Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEGFAULT when trying to reference a non-code ref as a code ref #13132

Closed
p5pRT opened this issue Jul 28, 2013 · 6 comments
Closed

SEGFAULT when trying to reference a non-code ref as a code ref #13132

p5pRT opened this issue Jul 28, 2013 · 6 comments
Labels
distro-Linux type-core

Comments

@p5pRT
Copy link

p5pRT commented Jul 28, 2013

Migrated from rt.perl.org#119051 (status was 'resolved')

Searchable as RT119051$
@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

From @kentfredric

Created by @kentfredric

The following code snippet causes Perl to segfault :

$Foo​::nosub = undef;
my $ref = *Foo​::->{nosub};
my $deref = \&$ref;

warnings and string pragmas have no impact on behaviour.

Granted, this code is somewhat illogical.

Fails on 5.18 and 5.19.2 , but not on 5.16.0

Perl Info 

Flags:
    category=core
    severity=medium

Site configuration information for perl 5.19.2:

Configured by kent at Mon Jul 29 02:03:47 NZST 2013.

Summary of my perl5 (revision 5 version 19 subversion 2) configuration:

  Platform:
    osname=linux, osvers=3.10.0-gentoo, archname=x86_64-linux
    uname='linux katipo2 3.10.0-gentoo #38 smp fri jul 5 08:22:15 nzst
2013 x86_64 intel(r) core(tm) i5-2410m cpu @ 2.30ghz genuineintel
gnulinux '
    config_args='-de
-Dprefix=/home/kent/perl5/perlbrew/perls/perl-5.19.2 -Dusedevel
-Aeval:scriptdir=/home/kent/perl5/perlbrew/perls/perl-5.19.2/bin'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-fno-strict-aliasing -pipe -fstack-protector
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2',
    cppflags='-fno-strict-aliasing -pipe -fstack-protector'
    ccversion='', gccversion='4.7.2', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t',
lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -fstack-protector'
    libpth=/lib/../lib64 /usr/lib/../lib64 /lib /usr/lib /lib64 /usr/lib64
    libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc -lgdbm_compat
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
    libc=/lib/libc-2.15.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.15'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -fstack-protector'



@INC for perl 5.19.2:
    /home/kent/perl5/perlbrew/perls/perl-5.19.2/lib/site_perl/5.19.2/x86_64-linux
    /home/kent/perl5/perlbrew/perls/perl-5.19.2/lib/site_perl/5.19.2
    /home/kent/perl5/perlbrew/perls/perl-5.19.2/lib/5.19.2/x86_64-linux
    /home/kent/perl5/perlbrew/perls/perl-5.19.2/lib/5.19.2
    .


Environment for perl 5.19.2:
    HOME=/home/kent
    LANG (unset)
    LANGUAGE (unset)
    LC_CTYPE=en_NZ.UTF8
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/kent/perl5/perlbrew/bin:/home/kent/perl5/perlbrew/perls/perl-5.19.2/bin:/home/kent/.perl6/2013.04/bin:/home/kent/.gem/ruby/1.8/bin/:/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.7.2:/usr/games/bin
    PERLBREW_BASHRC_VERSION=0.61
    PERLBREW_HOME=/home/kent/.perlbrew
    PERLBREW_MANPATH=/home/kent/perl5/perlbrew/perls/perl-5.19.2/man
    PERLBREW_PATH=/home/kent/perl5/perlbrew/bin:/home/kent/perl5/perlbrew/perls/perl-5.19.2/bin
    PERLBREW_PERL=perl-5.19.2
    PERLBREW_ROOT=/home/kent/perl5/perlbrew
    PERLBREW_VERSION=0.61
    PERL_BADLANG (unset)
    SHELL=/bin/bash

@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

From @cpansprout

On Sun Jul 28 07​:21​:40 2013, kentfredric@​gmail.com wrote​:

The following code snippet causes Perl to segfault :

$Foo​::nosub = undef;
my $ref = *Foo​::->{nosub};

What you have there is a glob, not a reference.

my $deref = \&$ref;

It was probably this commit that caused it​:

commit 186a5ba
Author​: Father Chrysostomos <sprout@​cpan.org>
Date​: Wed Jun 13 22​:46​:40 2012 -0700

  Don’t create pads for sub stubs

The bug can be reduced to this​:

$ref = *Foo​::nosub;
\&$ref;

The assignment creates a glob copy (coercible glob; one that downgrades
back to a simple scalar when assigned to).

\&$ref autovivifies a stub in that glob.

Stub autovivification used to stringify the glob, look it up again by
name, and then vivify the stub in the glob.

I removed what seemed like a waste of CPU cycles, but apparently it
served some purpose.

I suspect the correct fix is to do stringfy-and-lookup if the glob is
coercible (SvFAKE).

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

From @cpansprout

On Sun Jul 28 08​:10​:02 2013, sprout wrote​:

On Sun Jul 28 07​:21​:40 2013, kentfredric@​gmail.com wrote​:

The following code snippet causes Perl to segfault :

$Foo​::nosub = undef;
my $ref = *Foo​::->{nosub};

What you have there is a glob, not a reference.

my $deref = \&$ref;

It was probably this commit that caused it​:

commit 186a5ba
Author​: Father Chrysostomos <sprout@​cpan.org>
Date​: Wed Jun 13 22​:46​:40 2012 -0700

Don’t create pads for sub stubs

The bug can be reduced to this​:

$ref = *Foo​::nosub;
\&$ref;

The assignment creates a glob copy (coercible glob; one that downgrades
back to a simple scalar when assigned to).

\&$ref autovivifies a stub in that glob.

Stub autovivification used to stringify the glob, look it up again by
name, and then vivify the stub in the glob.

I removed what seemed like a waste of CPU cycles, but apparently it
served some purpose.

I didn’t finish explaining before I sent that​: Every sub has a pointer
to its GV. In this case, the pointer was pointing to the glob copy,
which got downgraded to an undef scalar on scope exit. Then later
bookkeeping code tried to use it as a glob.

I suspect the correct fix is to do stringfy-and-lookup if the glob is
coercible (SvFAKE).

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

From @cpansprout

On Sun Jul 28 08​:10​:02 2013, sprout wrote​:

On Sun Jul 28 07​:21​:40 2013, kentfredric@​gmail.com wrote​:

The following code snippet causes Perl to segfault :

$Foo​::nosub = undef;
my $ref = *Foo​::->{nosub};

What you have there is a glob, not a reference.

my $deref = \&$ref;

It was probably this commit that caused it​:

commit 186a5ba
Author​: Father Chrysostomos <sprout@​cpan.org>
Date​: Wed Jun 13 22​:46​:40 2012 -0700

Don’t create pads for sub stubs

The bug can be reduced to this​:

$ref = *Foo​::nosub;
\&$ref;

I have fixed this in 2f222bb. The bug is actually older than 186a5ba,
but was harder to trigger. See the second test in the commit.

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Jul 28, 2013

@cpansprout - Status changed from 'open' to 'resolved'

@p5pRT p5pRT closed this as completed Jul 28, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
distro-Linux type-core
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@p5pRT