Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

-E 'given( goto f ) { f: }' => crash #10355

Closed
p5pRT opened this issue Apr 29, 2010 · 10 comments
Closed

-E 'given( goto f ) { f: }' => crash #10355

p5pRT opened this issue Apr 29, 2010 · 10 comments

Comments

@p5pRT
Copy link

@p5pRT p5pRT commented Apr 29, 2010

Migrated from rt.perl.org#74764 (status was 'resolved')

Searchable as RT74764$

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Apr 29, 2010

From frank.wiegand@gmail.com

This is a bug report for perl from frank.wiegand@​gmail.com,
generated with the help of perlbug 1.39 running under perl 5.12.0.


The following code crashes perl​:

  % perl5.12.0 -E 'given ( goto f ) { f​: }'
  Use of "goto" to jump into a construct is deprecated at -e line 1.
  perl5.12.0​: pp_ctl.c​:4005​: Perl_pp_leavegiven​: Assertion `((cx)->cx_u.cx_subst.sbu_type & 0xf) == 3' failed.
  zsh​: abort /opt/perl/perl-5.12.0-RC3/bin/perl5.12.0 -E 'given ( goto f ) { f​: }

Yes, I see the deprecated warning.
Yes, no one would do this.

But perl should not crash, too.

Thanks, Frank



Flags​:
  category=core
  severity=low


Site configuration information for perl 5.12.0​:

Configured by fw at Sat Apr 3 09​:18​:00 CEST 2010.

Summary of my perl5 (revision 5 version 12 subversion 0) configuration​:
 
  Platform​:
  osname=linux, osvers=2.6.32-trunk-amd64, archname=x86_64-linux
  uname='linux hal2 2.6.32-trunk-amd64 #1 smp sun jan 10 22​:40​:40 utc 2010 x86_64 gnulinux '
  config_args='-de -Dusedevel -DDEBUGGING=both -Doptimize=-g -Dcc=ccache gcc -Dld=gcc -Dprefix=/opt/perl/perl-5.12.0-RC3/ -Dmad'
  hint=recommended, useposix=true, d_sigaction=define
  useithreads=undef, usemultiplicity=undef
  useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
  use64bitint=define, use64bitall=define, uselongdouble=undef
  usemymalloc=n, bincompat5005=undef
  Compiler​:
  cc='ccache gcc', ccflags ='-DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
  optimize='-g',
  cppflags='-DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
  ccversion='', gccversion='4.4.3 20100108 (prerelease)', gccosandvers=''
  intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
  d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
  ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
  alignbytes=8, prototype=define
  Linker and Libraries​:
  ld='gcc', ldflags =' -fstack-protector -L/usr/local/lib'
  libpth=/usr/local/lib /lib /usr/lib /lib64 /usr/lib64
  libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc -lgdbm_compat
  perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
  libc=/lib/libc-2.10.2.so, so=so, useshrplib=false, libperl=libperl.a
  gnulibc_version='2.10.2'
  Dynamic Linking​:
  dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
  cccdlflags='-fPIC', lddlflags='-shared -g -L/usr/local/lib -fstack-protector'

Locally applied patches​:
  RC3


@​INC for perl 5.12.0​:
  /opt/perl/perl-5.12.0-RC3/lib/site_perl/5.12.0/x86_64-linux
  /opt/perl/perl-5.12.0-RC3/lib/site_perl/5.12.0
  /opt/perl/perl-5.12.0-RC3/lib/5.12.0/x86_64-linux
  /opt/perl/perl-5.12.0-RC3/lib/5.12.0
  .


Environment for perl 5.12.0​:
  HOME=/home/fw
  LANG=de_DE.UTF-8
  LANGUAGE=
  LD_LIBRARY_PATH (unset)
  LOGDIR (unset)
  PATH=/sbin​:/usr/sbin​:/home/fw/bin​:/home/fw/bin​:/usr/local/bin​:/usr/bin​:/bin​:/usr/games
  PERL_AUTOINSTALL=--defaultdeps
  PERL_BADLANG (unset)
  PERL_EXTUTILS_AUTOINSTALL=--defaultdeps
  PERL_MM_USE_DEFAULT=1
  SHELL=/bin/zsh

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Apr 30, 2010

From @timbunce

The following code crashes perl​:

    % perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}'
    Use of "goto" to jump into a construct is deprecated at \-e line 1\.
    perl5\.12\.0​: pp\_ctl\.c​:4005​: Perl\_pp\_leavegiven​: Assertion \`\(\(cx\)\->cx\_u\.cx\_subst\.sbu\_type & 0xf\) == 3' failed\.
    zsh​: abort      /opt/perl/perl\-5\.12\.0\-RC3/bin/perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}

This report triggers vague memories of a tool (not perl related) that
generated random code fragments in an attempt to find flaws in a
compiler or cpu (I forget which now). Ring a bell for anyone?

Yes, no one would do this.
But perl should not crash, too.

Exactly.

An interesting project for someone​: a tool that generates random perl
code fragments in an attempt to find crashing bugs in perl.

Tim.

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Apr 30, 2010

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Apr 30, 2010

From @nwc10

On Fri, Apr 30, 2010 at 10​:04​:13AM +0100, Tim Bunce wrote​:

The following code crashes perl​:

    % perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}'
    Use of "goto" to jump into a construct is deprecated at \-e line 1\.
    perl5\.12\.0​: pp\_ctl\.c​:4005​: Perl\_pp\_leavegiven​: Assertion \`\(\(cx\)\->cx\_u\.cx\_subst\.sbu\_type & 0xf\) == 3' failed\.
    zsh​: abort      /opt/perl/perl\-5\.12\.0\-RC3/bin/perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}

This report triggers vague memories of a tool (not perl related) that
generated random code fragments in an attempt to find flaws in a
compiler or cpu (I forget which now). Ring a bell for anyone?

ftp​://ftp.cs.wisc.edu/paradyn/technical_papers/fuzz-revisited.ps

Fuzz Revisited​: A Re-examination of the Reliability of UNIX Utilities and
Services.

I believe that Ilya Z also did something related by using Markov chains to
feed plausible garbage to the perl interpreter, identifying the cause of
the crashes, and then patching the bugs.

Nicholas Clark

@p5pRT
Copy link
Author

@p5pRT p5pRT commented May 1, 2010

From frank.wiegand@gmail.com

Am Donnerstag, den 29.04.2010, 01​:36 -0700 schrieb Frank Wiegand​:

The following code crashes perl​:

    % perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}'
    Use of "goto" to jump into a construct is deprecated at \-e line 1\.
    perl5\.12\.0​: pp\_ctl\.c​:4005​: Perl\_pp\_leavegiven​: Assertion \`\(\(cx\)\->cx\_u\.cx\_subst\.sbu\_type & 0xf\) == 3' failed\.
    zsh​: abort      /opt/perl/perl\-5\.12\.0\-RC3/bin/perl5\.12\.0 \-E 'given \( goto f \) \{ f​: \}

Yes, I see the deprecated warning.

This one is without the warning​:

  % perl-5.12.0-RC3 -wE 'given( do { goto f } ) { f​: }'
  perl-5.12.0-RC3​: pp_ctl.c​:4005​: Perl_pp_leavegiven​: Assertion `((cx)->cx_u.cx_subst.sbu_type & 0xf) == 3' failed.
  zsh​: abort LC_ALL=C perl-5.12.0-RC3 -wE 'given( do { goto f } ) { f​: }'

Yes, no one would do this.
But perl should not crash, too.

Still true.

Frank

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 10, 2017

From @cpansprout

I’ve fixed this bug in commit a01f464 by forbidding goto-into-given.

--

Father Chrysostomos

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 10, 2017

@cpansprout - Status changed from 'open' to 'resolved'

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 10, 2017

@cpansprout - Status changed from 'resolved' to 'pending release'

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Jun 23, 2018

From @khwilliamson

Thank you for filing this report. You have helped make Perl better.

With the release yesterday of Perl 5.28.0, this and 185 other issues have been
resolved.

Perl 5.28.0 may be downloaded via​:
https://metacpan.org/release/XSAWYERX/perl-5.28.0

If you find that the problem persists, feel free to reopen this ticket.

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Jun 23, 2018

@khwilliamson - Status changed from 'pending release' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant