New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PERL-5.26.1 heap_use_after_free WRITE of size 1 #16323
Comments
From sraums2498@gmail.com================================================================= 0x60300000e710 is located 0 bytes inside of 32-byte region [0x60300000e710,0x60300000e730) previously allocated by thread T0 here: SUMMARY: AddressSanitizer: heap-use-after-free ??:0 __asan_memmove -- |
From sraums2498@gmail.com |
From @hvdsI get a different stack trace (same with blead or 5.26.1), which reduces to this and looks very like a stack refcounting issue:
|
The RT System itself - Status changed from 'new' to 'open' |
From @tonycozOn Sun, 07 Jan 2018 04:20:15 -0800, hv wrote:
Yes, it's a stack not refcounted issue. The $$W is executed first, which since it's executed in lvalue context, auto-vivifies the value of $W into reference to an anonymous scalar, and that anonymous scalar is pushed onto the stack. Then the $W = 0 is executed, releasing the refercence above, releasing the anonymous scalar. Finally the assignment to that anonymous scalar is attempted and Bad Things Happen. I've moved it to the public queue and linked it to the meta ticket.
That seems likely. Tony |
Migrated from rt.perl.org#132618 (status was 'open')
Searchable as RT132618$
The text was updated successfully, but these errors were encountered: