Report information
Id: 63244
Status: open
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: ntyni [at]

Operating System: Linux
PatchStatus: (no value)
Severity: low
Type: core
Perl Version: 5.10.0
Fixed In: (no value)

Subject: crash in PerlIOStdio_dup()
Date: Sun, 15 Feb 2009 23:19:32 +0200
To: perlbug [...]
From: Niko <ntyni [...]>
This is a bug report for perl from Niko Tyni <>, generated with the help of perlbug 1.36 running under perl 5.10.0. ----------------------------------------------------------------- As reported in : env PERLIO=stdio perl -e 'open(F, "<&STDOUT")' 1< /dev/null crashes on 5.8.8, 5.10.0, and blead@b9ba2fa. Backtrace on blead: #0 0x00007ffcff010110 in fileno_unlocked () from /lib/ #1 0x00000000006958bd in PerlIOStdio_dup (my_perl=0xcc4010, f=0xce08f8, o=0xce08e8, param=0x0, flags=2) at perlio.c:3036 #2 0x000000000068fb54 in PerlIO_fdupopen (my_perl=0xcc4010, f=0xce08e8, param=0x0, flags=2) at perlio.c:570 #3 0x000000000063a155 in Perl_do_openn (my_perl=0xcc4010, gv=0xce7288, oname=0xcf0318 "<&STDOUT", len=8, as_raw=0, rawmode=0, rawperm=0, supplied_fp=0x0, svp=0xcc9c60, num_svs=0) at doio.c:379 #4 0x00000000005ff0c5 in Perl_pp_open (my_perl=0xcc4010) at pp_sys.c:555 #5 0x00000000004b33fa in Perl_runops_debug (my_perl=0xcc4010) at dump.c:1983 #6 0x00000000006ef740 in S_run_body (my_perl=0xcc4010, oldscope=1) at perlmini.c:2320 #7 0x00000000006eea86 in perl_run (my_perl=0xcc4010) at perlmini.c:2240 #8 0x00000000006c08e6 in main (argc=3, argv=0x7fff07dee7c8, env=0x7fff07dee7e8) at miniperlmain.c:117 ----------------------------------------------------------------- --- Flags: category=core severity=low --- Site configuration information for perl 5.10.0: Configured by Debian Project at Thu Jan 1 15:40:00 UTC 2009. Summary of my perl5 (revision 5 version 10 subversion 0) configuration: Platform: osname=linux, osvers=2.6.26-1-vserver-amd64, archname=x86_64-linux-gnu-thread-multi uname='linux excelsior 2.6.26-1-vserver-amd64 #1 smp sat nov 8 20:24:14 utc 2008 x86_64 gnulinux ' config_args='-Dusethreads -Duselargefiles -Dccflags=-DDEBIAN -Dcccdlflags=-fPIC -Darchname=x86_64-linux-gnu -Dprefix=/usr -Dprivlib=/usr/share/perl/5.10 -Darchlib=/usr/lib/perl/5.10 -Dvendorprefix=/usr -Dvendorlib=/usr/share/perl5 -Dvendorarch=/usr/lib/perl5 -Dsiteprefix=/usr/local -Dsitelib=/usr/local/share/perl/5.10.0 -Dsitearch=/usr/local/lib/perl/5.10.0 -Dman1dir=/usr/share/man/man1 -Dman3dir=/usr/share/man/man3 -Dsiteman1dir=/usr/local/man/man1 -Dsiteman3dir=/usr/local/man/man3 -Dman1ext=1 -Dman3ext=3perl -Dpager=/usr/bin/sensible-pager -Uafs -Ud_csh -Ud_ualarm -Uusesfio -Uusenm -DDEBUGGING=-g -Doptimize=-O2 -Duseshrplib -Dd_dosuid -des' hint=recommended, useposix=true, d_sigaction=define useithreads=define, usemultiplicity=define useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef use64bitint=define, use64bitall=define, uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler: cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64', optimize='-O2 -g', cppflags='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include' ccversion='', gccversion='4.3.2', gccosandvers='' intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16 ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8 alignbytes=8, prototype=define Linker and Libraries: ld='cc', ldflags =' -L/usr/local/lib' libpth=/usr/local/lib /lib /usr/lib /lib64 /usr/lib64 libs=-lgdbm -lgdbm_compat -ldb -ldl -lm -lpthread -lc -lcrypt perllibs=-ldl -lm -lpthread -lc -lcrypt libc=/lib/, so=so, useshrplib=true, gnulibc_version='2.7' Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E' cccdlflags='-fPIC', lddlflags='-shared -O2 -g -L/usr/local/lib' Locally applied patches: --- @INC for perl 5.10.0: /etc/perl /usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl . --- Environment for perl 5.10.0: HOME=/home/niko LANG=en_US.UTF-8 LANGUAGE (unset) LC_CTYPE=fi_FI.UTF-8 LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=/home/niko/bin:/home/niko/bin:/home/niko/bin:/usr/local/bin:/usr/bin:/bin:/usr/games:/sbin:/usr/sbin PERL_BADLANG (unset) SHELL=/bin/zsh
RT-Send-CC: perl5-porters [...]
env PERLIO=stdio perl -e 'open(F, "<&STDOUT")' 1< /dev/null

crashes on 5.8.8, 5.10.0, and blead@b9ba2fa.
Binary search:

----Program----
#!/usr/bin/perl -l
close STDERR;
open STDERR, ">", "/dev/null";
system(qq(export PERLIO=stdio ; $^X -e 'open(F, "<&STDOUT")' 1< /dev/
null));
if ($?) {
    print "not ok";
} else {
    print "ok";
}
----Output of .../pN8S2gQ/perl-5.7.2@13082/bin/perl----
ok
----EOF ($?='0')----
----Output of .../pe6KUT8/perl-5.7.2@13083/bin/perl----
not ok
----EOF ($?='0')----

Change 13083 by jhi@alpha on 2001/11/18 21:37:06

        Integrate perlio:

        [ 13081]
        Win32 layer has a dup which needs to match new prototype.

        [ 13080]
        Wrong way to get stdio mode used.

        [ 13072]
        Allow dup'ing of PerlIO::Scalar etc.

But I don't really understand that Change... The message indicates it
was an integrate of 13080, 13080 and 13072. But the changes indicate an
integrate of 13081, 13080?

Kind regards,
Bram
I couldn't reproduce this with (Debian based) 5.10.1 or above.
RT-Send-CC: perl5-porters [...]
On Wed Jun 01 14:32:51 2011, dom wrote:
I couldn't reproduce this with (Debian based) 5.10.1 or above.
I *can* reproduce this with at least 5.8.0 through 5.25.2 -- Respectfully, Dan Collins
RT-Send-CC: perl5-porters [...]
On Mon Jul 18 13:02:07 2016, wrote:
On Wed Jun 01 14:32:51 2011, dom wrote:
I couldn't reproduce this with (Debian based) 5.10.1 or above.
I *can* reproduce this with at least 5.8.0 through 5.25.2
So can I. valgrind says: ==3492== Invalid read of size 4 ==3492== at 0x418BCA7: ferror (in /usr/lib/ ==3492== by 0x80A70D8: Perl_io_close (in /home/mauke/usr/bin/perl) ==3492== by 0x80C04F7: Perl_sv_clear (in /home/mauke/usr/bin/perl) ==3492== by 0x80ADD24: Perl_sv_free2 (in /home/mauke/usr/bin/perl) ==3492== by 0x80BFE19: do_clean_named_io_objs (in /home/mauke/usr/bin/perl) ==3492== by 0x80BF922: S_visit (in /home/mauke/usr/bin/perl) ==3492== by 0x80BFE76: Perl_sv_clean_objs (in /home/mauke/usr/bin/perl) ==3492== by 0x81253CF: perl_destruct (in /home/mauke/usr/bin/perl) ==3492== by 0x8062104: main (in /home/mauke/usr/bin/perl) ==3492== Address 0x0 is not stack'd, malloc'd or (recently) free'd

