New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sv.c:2612: Perl_sv_2nv_flags: Assertion `SvTYPE(sv) != SVt_PVAV && SvTYPE(sv) != SVt_PVHV && SvTYPE(sv) != SVt_PVFM' failed #15849
Comments
From @dur-randirCreated by @dur-randirWhile fuzzing perl v5.25.8-216-gfbceb79751 built with afl and run printf my(%c):_ to cause an assertion failure, even when run under -c for a syntax 69974ce is the first bad commit [perl #103492] Give lvalue cx to (s)printf args Or potential lvalue context, like function calls. The %n format code’s existence renders these two very much like func- This allows sprintf("...%n", substr ...) to work. GDB info about the crash location: (gdb) bt Perl Info
|
From @dur-randirCreated by @dur-randirWhile fuzzing perl v5.25.9-35-g32207c637b built with afl and run $INC{'attributes.pm'} = 1, eval q!-my(%c):_! to cause an assertion failure. GDB info about the crash location: (gdb) bt Perl Info
|
From @iabynOn Sun, Jan 29, 2017 at 07:26:25AM -0800, Sergey Aleynikov wrote:
This can be simplified to package Foo; -(my %c : someattr); The problem is that my %c : someattr; gets compiled as my %c; but the code which injects all those extra entersub etc ops doesn't seem -(my %c : someattr); gets compiled as something a bit like -( my %c, attributes->import('Foo', \%c, 'someattr)); except that the first padhv[%c] is compiled in void rather than scalar context, I'm not sure whether the attribute-handling code in op.c should be fixed -- |
The RT System itself - Status changed from 'new' to 'open' |
From @tonycozOn Sun, 22 Jan 2017 14:53:01 -0800, randir wrote:
This might be related to 130669. Tony |
The RT System itself - Status changed from 'new' to 'open' |
From @iabynOn Tue, Feb 28, 2017 at 07:35:52PM -0800, Tony Cook via RT wrote:
Yes, it looks to be the same underlying issue. I'll merge the tickets. -- |
Migrated from rt.perl.org#130669 (status was 'open')
Searchable as RT130669$
The text was updated successfully, but these errors were encountered: