search

Perl / perl5

🐪 The Perl programming language
https://dev.perl.org/perl5/
Other
1.98k stars 559 forks source link

segfault in S_mg_findext_flags() #15942

Open p5pRT opened 7 years ago

p5pRT commented 7 years ago

Migrated from rt.perl.org#131101 (status was 'open')

Searchable as RT131101$

p5pRT commented 7 years ago

From @geeknik

Triggered with v5.25.11-28-g5fc3895. Compiled with afl-clang-fast on Debian 8 x64.

#0 0x82fa26 in S_mg_findext_flags /root/perl/mg.c​:413​:10 #1 0x82fa26 in Perl_mg_find_mglob /root/perl/mg.c​:462 #2 0x8d20fc in Perl_pp_match /root/perl/pp_hot.c​:2129​:18 #3 0x80077b in Perl_runops_debug /root/perl/dump.c​:2451​:23 #4 0x5a2073 in S_run_body /root/perl/perl.c​:2524​:2 #5 0x5a2073 in perl_run /root/perl/perl.c​:2447 #6 0x4de98d in main /root/perl/perlmain.c​:123​:9 #7 0x7ff1449c5b44 in __libc_start_main /build/glibc-qK83Be/glibc-2.19/csu/libc-start.c​:287 #8 0x4de5fc in _start (/root/perl/perl+0x4de5fc)

p5pRT commented 7 years ago

From @geeknik

test043

p5pRT commented 7 years ago

From @iabyn

On Tue\, Apr 04\, 2017 at 04​:51​:50PM -0700\, Brian Carpenter wrote​:

# New Ticket Created by Brian Carpenter # Please include the string​: [perl #131101] # in the subject line of all future correspondence about this issue. # \<URL​: https://rt-archive.perl.org/perl5/Ticket/Display.html?id=131101 >

Triggered with v5.25.11-28-g5fc3895. Compiled with afl-clang-fast on Debian 8 x64.

#0 0x82fa26 in S_mg_findext_flags /root/perl/mg.c​:413​:10 #1 0x82fa26 in Perl_mg_find_mglob /root/perl/mg.c​:462 #2 0x8d20fc in Perl_pp_match /root/perl/pp_hot.c​:2129​:18 #3 0x80077b in Perl_runops_debug /root/perl/dump.c​:2451​:23 #4 0x5a2073 in S_run_body /root/perl/perl.c​:2524​:2 #5 0x5a2073 in perl_run /root/perl/perl.c​:2447 #6 0x4de98d in main /root/perl/perlmain.c​:123​:9 #7 0x7ff1449c5b44 in __libc_start_main /build/glibc-qK83Be/glibc-2.19/csu/libc-start.c​:287 #8 0x4de5fc in _start (/root/perl/perl+0x4de5fc)

It can be reduced to

  map /x/g\, (%h = ("y"\, 0))\, (%h = ("y"\, 0))

It's a stack-not-refcounted bug.

-- A power surge on the Bridge is rapidly and correctly diagnosed as a faulty capacitor by the highly-trained and competent engineering staff.   -- Things That Never Happen in "Star Trek" #9

p5pRT commented 7 years ago

The RT System itself - Status changed from 'new' to 'open'