While running spamassassin (the one in OpenBSD 4.0) my Perl (also OBSD 4.0) happened to segfault when learning what is spam. There is no suspicion on bad hardware, and this situation already happened in the past several times ocassionally.
There were 9153 spam messages in the folder. I'll try if I can isolate a single one that triggers it. It's actually segfaulting in libc in some hash manipulation routine but it's clear to me this can be a delayed memory corruption bug caused by some Perl binding or Perl itself. #0 0x00639d71 in memmove () from /usr/lib/libc.so.39.3 No symbol table info available. #1 0x0062fcb4 in __delpair (hashp=0x7d5a5200, bufp=0x870d8040, ndx=1707) at /usr/src/lib/libc/db/hash/hash_page.c:140 i = 2127618048 src = 0x7ed0e000 "\232\b{?v?q?l?g?b?]?X?S\b{?v?q?l?g?b?]?X?S?N?I?D???:?5?0?+?&?!?\234?\227?\222?\215?\210?\203?~?y?t?o?j?e?`?[?V?Q?L?G?B?=?8?3?.?)?$?\037?\032?\025?\020?\v?\006?\001?|>w>r>m>h>c>^>Y>T>O>J>E>@>;>6>1>,>'>">\235>\230>\223>\216>\211>\204>\177>z>u>p>k>f>a>\\>W>R>M>H>C>>>"... dst = 0xffffec1b <Address 0xffffec1b out of bounds> bp = (u_int16_t *) 0x7d5a5200 newoff = 4107 pairlen = 18 n = 2202 #2 0x0062b812 in hash_access (hashp=0x7d5a5200, action=HASH_PUT, key=0xcf7e2190, val=0xcf7e2188) at /usr/src/lib/libc/db/hash/hash.c:670 rbufp = (BUFHEAD *) 0x870d8040 bufp = (BUFHEAD *) 0x267a2a96 save_bufp = (BUFHEAD *) 0x870d8040 bp = (u_int16_t *) 0xffffec1b n = 2202 ndx = 1707 off = -1953344059 size = 5 kp = 0x8b9255c0 "\020\237^5u" pageno = 4107 #3 0x0557f083 in XS_DB_File_STORE () from /usr/libdata/perl5/i386-openbsd/5.8.8/auto/DB_File/DB_File.so No symbol table info available. #4 0x067ddd08 in Perl_pp_entersub () at /usr/src/gnu/usr.bin/perl/pp_hot.c:2877 av = (AV * const) 0x267a81b0 items = 645610516 markix = 0 sp = (SV **) 0x859c428c sv = (SV *) 0x876f43e4 gv = (GV *) 0x5 stash = (HV *) 0x0 cv = (CV *) 0x876f43e4 cx = (PERL_CONTEXT *) 0x267a81b0 gimme = 0 #5 0x068085b9 in Perl_runops_standard () at /usr/src/gnu/usr.bin/perl/run.c:37 No locals. #6 0x067ef008 in S_call_body (myop=0xcf7e22f0, is_eval=27 '\033') at /usr/src/gnu/usr.bin/perl/perl.c:2733 No locals. #7 0x067eef2e in Perl_call_sv (sv=0x85062030, flags=66) at /usr/src/gnu/usr.bin/perl/perl.c:2609 sp = (SV **) 0x859c428c myop = {op_next = 0x0, op_sibling = 0x0, op_ppaddr = 0x67dda50 <Perl_pp_entersub>, op_targ = 0, op_type = 0, op_seq = 0, op_flags = 66 'B', op_private = 0 '\0', op_first = 0x0, op_other = 0x0} method_op = {op_next = 0xcf7e22f0, op_sibling = 0x0, op_ppaddr = 0x67de738 <Perl_pp_method>, op_targ = 0, op_type = 0, op_seq = 0, op_flags = 0 '\0', op_private = 0 '\0', op_first = 0x0} oldmark = 0 retval = 0 oldscope = 23 oldcatch = 0 '\0' oldop = (OP *) 0x7c774380 cur_env = {je_prev = 0x8b9255e0, je_buf = {-2063196112, -813817160, 108820867, -2063196112, 0, 116, 0, 0, 0, 0, 645598328}, je_ret = -2063196112, je_mustcatch = 120 'x'} #8 0x067ee93c in Perl_call_method (methname=0x26796ab5 "STORE", flags=2) at /usr/src/gnu/usr.bin/perl/perl.c:2542 No locals. #9 0x067cc38c in S_magic_methcall (sv=0x876a4d98, mg=0x870d8420, meth=0x26796ab5 "STORE", flags=2, n=3, val=0x7ed1100b) at /usr/src/gnu/usr.bin/perl/mg.c:1492 sp = (SV **) 0x859c428c #10 0x067cc6e0 in Perl_magic_setpack (sv=0x876a4d98, mg=0x870d8420) at /usr/src/gnu/usr.bin/perl/mg.c:1529 next = (PERL_SI *) 0x3ffff402 sp = (SV **) 0x267b3578 #11 0x067ca62d in Perl_mg_set (sv=0x876a4d98) at /usr/src/gnu/usr.bin/perl/mg.c:236 vtbl = (const MGVTBL *) 0x3ffff402 mgs_ix = 792 mg = (MAGIC *) 0xffffec1b nextmg = (MAGIC *) 0x0 #12 0x067d7535 in Perl_pp_sassign () at /usr/src/gnu/usr.bin/perl/pp_hot.c:125 sp = (SV **) 0x816e6004 right = (SV *) 0x876a4d98 left = (SV *) 0x8506212c #13 0x068085b9 in Perl_runops_standard () at /usr/src/gnu/usr.bin/perl/run.c:37 No locals. #14 0x067ee5df in S_run_body (oldscope=1) at /usr/src/gnu/usr.bin/perl/perl.c:2368 No locals. #15 0x067ee533 in perl_run (my_perl=0x7dcc3030) at /usr/src/gnu/usr.bin/perl/perl.c:2285 oldscope = 1 ret = 1073738754 cur_env = {je_prev = 0x267b3740, je_buf = {108978918, 645598328, -813816740, -813816616, -813816484, -813816560, -813816568, 0, -2025615324, 160, -813826009}, je_ret = 3, je_mustcatch = 1 '\001'} #16 0x1c0012a6 in main () No symbol table info available. CL<