-
Notifications
You must be signed in to change notification settings - Fork 560
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
null ptr deref -> Perl_find_lexical_cv () at op.c:11235 #14596
Comments
From @geeknikBuilt v5.21.10 (v5.21.9-259-g88d9f32) with the following command line: ./Configure -des -Dusedevel -DDEBUGGING -Dcc=afl-gcc -Doptimize=-O2\ -g && AFL_HARDEN=1 make -j12 test-prep Bug found with AFL (http://lcamtuf.coredump.cx/afl) Valgrind: GDB: Program received signal SIGSEGV, Segmentation fault. Hexdump of the 25-byte test case: System Info: Debian 7, Kernel 3.2.65-1+deb7u1 x86_64, GCC 4.9.2, libc 2.13-38+deb7u8 |
From @geeknik |
From @hvdsI think the pad-related debug may be significant: % ./miniperl -DXv -ce '0{my@m{uc&h@0;0;sub{sub{h' I'm not sure what any of that means, but it seems odd that we addname "&h" at line 7 of the output, and odder that we haven't attempted a findlex first; this appears to be because PL_in_my remains true when we reach S_pending_ident(PL_tokenbuf="&h") inside the braces of '0{my@m{&h' whereas it is false at the same point without the leading '0'. (We also seem rather inconsistent about size and sign of seq in the debug output, not sure if there's any good reason for that.) Bisect points to: commit f815dc1 Inline list constants .. which is maybe somehow interacting with the lexical sub support. Hugo |
The RT System itself - Status changed from 'new' to 'open' |
From @cpansproutOn Sat Mar 21 04:35:54 2015, hv wrote:
my &h will cause &h to be added to the pad, but it also generates a syntax error. When there are syntax errors, the lexer sometimes gets confused as to what a ‘my’ is meant to apply to. Extra pad entries like an empty &h shouldn’t cause any problems, but it seems the pads are getting corrupted somehow.
That’s what I was referring to about lexer confusion above. As long as it works correctly in the absence of syntax errors, that should suffice.
I think that’s a red herring. -- Father Chrysostomos |
From @geeknikperl -e 'm0{0\my}sub H;0;sub{sub{H' points to a slightly different line in op.c: Perl_find_lexical_cv () at op.c:11239 |
From [Unknown Contact. See original ticket]perl -e 'm0{0\my}sub H;0;sub{sub{H' points to a slightly different line in op.c: Perl_find_lexical_cv () at op.c:11239 |
From @geeknik~/perl/miniperl -DXv -ce 'm0{0\my}sub H;0;sub{sub{H' |
From @cpansproutThis variation loops: ./miniperl -e '0{my&h@0;0;sub{sub{h' I think this line in find_lexical_cv is wrong: compcv = CvOUTSIDE(PL_compcv); It should be CvOUTSIDE(compcv). -- Father Chrysostomos |
From @cpansproutOn Fri Mar 27 09:35:52 2015, sprout wrote:
It has nothing to do with syntax errors. This example demonstrates the problem more clearly (to me, at least): $ ./perl -Ilib -Mfeature=:all -e 'my sub h; sub{my $x; sub{h}}' I have now fixed it in d655d9a. -- Father Chrysostomos |
@cpansprout - Status changed from 'open' to 'pending release' |
From @khwilliamsonThank you for submitting this ticket. The issue should now be resolved with the release today of Perl v5.22, which is available at http://www.perl.org/get.html |
@khwilliamson - Status changed from 'pending release' to 'resolved' |
Migrated from rt.perl.org#124099 (status was 'resolved')
Searchable as RT124099$
The text was updated successfully, but these errors were encountered: