Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

regexp causes SIGSEGV (stack overflow?) #832

Closed
p5pRT opened this issue Nov 9, 1999 · 9 comments
Closed

regexp causes SIGSEGV (stack overflow?) #832

p5pRT opened this issue Nov 9, 1999 · 9 comments

Comments

@p5pRT
Copy link

@p5pRT p5pRT commented Nov 9, 1999

Migrated from rt.perl.org#1760 (status was 'resolved')

Searchable as RT1760$

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Nov 9, 1999

From amc@arwen.cs.berkeley.edu

The following program demonstrates a regular expression match on
a long string causing a SIGSEGV​:

#!/usr/bin/perl
$s = 'x';
for ($i = 1; $i < 16; ++$i) {
  $s = $s . $s;
  print length($s), "\n";
  $s =~ /(a?x)*/;
}

After the length of $s reaches 32768, perl crashes. I tried getting a
stack trace from gdb, but the stack appeared to be extremely large, so
maybe the problem is that the stack is overflowing. Should that cause a
SIGSEGV, or should it be handled more gracefully?

Is in necessary for that regular expression to require stack space
proportional to the size of the matched string? (It's been too long
since I took a compilers class.)

By the way, the regular expression is a greatly simplified version of
one I was actually using to remove a prefix from a string and print it.
The original code was structured like this​:

  if ($s =~ s/^((a?x)+)//) { print $1 }

My workaround is structured like this​:

  while ($s =~ s/^((a?x){1,999})//) { print $1 }

Perl Info


Site configuration information for perl 5.00503:

Configured by torin at Wed Sep 22 00:18:38 PDT 1999.

Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration:
  Platform:
    osname=linux, osvers=2.0.36, archname=i386-linux
    uname='linux perv 2.0.36 #2 wed nov 18 03:00:48 pst 1998 i686 unknown '
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef useperlio=undef d_sfio=undef
  Compiler:
    cc='cc', optimize='-O2', gccversion=2.95.1 19990809 (prerelease)
    cppflags='-Dbool=char -DHAS_BOOL -D_REENTRANT -DDEBIAN -I/usr/local/include'
    ccflags ='-Dbool=char -DHAS_BOOL -D_REENTRANT -DDEBIAN -I/usr/local/include'
    stdchar='char', d_stdstdio=undef, usevfork=false
    intsize=4, longsize=4, ptrsize=4, doublesize=8
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lndbm -lgdbm -ldbm -ldb -ldl -lm -lc -lposix -lcrypt
    libc=, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
    cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    


@INC for perl 5.00503:
    /usr/lib/perl5/5.005/i386-linux
    /usr/lib/perl5/5.005
    /usr/local/lib/site_perl/i386-linux
    /usr/local/lib/site_perl
    /usr/lib/perl5
    .


Environment for perl 5.00503:
    HOME=/home/cs/amc
    LANG (unset)
    LANGUAGE (unset)
    LC_ALL=en_US
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/cs/amc/pkg/Linux/2.2.12/i686/amc/bin:/home/cs/amc/pkg/share/amc/bin:/bin:/sbin:/usr/sbin:/usr/bin:/usr/games:/home/cs/amc/pkg/Linux/2.2.12/i686/misc/bin:/usr/local/bin:/usr/X11R6/bin
    PERL_BADLANG (unset)
    SHELL=/usr/bin/tcsh

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Dec 13, 2000

From [Unknown Contact. See original ticket]

still a problem as of 8101 on both Mandrake 7.2 and Solaris 8.0

The following program demonstrates a regular expression match on
a long string causing a SIGSEGV​:

#!/usr/bin/perl
$s = 'x';
for ($i = 1; $i < 16; ++$i) {
  $s = $s . $s;
  print length($s), "\n";
  $s =~ /(a?x)*/;
}

After the length of $s reaches 32768, perl crashes. I tried getting a
stack trace from gdb, but the stack appeared to be extremely large, so
maybe the problem is that the stack is overflowing. Should that cause a
SIGSEGV, or should it be handled more gracefully?

Is in necessary for that regular expression to require stack space
proportional to the size of the matched string? (It's been too long
since I took a compilers class.)

By the way, the regular expression is a greatly simplified version of
one I was actually using to remove a prefix from a string and print it.
The original code was structured like this​:

  if ($s =~ s/^((a?x)+)//) { print $1 }

My workaround is structured like this​:

  while ($s =~ s/^((a?x){1,999})//) { print $1 }

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Aug 7, 2002

From @gbarr

This is still present in 5.8.0

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Nov 28, 2003

From The RT System itself

bug seems unlikely to be OS related.

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Nov 28, 2003

From The RT System itself

still segfaults bleadperl DEVEL7093

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Jul 13, 2005

From @schwern

Still a problem in bleadperl@​25129.

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Jul 14, 2005

From @hvds

"Michael G Schwern via RT" <perlbug-followup@​perl.org> wrote​:
:Still a problem in bleadperl@​25129.

Note that this bug is (correctly) marked as depending on the metabug
#24274. It will remain a bug until the metabug is fixed (by rewriting
enough of the regexp engine to avoid using the C stack recursively).

Hugo

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Mar 29, 2006

From @smpeters

[amc@​arwen.cs.berkeley.edu - Tue Nov 09 12​:08​:10 1999]​:

-----------------------------------------------------------------
[Please enter your report here]

The following program demonstrates a regular expression match on
a long string causing a SIGSEGV​:

#!/usr/bin/perl
$s = 'x';
for ($i = 1; $i < 16; ++$i) {
$s = $s . $s;
print length($s), "\n";
$s =~ /(a?x)*/;
}

After the length of $s reaches 32768, perl crashes. I tried getting a
stack trace from gdb, but the stack appeared to be extremely large, so
maybe the problem is that the stack is overflowing. Should that cause
a
SIGSEGV, or should it be handled more gracefully?

Is in necessary for that regular expression to require stack space
proportional to the size of the matched string? (It's been too long
since I took a compilers class.)

By the way, the regular expression is a greatly simplified version of
one I was actually using to remove a prefix from a string and print
it.
The original code was structured like this​:

if \($s =~ s/^\(\(a?x\)\+\)//\) \{ print $1 \}

My workaround is structured like this​:

while \($s =~ s/^\(\(a?x\)\{1\,999\}\)//\) \{ print $1 \}

It appears that as of change #27598, this no longer core dumps. davem++ :)

@p5pRT
Copy link
Author

@p5pRT p5pRT commented Mar 29, 2006

@smpeters - Status changed from 'open' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant