7d in Perl_call_list /root/Fuzz/perl/perl.c:5077:6 > #8 0x56962e in S_process_special_blocks > /root/Fuzz/perl/op.c:10469:6 > #9 0x539626 in Perl_newATTRSUB_x /root/Fuzz/perl/op.c:10395:21 > #10 0x541522 in Perl_utilize /root/Fuzz/perl/op.c:7590:5 > #11 0x6dfaa0 in Perl_yyparse /root/Fuzz/perl/perly.y:336:6 > #12 0x5c88c4 in S_parse_body /root/Fuzz/perl/perl.c:2531:9 > #13 0x5bf965 in perl_parse /root/Fuzz/perl/perl.c:1822:2 > #14 0xde129c in main /root/Fuzz/perl/miniperlmain.c:132:10 > #15 0x7f21e137a82f in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) > #16 0x41c358 in _start (/root/Fuzz/perl/miniperl+0x41c358) > > 0x6020000006b0 is located 0 bytes inside of 8-byte region > [0x6020000006b0,0x6020000006b8) > freed by thread T0 here: > #0 0x4c2d0b in __interceptor_free > /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler- > rt/lib/asan/asa > n_malloc_linux.cc:47:3 > #1 0x7f21e1385049 in setlocale (/lib/x86_64-linux- > gnu/libc.so.6+0x2b049) > previously allocated by thread T0 here: > #0 0x4c305c in malloc > /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler- > rt/lib/asan/asan_malloc_lin > ux.cc:66:3 > #1 0x7f21e13e5489 in __strdup (/lib/x86_64-linux- > gnu/libc.so.6+0x8b489) > #2 0x524f4c4f435f534b (<unknown module>) > SUMMARY: AddressSanitizer: heap-use-after-free > /scratch/llvm/clang-4/xenial/final/llvm.src/projects/compiler-rt/lib > /asan/../sanitizer_common/sanitizer_common_interceptors.inc:2875:5 in > __interceptor_setlocale Is there any chance you can get valgrind on the VM? If so, can you run: valgrind ./miniperl -w -Ilib -Idist/Exporter/lib -MExporter -e '<?>' after the failed build? valgrind tends to provide better diagnostics on a use after free than ASAN. Thanks, Tony --- via perlbug: queue: perl5 status: open https://rt.perl.org/Ticket/Display.html?id=134212Thread Next