Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Seg. fault with eval/use/UNITCHECK/DESTROY/eval combination #9970

Closed
p5pRT opened this issue Nov 17, 2009 · 7 comments
Closed

Seg. fault with eval/use/UNITCHECK/DESTROY/eval combination #9970

p5pRT opened this issue Nov 17, 2009 · 7 comments

Comments

@p5pRT
Copy link

@p5pRT p5pRT commented Nov 17, 2009

Migrated from rt.perl.org#70614 (status was 'resolved')

Searchable as RT70614$

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Nov 17, 2009

From @Abigail

Created by @Abigail

  $ cat Module.pm
  package Module;

  sub DESTROY {eval ""}
  UNITCHECK {my $x = bless []}

  1;
  $ perl -wE 'eval "use Module";'
  Segmentation fault
  $

Removing the eval in the DESTROY function, the UNITCHECK, changing
the eval in the main program to a plain C<< use Module; >>, or making
$x a package variable prevents the segmentation fault.

Running it as

  valgrind -v perl -wE 'eval "use Module";'

results in no errors, just a 5 byte memory leak.

Perl Info

Flags:
    category=core
    severity=low

Site configuration information for perl 5.10.1:

Configured by abigail at Sun Aug 23 22:26:52 CEST 2009.

Summary of my perl5 (revision 5 version 10 subversion 1) configuration:
   
  Platform:
    osname=linux, osvers=2.6.11-1.1369_fc4smp, archname=i686-linux-64int-ld
    uname='linux almanda 2.6.11-1.1369_fc4smp #1 smp thu jun 2 23:08:39 edt 2005 i686 i686 i386 gnulinux '
    config_args='-des -Dusedevel -Uversiononly -Dmydomain=.abigail.be -Dcf_email=abigail@abigail.be -Dperladmin=abigail@abigail.be -Doptimize=-g -Dcc=gcc -Dprefix=/opt/perl -Dusemorebits'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=undef, uselongdouble=define
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='gcc', ccflags ='-DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-g',
    cppflags='-DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include'
    ccversion='', gccversion='4.0.2 20051125 (Red Hat 4.0.2-8)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long long', ivsize=8, nvtype='long double', nvsize=12, Off_t='off_t', lseeksize=8
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
    libc=/lib/libc-2.3.5.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.3.5'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -g -L/usr/local/lib'

Locally applied patches:
    


@INC for perl 5.10.1:
    /home/abigail/Perl
    /opt/perl/lib/5.10.1/i686-linux-64int-ld
    /opt/perl/lib/5.10.1
    /opt/perl/lib/site_perl/5.10.1/i686-linux-64int-ld
    /opt/perl/lib/site_perl/5.10.1
    /opt/perl/lib/site_perl/5.10.0/i686-linux-64int-ld
    /opt/perl/lib/site_perl/5.10.0
    /opt/perl/lib/site_perl/5.8.8
    /opt/perl/lib/site_perl
    .


Environment for perl 5.10.1:
    HOME=/home/abigail
    LANG=en_US.UTF-8
    LANGUAGE (unset)
    LC_CTYPE=en_US.utf8
    LC_MESSAGES=en_US.utf8
    LD_LIBRARY_PATH=/home/abigail/Lib:/usr/local/lib:/usr/lib:/lib:/usr/X11R6/lib
    LOGDIR (unset)
    PATH=/home/abigail/Bin:/opt/perl/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/X11R6/bin:/usr/games:/opt/git/bin:/home/abigail/Perl/Photos:/home/abigail/Perl/Bin:/opt/mysql/bin
    PERL5LIB=/home/abigail/Perl
    PERLDIR=/opt/perl
    PERL_BADLANG (unset)
    SHELL=/bin/bash

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 28, 2009

From @jdhedden

$ cat Module.pm
package Module;

sub DESTROY {eval ""}
UNITCHECK {my $x = bless []}

1;
$ perl -wE 'eval "use Module";'
Segmentation fault

Under blead, and 5.10.1,
  perl -w -e 'eval "use Module";'
also core dumps.

Or more simply
  perl -MModule
core dumps sometimes, but at other times gives​:

syntax error at - line 0, near "use Module."
Execution of - aborted due to compilation errors.

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 28, 2009

The RT System itself - Status changed from 'new' to 'open'

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Mar 16, 2010

From @cpansprout

This case can be reduced to​:
eval "UNITCHECK{ eval 0 }"

(eval 0 triggers the bug more reliably than eval ''.)

The inner eval clobbers PL_eval_start, so when the UNITCHECK finishes,
the outer eval tries to call the inner eval’s code, which has been
freed already.

The attached patch saves PL_eval_start and restores it after UNITCHECK.

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Mar 16, 2010

From @cpansprout

Inline Patch
diff -Nurp blead/pp_ctl.c blead-70614/pp_ctl.c
--- blead/pp_ctl.c	2009-12-07 05:03:09.000000000 -0800
+++ blead-70614/pp_ctl.c	2009-12-09 12:36:38.000000000 -0800
@@ -3132,8 +3132,11 @@ S_doeval(pTHX_ int gimme, OP** startop, 
 	}
     }
 
-    if (PL_unitcheckav)
+    if (PL_unitcheckav) {
+	OP *es = PL_eval_start;
 	call_list(PL_scopestack_ix, PL_unitcheckav);
+	PL_eval_start = es;
+    }
 
     /* compiled okay, so do it */
 
diff -Nurp blead/t/op/blocks.t blead-70614/t/op/blocks.t
--- blead/t/op/blocks.t	2009-11-19 08:51:40.000000000 -0800
+++ blead-70614/t/op/blocks.t	2009-12-09 12:39:57.000000000 -0800
@@ -6,7 +6,7 @@ BEGIN {
     require './test.pl';
 }
 
-plan tests => 3;
+plan tests => 4;
 
 my @expect = qw(
 b1
@@ -105,3 +105,7 @@ sub CHECK {print ":check"}
 sub INIT {print ":init"}
 sub END {print ":end"}
 SCRIPT3
+
+fresh_perl_is(<<'SCRIPT70614', "still here",{switches => [''], stdin => '', stderr => 1 },'eval-UNITCHECK-eval (bug 70614)');
+eval "UNITCHECK { eval 0 }"; print "still here";
+SCRIPT70614

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Sep 23, 2010

From @cpansprout

On Tue Mar 16 07​:12​:13 2010, sprout wrote​:

This case can be reduced to​:
eval "UNITCHECK{ eval 0 }"

(eval 0 triggers the bug more reliably than eval ''.)

The inner eval clobbers PL_eval_start, so when the UNITCHECK finishes,
the outer eval tries to call the inner eval’s code, which has been
freed already.

The attached patch saves PL_eval_start and restores it after UNITCHECK.

Applied as 8ed4948.

Loading

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Sep 23, 2010

@cpansprout - Status changed from 'open' to 'resolved'

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant