From typester@cpan.org

Created by typester@cpan.org

I found perl causes a segmentafion fault by following code​:

  local *STDOUT;
  eval q[$|++];

I also tested this on 5.14.2 and 5.16.1 on both Linux and OS X, and all got same result.

Flags:
    category=core
    severity=low

Site configuration information for perl 5.14.1:

Configured by typester at Fri Jul 22 18:32:13 JST 2011.

Summary of my perl5 (revision 5 version 14 subversion 1) configuration:
   
  Platform:
    osname=darwin, osvers=11.0.0, archname=darwin-2level
    uname='darwin kamaitachi.local 11.0.0 darwin kernel version 11.0.0: sat jun 18 12:56:35 pdt 2011; root:xnu-1699.22.73~1release_x86_64 x86_64 '
    config_args='-de -Dprefix=/Users/typester/perl5/perlbrew/perls/perl-5.14.1'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-fno-common -DPERL_DARWIN -fno-strict-aliasing -pipe -fstack-protector',
    optimize='-O3',
    cppflags='-fno-common -DPERL_DARWIN -fno-strict-aliasing -pipe -fstack-protector'
    ccversion='', gccversion='4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2335.15.00)', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='env MACOSX_DEPLOYMENT_TARGET=10.3 cc', ldflags =' -fstack-protector'
    libpth=/usr/lib
    libs=-ldbm -ldl -lm -lutil -lc
    perllibs=-ldl -lm -lutil -lc
    libc=, so=dylib, useshrplib=false, libperl=libperl.a
    gnulibc_version=''
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=bundle, d_dlsymun=undef, ccdlflags=' '
    cccdlflags=' ', lddlflags=' -bundle -undefined dynamic_lookup -fstack-protector'

Locally applied patches:
    


@INC for perl 5.14.1:
    /Users/typester/perl5/perlbrew/perls/perl-5.14.1/lib/site_perl/5.14.1/darwin-2level
    /Users/typester/perl5/perlbrew/perls/perl-5.14.1/lib/site_perl/5.14.1
    /Users/typester/perl5/perlbrew/perls/perl-5.14.1/lib/5.14.1/darwin-2level
    /Users/typester/perl5/perlbrew/perls/perl-5.14.1/lib/5.14.1
    .


Environment for perl 5.14.1:
    DYLD_LIBRARY_PATH (unset)
    HOME=/Users/typester
    LANG=ja_JP.UTF-8
    LANGUAGE (unset)
    LC_COLLATE=ja_JP.UTF-8
    LC_CTYPE=ja_JP.UTF-8
    LC_MESSAGES=C
    LC_MONETARY=ja_JP.UTF-8
    LC_NUMERIC=ja_JP.UTF-8
    LC_TIME=ja_JP.UTF-8
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/Users/typester/.rvm/gems/ruby-1.9.3-p194/bin:/Users/typester/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/typester/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/typester/.rvm/bin:/Users/typester/.pythonbrew/bin:/Users/typester/.pythonbrew/pythons/Python-2.7.2/bin:/Users/typester/homebrew/bin:/Users/typester/perl5/perlbrew/bin:/Users/typester/perl5/perlbrew/perls/perl-5.14.1/bin:/usr/local/git/bin:/Users/typester/bin:/usr/local/ffmpeg/bin:/usr/local/mysql/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/opt/X11/bin:/Users/typester/.rvm/gems/ruby-1.9.3-p194/bin:/Users/typester/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/typester/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/typester/.rvm/bin:/Users/typester/homebrew/bin:/Users/typester/homebrew/sbin:/Users/typester/.rvm/bin
    PERLBREW_HOME=/Users/typester/.perlbrew
    PERLBREW_PATH=/Users/typester/perl5/perlbrew/bin:/Users/typester/perl5/perlbrew/perls/perl-5.14.1/bin
    PERLBREW_PERL=perl-5.14.1
    PERLBREW_ROOT=/Users/typester/perl5/perlbrew
    PERLBREW_VERSION=0.27
    PERL_BADLANG (unset)
    PERL_CPANM_DEV=1
    SHELL=/Users/typester/homebrew/bin/zsh

From @bulk88

On Tue Oct 09 16​:21​:53 2012, typester@​cpan.org wrote​:

This is a bug report for perl from typester@​cpan.org,
generated with the help of perlbug 1.39 running under perl 5.14.1.

-----------------------------------------------------------------
[Please describe your issue here]

I found perl causes a segmentafion fault by following code​:

local \*STDOUT;
eval q\[$|\+\+\];

I also tested this on 5.14.2 and 5.16.1 on both Linux and OS X, and
all got same result.

Got a crash on Perl 5.12 Visual C 2003 -DEBUGGING in Win XP and on Perl
5.17 VC 2003 no DEBUGGING in Win XP. Both happened at the same exact
line. To get some clarity on that macro
filled line, "1917 sv_setiv(GvSVn(gv),
(IV)(IoFLAGS(GvIOp(PL_defoutgv)) & IOf_FLUSH) != 0);" I turned it into
_____________________________________________________________
  case '|'​:{ /* $| */
  SV * iosv = GvIOp(PL_defoutgv);
  IV io_flags = (IV)(IoFLAGS(iosv) & IOf_FLUSH) != 0;
  SV * gvsvn_res = GvSVn(gv);
  sv_setiv(gvsvn_res, io_flags);
  goto magicalize;
  }
_____________________________________________________________

The crash happened at " IV io_flags = (IV)(IoFLAGS(iosv) & IOf_FLUSH) != 0;"
because iosv from "SV * iosv = GvIOp(PL_defoutgv);" is NULL. Attached is
a pic which is a dump of PL_defoutgv and the callstack at the crash.
Fixing this is beyond my knowledge, so I am done here.

From @bulk88

localstdout.PNG

The RT System itself - Status changed from 'new' to 'open'

From @jkeenan

On Tue Oct 09 16​:21​:53 2012, typester@​cpan.org wrote​:

This is a bug report for perl from typester@​cpan.org,
generated with the help of perlbug 1.39 running under perl 5.14.1.

I found perl causes a segmentation fault by following code​:

local \*STDOUT;
eval q\[$|\+\+\];

I also tested this on 5.14.2 and 5.16.1 on both Linux and OS X, and
all got same result.

Similar results, as one would expect, with​:

#####
perl -e 'eval q[use English;$OUTPUT_AUTOFLUSH++];'
#####

From @cpansprout

On Tue Oct 09 18​:02​:07 2012, bulk88 wrote​:

On Tue Oct 09 16​:21​:53 2012, typester@​cpan.org wrote​:

This is a bug report for perl from typester@​cpan.org,
generated with the help of perlbug 1.39 running under perl 5.14.1.

-----------------------------------------------------------------
[Please describe your issue here]

I found perl causes a segmentafion fault by following code​:

local \*STDOUT;
eval q\[$|\+\+\];

I also tested this on 5.14.2 and 5.16.1 on both Linux and OS X, and
all got same result.

Got a crash on Perl 5.12 Visual C 2003 -DEBUGGING in Win XP and on Perl
5.17 VC 2003 no DEBUGGING in Win XP. Both happened at the same exact
line. To get some clarity on that macro
filled line, "1917 sv_setiv(GvSVn(gv),
(IV)(IoFLAGS(GvIOp(PL_defoutgv)) & IOf_FLUSH) != 0);" I turned it into
_____________________________________________________________
case '|'​:{ /* $| */
SV * iosv = GvIOp(PL_defoutgv);
IV io_flags = (IV)(IoFLAGS(iosv) & IOf_FLUSH) != 0;
SV * gvsvn_res = GvSVn(gv);
sv_setiv(gvsvn_res, io_flags);
goto magicalize;
}
_____________________________________________________________

The crash happened at " IV io_flags = (IV)(IoFLAGS(iosv) & IOf_FLUSH)
!= 0;"
because iosv from "SV * iosv = GvIOp(PL_defoutgv);" is NULL. Attached is
a pic which is a dump of PL_defoutgv and the callstack at the crash.
Fixing this is beyond my knowledge, so I am done here.

Thank you. That means it is crashing when $| is autovivified.

I’ve just fixed the crash locally, but I’m having trouble pushing​:

$ git push origin blead
Counting objects​: 16, done.
Delta compression using up to 2 threads.
Compressing objects​: 100% (11/11), done.
Writing objects​: 100% (11/11), 1.34 KiB, done.
Total 11 (delta 9), reused 0 (delta 0)
error​: file write error (No space left on device)
fatal​: unable to write sha1 file
error​: unpack failed​: unpack-objects abnormal exit
To ssh​://perl5.git.perl.org/gitroot/perl.git
! [remote rejected] blead -> blead (n/a (unpacker error))
error​: failed to push some refs to
'ssh​://perl5.git.perl.org/gitroot/perl.git'

I doubt the ‘No space left on device’ comes from this end, as I have 73
gigaoctets of free space.

--

Father Chrysostomos

From dennis.kaarsemaker@booking.com

On Tue, 2012-10-09 at 21​:32 -0700, Father Chrysostomos via RT wrote​:

I’ve just fixed the crash locally, but I’m having trouble pushing​:

Some(one|thing) decided to grab a bunch of snapshots overnight. These
get cached locally and filled up the disk faster than nagios and me
spotted it. Cleaned up now.

--
Dennis Kaarsemaker, Systems Architect
Booking.com
Herengracht 597, 1017 CE Amsterdam
Tel external +31 (0) 20 715 3409
Tel internal (7207) 3409

From dennis.kaarsemaker@booking.com

On Wed, 2012-10-10 at 10​:03 +0200, Dennis Kaarsemaker wrote​:

On Tue, 2012-10-09 at 21​:32 -0700, Father Chrysostomos via RT wrote​:

I’ve just fixed the crash locally, but I’m having trouble pushing​:

Some(one|thing) decided to grab a bunch of snapshots overnight. These
get cached locally and filled up the disk faster than nagios and me
spotted it. Cleaned up now.

Yup, incredibly stupid chinese spider, now blackholed.

--
Dennis Kaarsemaker, Systems Architect
Booking.com
Herengracht 597, 1017 CE Amsterdam
Tel external +31 (0) 20 715 3409
Tel internal (7207) 3409

From @cpansprout

On Wed Oct 10 01​:20​:36 2012, dennis.kaarsemaker@​booking.com wrote​:

On Wed, 2012-10-10 at 10​:03 +0200, Dennis Kaarsemaker wrote​:

On Tue, 2012-10-09 at 21​:32 -0700, Father Chrysostomos via RT wrote​:

I’ve just fixed the crash locally, but I’m having trouble pushing​:

Some(one|thing) decided to grab a bunch of snapshots overnight. These
get cached locally and filled up the disk faster than nagios and me
spotted it. Cleaned up now.

Yup, incredibly stupid chinese spider, now blackholed.

Thank you.

This bug is now fixed in 4505a31.

--

Father Chrysostomos

@cpansprout - Status changed from 'open' to 'resolved'