Bug 839788 - NULL pointer dereference in Perl
Summary: NULL pointer dereference in Perl
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: perl
Version: 6.3
Hardware: x86_64
OS: Linux
Target Milestone: rc
: ---
Assignee: Petr Pisar
QA Contact: Martin Kyral
URL: https://rt.perl.org/rt3//Public/Bug/D...
Depends On:
Blocks: 947775 960054
TreeView+ depends on / blocked
Reported: 2012-07-12 20:33 UTC by john.r.moser
Modified: 2018-12-03 17:41 UTC (History)
6 users (show)

Fixed In Version: perl-5.10.1-132.el6
Doc Type: Bug Fix
Doc Text:
Cause: Exiting scope of an object whose desctructor method has been declared but has not been defined. Consequence: The Perl interpreter crashes. Fix: Variable dealocator has been fixed not to dereference NULL pointer that designated undefined destructor method. Result: Interpreter copes with undefined destructors properly.
Clone Of:
Last Closed: 2013-11-21 04:40:44 UTC
Target Upstream Version:

Attachments (Terms of Use)
Patch for perl bug 71952 (1019 bytes, patch)
2012-07-17 19:51 UTC, john.r.moser
no flags Details | Diff
RPM spec file, modified from perl-5.10.1-127.el6 (84.07 KB, text/plain)
2012-09-07 22:27 UTC, Will Saxon
no flags Details
modified patch (1008 bytes, patch)
2012-09-07 22:28 UTC, Will Saxon
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1534 0 normal SHIPPED_LIVE perl bug fix and enhancement update 2013-11-20 21:40:56 UTC

Description john.r.moser 2012-07-12 20:33:00 UTC
Description of problem:

When trying to run PandoraFMS agent, Perl segfaults.  I have traced this to a bug as per the following URL:


Version-Release number of selected component (if applicable):

perl.x86_64                        4:5.10.1-127.el6                        @base

[root@pandora pandora_server]# perl -Mthreads -e 'print "$threads::VERSION\n"'

How reproducible:

Extremely.  Here's a test command:

[root@pandora pandora_server]# perl -e "sub M::DESTROY; bless {}, M;"
Segmentation fault

Steps to Reproduce:
1. The following command specifically triggers this bug:

  perl -e "sub M::DESTROY; bless {}, M;"

Additionally, you could attempt to run PandoraFMS agent on x86-64 running RedHat 6.3.  It sends one alert, then segfaults the second round.

Actual results:

Segmentation fault.

perl[19896]: segfault at 0 ip 00007f41a5694d6c sp 00007fffe20e3050 error 4 in libperl.so[7f41a55dc000+162000]

pandora_agent[19528] general protection ip:7f69181eafd0 sp:7f690e55ba40 error:0 in libperl.so[7f6918156000+162000]

Note that in any case the fault is in libperl.so, 162000 bytes from the base of the library's load address.  The fault is thus extremely reproducible and can easily be traced by running the given perl one-liner through perl while watching with a debugger.  A newer version of perl may have the bug fixed already; current is 5.16.

Expected results:

Should work.

Additional info:

This particular issue should have been fixed in threads 1.73, yet it still exists in version 1.82 of Perl threads on RHEL 6.3.  This leads me to believe there's another coding error responsible that's not triggered on x86, but is on x86-64.

Comment 2 john.r.moser 2012-07-16 13:02:57 UTC
According to tests, this also segfaults in Perl 5.11.0.  A fellow on Freenode ran the above test through his development environment and reports:

All stable releases between and including 5.6.2 and 5.10.0 x86_64 Perl run the code without crashing.

All stable releases from and including 5.12 and above run the code without crashing.

Perl releases 5.10.1 and 5.11.0 segfault on the above test case.

Comment 3 john.r.moser 2012-07-17 19:38:07 UTC

Appears to be this exact bug!

Comment 4 john.r.moser 2012-07-17 19:51:51 UTC
Created attachment 598738 [details]
Patch for perl bug 71952

Patch as per perl #71952:


Comment 5 Marcela Mašláňová 2012-07-18 10:55:33 UTC
Thank you for the report and the patch.

Comment 7 Jon Hermansen 2012-08-02 23:06:19 UTC
I'm experiencing this same bug while using Thread::Pool::Simple on CentOS 6.3. Would be great to see it fixed!

Comment 8 Will Saxon 2012-09-07 22:25:28 UTC
I rebuilt perl based on the SRPM using this patch, and it seems to work. I had to modify the spec file and the patch so that it would apply cleanly. I'll attach both to this bug.

Comment 9 Will Saxon 2012-09-07 22:27:37 UTC
Created attachment 610850 [details]
RPM spec file, modified from perl-5.10.1-127.el6

Comment 10 Will Saxon 2012-09-07 22:28:46 UTC
Created attachment 610851 [details]
modified patch

this is modified from the original patch to apply cleanly against the perl-5.10.1-127.el6 SRPM as new patch 23.

Comment 18 errata-xmlrpc 2013-11-21 04:40:44 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.