-
Notifications
You must be signed in to change notification settings - Fork 560
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEGV in S_study_chunk - access inside an unallocated block in arena "client" #14997
Comments
From @dcollinsnGreetings Porters, I have compiled bleadperl with the afl-gcc compiler using: ./Configure -Dusedevel -Dprefix='/usr/local/perl-afl' -Dcc='ccache afl-gcc' -Duselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -des And then fuzzed the resulting binary using: AFL_NO_VAR_CHECK=1 afl-fuzz -i in -o out bin/perl @@ After reducing testcases using `afl-tmin` and performing additional minimization by hand, I have located the following testcase that triggers a segmentation fault in the perl interpreter. The testcase is the file: /(?:.||)(?|)000000000@/ This one comes with a valgrind message I haven't seen before, and a search of RT reveals no open tickets referencing S_study_chunk. **GDB** (gdb) run Program received signal SIGSEGV, Segmentation fault. **VALGRIND** ==41612== Memcheck, a memory error detector **PERL -V** Summary of my perl5 (revision 5 version 23 subversion 4) configuration: Characteristics of this binary (from libperl): |
From @khwilliamsonOn 10/19/2015 08:30 PM, Dan Collins (via RT) wrote:
I have bisected this to the following commit 3018b82 is the first bad commit Consolidate some regex OPS The regular rexpression operation POSIXA works on any of the It causes these ops to be generated instead of the ALNUM, DIGIT, The reason to do this is for maintenance. As of this commit, there are This patch actually reduces the number of separate code paths to 5: Removing all this code saves memory. The output of the Linux size The reason this patch was doable was previous work in numbering the I chose to make this code more efficient as opposed to saving even more The Perl test suite runs slightly faster on my platform with this patch
I |
The RT System itself - Status changed from 'new' to 'open' |
From @khwilliamsonThanks for reporting this. Fixed by b297756 |
@khwilliamson - Status changed from 'open' to 'pending release' |
From @khwilliamsonThank you for submitting this report. You have helped make Perl better. Perl 5.24.0 may be downloaded via https://metacpan.org/release/RJBS/perl-5.24.0 |
@khwilliamson - Status changed from 'pending release' to 'resolved' |
Migrated from rt.perl.org#126405 (status was 'resolved')
Searchable as RT126405$
The text was updated successfully, but these errors were encountered: