New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEGV in Perl_sv_resetpvn when "reset" catches a sub #15314
Comments
From @dcollinsnGreetings Porters, I have compiled bleadperl with the afl-gcc compiler using: ./Configure -Dusedevel -Dprefix='/usr/local/perl-afl' -Dcc='ccache afl-gcc' -Uuselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -Dusequadmath -des And then fuzzed the resulting binary using: AFL_NO_VAR_CHECK=1 afl-fuzz -i in -o out bin/perl @@ After reducing testcases using `afl-tmin` and performing additional minimization by hand, I have located the following testcase that triggers a segmentation fault in the perl interpreter. The testcase is the 15-character file: 0,reset u;sub u On normal builds, this crashes with a segmentation fault. On debug builds, this returns a segmentation fault. dcollins@nightshade64:~/perl$ ~/perl/perl -e 'reset u;sub u' Debugging tool output is below. This bug exists at least going back to my installed system perl, 5.20.2. **GDB** dcollins@nightshade64:~/perl$ gdb --args ~/perl/perl -e 'reset u;sub u' GNU gdb (GDB) 7.10 Program received signal SIGSEGV, Segmentation fault. dcollins@nightshade64:~/perl$ gdb --args ~/perldebug/perl -e 'reset u;sub u' Program received signal SIGABRT, Aborted. **VALGRIND** dcollins@nightshade64:~/perl$ valgrind ~/perl/perl -e 'reset u;sub u' **PERL -V** dcollins@nightshade64:~/perl$ ./perl -Ilib -V Characteristics of this binary (from libperl): |
From @cpansproutOn Mon May 09 16:16:07 2016, dcollinsn@gmail.com wrote:
This bug is old: $ perl5.8.8 -e 'reset "u"; sub u;' $ perl5.10 -e 'reset "u"; sub u;' I made it worse in 5.22: $ perl5.20.2 -e 'reset u; sub u{}' -- Father Chrysostomos |
The RT System itself - Status changed from 'new' to 'open' |
From @cpansproutOn Tue May 10 12:54:11 2016, sprout wrote:
It’s worse than I thought. reset assumes that everything in a stash is a glob: $ ./perl -Ilib -e '$::{u}=undef; reset "u"' -- Father Chrysostomos |
From @cpansproutOn Tue May 10 12:58:53 2016, sprout wrote:
Fixed in fcd1306. -- Father Chrysostomos |
@cpansprout - Status changed from 'open' to 'pending release' |
From @khwilliamsonThank you for filing this report. You have helped make Perl better. With the release today of Perl 5.26.0, this and 210 other issues have been Perl 5.26.0 may be downloaded via: If you find that the problem persists, feel free to reopen this ticket. |
@khwilliamson - Status changed from 'pending release' to 'resolved' |
Migrated from rt.perl.org#128106 (status was 'resolved')
Searchable as RT128106$
The text was updated successfully, but these errors were encountered: