From smurf@noris.de

Created by smurf@noris.net

Apparently, Perl tries to access freed memory at some point.

This is 5.6.0, patched up to change #6025.

$ LD_PRELOAD=/usr/lib/libefence.so perl t/comp/colon.t
1..25
ok 1
...
ok 17
Segmentation fault (core dumped)
$ gdb /usr/bin/perl t/core
GNU gdb 4.18
#0 0x4003e530 in S_tokeq (my_perl=0x4029465c, sv=0x409cec64) at toke.c​:899
899 if (SvIVX(sv) == -1)
(gdb) whe
#0 0x4003e530 in S_tokeq (my_perl=0x4029465c, sv=0x413a0e74) at toke.c​:899
#1 0x40049611 in Perl_yylex (my_perl=0x4029465c) at toke.c​:4511
#2 0x400525eb in Perl_yyparse (my_perl=0x4029465c) at perly.c​:1429
#3 0x400af9bc in S_doeval (my_perl=0x4029465c, gimme=0, startop=0x0)
  at pp_ctl.c​:2782
#4 0x400b13e5 in Perl_pp_entereval (my_perl=0x4029465c) at pp_ctl.c​:3292
#5 0x4007f39c in Perl_runops_standard (my_perl=0x4029465c) at run.c​:27
#6 0x40035354 in S_run_body (my_perl=0x4029465c, oldscope=1) at perl.c​:1402
#7 0x40035063 in perl_run (my_perl=0x4029465c) at perl.c​:1326
#8 0x8049454 in main (argc=2, argv=0xbffff624, env=0xbffff630)
  at perlmain.c​:52
(gdb) p sv
$2 = (SV *) 0x413a0e74
(gdb) p *sv
$1 = {sv_any = 0x40e08ff4, sv_refcnt = 1, sv_flags = 67371012}
(gdb) p *(XPVIV *)sv->sv_any
Cannot access memory at address 0x40e08ff4.
(gdb)

The really funny part is that removing any of the tests (including the tests
after #18!) prevent the failure from occurring.

Flags:
    category=core
    severity=high

Site configuration information for perl v5.6.0:

Configured by smurf at Mon May  1 06:45:07 CEST 2000.

Summary of my perl5 (revision 5.0 version 6 subversion 0) configuration:
  Platform:
    osname=linux, osvers=2.3.99s-noris-pre6-3, archname=i686-linux-thread-multi-64all
    uname='linux play.smurf.noris.de 2.3.99s-noris-pre6-3 #1 smp sun apr 16 05:58:26 cest 2000 i686 unknown '
    config_args='-Uusenm -Duseshrplib=true -Dman1dir=/usr/man/man1 -Dman3dir=/usr/man/man3 -Dbin=/usr/lib/perl/bin -Dstartperl=#!/usr/bin/perl -Dprefix=/usr/lib/perl -d -e -Dcf_email=smurf@noris.net -Dman1ext=1p -Dman3ext=3p -Dusemultiplicity -Dusethreads -Duseithreads -Duse64bitall -Duselargefiles -Dd_dosuid -Duselongdouble -Accflags=-DDL_UNLOAD_ALL_AT_EXIT'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=define use5005threads=undef useithreads=define usemultiplicity=define
    useperlio=undef d_sfio=undef uselargefiles=define 
    use64bitint=define use64bitall=define uselongdouble=define usesocks=undef
  Compiler:
    cc='cc', optimize='-O2 -g', gccversion=2.95.2 19991024 (release)
    cppflags='-D_REENTRANT -DDL_UNLOAD_ALL_AT_EXIT -fno-strict-aliasing -I/usr/local/include'
    ccflags ='-D_REENTRANT -DDL_UNLOAD_ALL_AT_EXIT -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64'
    stdchar='char', d_stdstdio=define, usevfork=false
    intsize=4, longsize=4, ptrsize=4, doublesize=8
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long long', ivsize=8, nvtype='long double', nvsize=12, Off_t='off_t', lseeksize=8
    alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lpthread -lc -lposix -lcrypt
    libc=/lib/libc-2.1.2.so, so=so, useshrplib=true, libperl=libperl.so
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic -Wl,-rpath,/usr/lib/perl/lib/5.6.0/i686-linux-thread-multi-64all/CORE'
    cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    


@INC for perl v5.6.0:
    /usr/lib/perl/lib/5.6.0/i686-linux-thread-multi-64all
    /usr/lib/perl/lib/5.6.0
    /usr/lib/perl/lib/site_perl/5.6.0/i686-linux-thread-multi-64all
    /usr/lib/perl/lib/site_perl/5.6.0
    /usr/lib/perl/lib/site_perl/5.005
    /usr/lib/perl/lib/site_perl
    .


Environment for perl v5.6.0:
    HOME=/smurf/home
    LANG=en_US
    LANGUAGE (unset)
    LC_ALL=en_US
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/usr/pop/bin:/usr/src/STATUS/bin:/smurf/home/bin:/usr/X11R6/bin:/usr/local/bin:/usr/bin:/bin
    PERL_BADLANG (unset)
    SHELL=/bin/bash

From @gsar

On 01 May 2000 18​:32​:27 +0200, "Matthias Urlichs" wrote​:

This is a bug report for perl from smurf@​noris.net,
generated with the help of perlbug 1.28 running under perl v5.6.0.

-----------------------------------------------------------------
[Please enter your report here]

Apparently, Perl tries to access freed memory at some point.

This is 5.6.0, patched up to change #6025.

Good spotting. You probably want to back out​:

  Change 5989 by gsar@​auger on 2000/04/28 08​:27​:12

  qw(a\\b) must be parsed like 'a\\b', i.e., backslash escapes
  itself and no other (from Tom Hughes)

Or better yet, fix tokeq() to check for SvIOK before looking at SvIVX
and send me the patch. I want to encourage people who use bleadperl
to fix any problems rather than just reporting them. :-)

Sarathy
gsar@​activestate.com

From [Unknown Contact. See original ticket]

Hi,

Gurusamy Sarathy​:

    qw\(a\\\\b\) must be parsed like 'a\\\\b'\, i\.e\.\, backslash escapes
    itself and no other \(from Tom Hughes\)

Or better yet, fix tokeq() to check for SvIOK before looking at SvIVX
and send me the patch. I want to encourage people who use bleadperl
to fix any problems rather than just reporting them. :-)

Heh. OK, will do as soon as my archive is working again.

A standard way of running most of the tests under efence might
be in order, too. I'll think about it.

--
Matthias Urlichs | noris network GmbH | smurf@​noris.de | ICQ​: 20193661
The quote was selected randomly. Really. | http​://smurf.noris.de/

perl.org@triv.org - Status changed from 'open' to 'resolved'