New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Segmentation fault in S_do_trans_count #15043
Comments
From @dcollinsnGreetings Porters, I have compiled bleadperl with the afl-gcc compiler using: ./Configure -Dusedevel -Dprefix='/usr/local/perl-afl' -Dcc='ccache afl-gcc' -Duselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -des And then fuzzed the resulting binary using: AFL_NO_VAR_CHECK=1 afl-fuzz -i in -o out bin/perl @@ After reducing testcases using `afl-tmin` and performing additional minimization by hand, I have located the following testcase that triggers a segmentation fault. The testcase is the file: /(?{s0})|(?{s0:})/|s|||eg|y||| **GDB** (gdb) run Program received signal SIGSEGV, Segmentation fault. **VALGRIND** ==61036== Memcheck, a memory error detector **PERL -V** dcollins@nightshade64:/usr/local/perl-afl$ ./bin/perl -V Characteristics of this binary (from libperl): |
From @ap* Dan Collins <perlbug-followup@perl.org> [2015-11-11 04:05]:
This does not reproduce on 5.16.1. The general form turns out to be /(?{ 'string' })|(?{ LABEL: })/ | s///eg | y/// Removing the /e on the substitution causes it to throw an exception that Can't coerce UNKNOWN to string in substitution (s///) at t.pl line 1. Putting an eval{} around the substitution to prevent the exception from |
The RT System itself - Status changed from 'new' to 'open' |
From @khwilliamsonOn 11/15/2015 09:51 PM, Aristotle Pagaltzis wrote:
I bisected this with this result: The first commit is make calling of /(?{}) code blocks correct The second is make perl build again on non-DEBUGGING builds The PL_block_type debugging-only array is now used indeirectly in |
@iabyn - Status changed from 'open' to 'resolved' |
From @iabynOn Sun, Nov 15, 2015 at 10:29:55PM -0700, Karl Williamson wrote:
The problem appears to have gone away in 5.23.8, so I'll close this commit 1dfbe6b add old_tmpsfloor field to CXt_SUB context frame -- |
Migrated from rt.perl.org#126613 (status was 'resolved')
Searchable as RT126613$
The text was updated successfully, but these errors were encountered: