From @jhi

Created by jhi@mimosa.hut.fi

Something must really be broken in the submatch handling, yet another
r->startp munging.

mimosa$ ./perl -Ilib -Mutf8 -we '$x = $^R = 67;"foot" =~ /foo(?{ $^R + 12 })((?{ $x = 12; $^R + 17 })[xy])?/;'
assertion botched (chunk's tail overwrite?)​: *(unsigned int *)((caddr_t)ovp + nbytes - sizeof (unsigned int)) == 0x55555555
zsh​: 14358 IOT instruction (core dumped) ./perl -Ilib -Mutf8 -we
mimosa$ gdb ./perl core
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.7"...
Core was generated by `./perl -Ilib -Mutf8 -we $x = $^R = 67;"foot" =~ /foo(?{ $^R + 12 })((?{ $x = 12'.
Program terminated with signal 6, Abort.
Reading symbols from /usr/lib/libsocket.so.1...done.
Reading symbols from /usr/lib/libnsl.so.1...done.
Reading symbols from /usr/lib/libdl.so.1...done.
Reading symbols from /usr/lib/libm.so.1...done.
Reading symbols from /usr/lib/libc.so.1...done.
Reading symbols from /usr/lib/libcrypt_i.so.1...done.
Reading symbols from /usr/lib/libsec.so.1...done.
Reading symbols from /usr/lib/libmp.so.2...done.
Reading symbols from /usr/lib/libgen.so.1...done.
Reading symbols from /usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1...done.
Reading symbols from /usr/lib/locale/iso_8859_1/iso_8859_1.so.2...done.
#0 0xff216b94 in _libc_kill () from /usr/lib/libc.so.1
(gdb) where
#0 0xff216b94 in _libc_kill () from /usr/lib/libc.so.1
#1 0xff1b9388 in abort () from /usr/lib/libc.so.1
#2 0x33df0 in botch (diag=0x16dfa8 "chunk's tail overwrite",
  s=0x16e008 "*(unsigned int *)((caddr_t)ovp + nbytes - sizeof (unsigned int)) == 0x55555555") at malloc.c​:997
#3 0x35798 in free (mp=0x1d9ec8) at malloc.c​:1624
#4 0x9c148 in Perl_pregfree (r=0x19d808) at regcomp.c​:4501
#5 0x6e274 in S_op_clear (o=0x1a9408) at op.c​:832
#6 0x6dfd0 in Perl_op_free (o=0x1a9408) at op.c​:736
#7 0x6df28 in Perl_op_free (o=0x1a7788) at op.c​:724
#8 0x29b64 in perl_destruct (my_perl=0x197c08) at perl.c​:404
#9 0x27a70 in main (argc=5, argv=0xffbef5d4, env=0xffbef5ec) at perlmain.c​:55
(gdb) up
#1 0xff1b9388 in abort () from /usr/lib/libc.so.1
(gdb)

Flags:
    category=core
    severity=high

Site configuration information for perl v5.7.0:

Configured by jhi at Thu Nov 30 19:27:18 EET 2000.

Summary of my perl5 (revision 5.0 version 7 subversion 0) configuration:
  Platform:
    osname=solaris, osvers=2.7, archname=sun4-solaris-64int
    uname='sunos mimosa.hut.fi 5.7 generic_106541-05 sun4u sparc '
    config_args='-des -Dusedevel -Doptimize=-g -Duse64bitint'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=undef d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=define use64bitall=undef uselongdouble=undef
  Compiler:
    cc='gcc', ccflags ='-DDEBUGGING -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-g',
    cppflags='-DDEBUGGING'
    ccversion='', gccversion='2.8.1', gccosandvers='solaris2.7'
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=87654321
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, usemymalloc=y, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' '
    libpth=/lib /usr/lib /usr/ccs/lib
    libs=-lsocket -lnsl -ldl -lm -lc -lcrypt -lsec
    perllibs=-lsocket -lnsl -ldl -lm -lc -lcrypt -lsec
    libc=/lib/libc.so, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags='-fPIC', lddlflags='-G'

Locally applied patches:
    DEVEL7928


@INC for perl v5.7.0:
    lib
    /u/vieraat/vieraat/jhi/Perl/lib
    /opt/lib/perl5/5.7.0/sun4-solaris-64int
    /opt/lib/perl5/5.7.0
    /opt/lib/perl5/site_perl/5.7.0/sun4-solaris-64int
    /opt/lib/perl5/site_perl/5.7.0
    /opt/lib/perl5/site_perl
    .


Environment for perl v5.7.0:
    HOME=/u/vieraat/vieraat/jhi
    LANG=C
    LANGUAGE (unset)
    LC_CTYPE=iso_8859_1
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/u/vieraat/vieraat/jhi/.s:/u/vieraat/vieraat/jhi/.b/SunOS:/c/bin:/p/bin:/p/adm/bin:/usr/bin:/usr/sbin:/sbin:/bin:/usr/ccs/bin:/usr/lib:/etc:/lib:/p/X6/bin:/usr/bin/X11:/usr/lib/acct:/usr/5bin:/u/vieraat/vieraat/jhi
    PERLIO=perlio
    PERLLIB=/u/vieraat/vieraat/jhi/Perl/lib
    PERL_BADLANG (unset)
    SHELL=/bin/zsh

From @jhi

On Thu, Nov 30, 2000 at 10​:03​:06PM +0200, Jarkko Hietaniemi wrote​:

This is a bug report for perl from jhi@​mimosa.hut.fi,
generated with the help of perlbug 1.33 running under perl v5.7.0.

-----------------------------------------------------------------
[Please enter your report here]

Something must really be broken in the submatch handling, yet another
r->startp munging.

In Digital UNIX​: no core dump, no panic. Sigh.