[perl #90006] cloning crashes during Out of Memory

Perl's malloc has a $^M facility to create an emergency memory
allocation during an Out Of Memory crisis. This requires accessing
PL_defstash. In perl_clone_using(), in debugging builds, the Idefstash
field was intially poisoned, and before it had a chance to be properly
initialised, malloc() may have been called.

Fix this by initialising PL_defstash to NULL early on.

diff --git a/sv.c b/sv.c
index f0d725317078ab0c8bdde0a42e773dca2ac34aed..d75bfbe658324f41d7f8807d5b64a4b06956c5d4 100644 (file)
--- a/sv.c
+++ b/sv.c
@@ -12822,6 +12822,7 @@ perl_clone_using(PerlInterpreter *proto_perl, UV flags,
     PoisonNew(my_perl, 1, PerlInterpreter);
     PL_op = NULL;
     PL_curcop = NULL;
+    PL_defstash = NULL; /* may be used by perl malloc() */
     PL_markstack = 0;
     PL_scopestack = 0;
     PL_scopestack_name = 0;