Skip to content

fix a collection of other I32 bugs #21012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 12 commits into from
Closed

fix a collection of other I32 bugs #21012

wants to merge 12 commits into from

Conversation

tonycoz
Copy link
Contributor

@tonycoz tonycoz commented Apr 11, 2023

These commits fix a few of the other I32 bugs I suspected when I was reviewing the code for the #20990 work.

I have a few more I haven't investigated yet.

@tonycoz tonycoz added the defer-next-dev This PR should not be merged yet, but await the next development cycle label Apr 19, 2023
@tonycoz tonycoz force-pushed the 20917-other-i32-bugs branch from c7f61ce to 00e4038 Compare April 19, 2023 01:19
@tonycoz
Copy link
Contributor Author

tonycoz commented Apr 19, 2023

squashed the "squash me" commit and rebased

@tonycoz tonycoz mentioned this pull request Apr 26, 2023
Open
@tonycoz tonycoz removed the defer-next-dev This PR should not be merged yet, but await the next development cycle label Jul 10, 2023
@jkeenan
Copy link
Contributor

jkeenan commented Jul 11, 2023

@tonycoz, to properly test this pull request, should we be building a perl with any particular configuration arguments in order to get meaningful results?

(This p.r. has 2 approvals, but probably has not yet been tested other than GH actions.)

@tonycoz
Copy link
Contributor Author

tonycoz commented Jul 12, 2023

To test this properly you need to set PERL_TEST_MEMORY set in the environment to 8 or more, and have that amount of available memory (in GB).

They only make sense for 64-bit platforms, ie. where ptrsize is 8 (or more if that exists.)

@demerphq
Copy link
Collaborator

demerphq commented Jul 12, 2023
edited
Loading

IN the perlreapi.pod commit you say "though I suspect it could use some, some members mentioned no longer exist,", which might be the case as this is a copy of the actual structure. Ill take a look, but i guess your patch will need to be applied first.

Actually, even better maybe would be to drop the perlreapi.pod patch and let me take care of it.

@tonycoz tonycoz force-pushed the 20917-other-i32-bugs branch from 00e4038 to 77c06b8 Compare July 13, 2023 01:02
@tonycoz
Copy link
Contributor Author

tonycoz commented Jul 13, 2023

Actually, even better maybe would be to drop the perlreapi.pod patch and let me take care of it.

I've removed it.

I also added another fix for a bug that came up while I was testing the rebased code. Unfortunately I expect we have a number of similar bugs, I think it means we need to add -Wconversion to our warnings and follow-up on them, since it caught this one:

op.c: In function ‘Perl_check_hash_fields_and_hekify’:
op.c:2745:64: warning: conversion from ‘ssize_t’ {aka ‘long int’} to ‘I32’ {aka ‘int’} may change value [-Wconversion]
 2745 |             SV *nsv = newSVpvn_share(key, SvUTF8(sv) ? -keylen : keylen, 0);

This is a big job:

$ make opmini.o 2>&1 | grep 'warning:' | wc -l
247

and it takes more than just adding a bunch of casts.

@demerphq
Copy link
Collaborator

I've removed it.

Ok, I have just pushed #21241 as promised.

tonycoz added 12 commits July 26, 2023 14:09
@tonycoz
S_scomplement: string complement used an I32 string length
faa8f3f 
Discovered while scanning for stack issues, S_scomplement which
implements string complement for pp_complement and pp_scomplement
used an I32 to keep the working length, for strings between 2GB and
4GB this resulted in a noop.
@tonycoz
pp_repeat: handle large source strings for scalar repeat
161a055 
This deliberately dropped out since repeatcpy() took an I32 length
of source string parameter, but the code in repeatcpy() is
sufficiently robust we can simply make it a SSize_t.

Removed the error for strings over I32 len, the left over check
should reasonably handle integer overflow beyond the capacity of
a SSize_t.
@tonycoz
pp_subst: don't cast the replacement len to I32
2194a7d 
If I understand the code clen is the length of a constant replacement
string, ie. s/.../THIS/.  I don't expect this would ever go over
2GB, but aim for correctness.

I made this a SSize_t cast instead of completely removing the cast
since some analysers/compilers reasonably complain about such
comparisons.
@tonycoz
pp_subst: use SSize_t for substring sizes
017aeae 
I wasn't able to make this misbehave, since with a COW enabled
perl a COW copy of the input SV is created when the regexp is
matched above, and this entire block is skipped down to "have_a_cow:"
@tonycoz
rxres_restore: restore regexp progress offsets with SSize_t casts
f549a5c 
This was casting the offsets to I32 when restoring them, but these
values can be outside the positive range of an I32, which caused
problems in pp_substcont.
@tonycoz
S_reg_set_capture_string: use SSize_t for capture group offset
7849364 
I wasn't able to trigger this code on a COW built perl, but
we can match against strings over 2GB, so this value could
become too large for an I32 on a 64-bit platform.
@tonycoz
do_msgsnd, do_msgrcv: use STRLEN/SSize_t as appropriate
1f70cc9 
The size parameters for msgsnd() and msgrcv() are size_t, and
the return value of msgrcv() is ssize_t, adjust perl to match.

Unfortunately Linux appears to limit the size of the message queue
to well under 2GB, so I wasn't able to write a failing test for
this.
@tonycoz
msgrcv: properly handle magic
eef40bd 
This would call get magic on the buffer SV, even though it's output
only.

It failed to call set magic on the buffer SV.
@tonycoz
msgrcv: validate the size parameter before using it
4edac35 
While the code checks that size is non-negative, that check was done
after using that size with SvGROW(), so a negative size caused
a panic, rather than the error return value the code appeared to
be written for.
@tonycoz
visit()/sv_clean_all(): returned an I32 cleaned SV count
6dc6267 
These could in theory overflow a 32-bit signed integer (which is
undefined behaviour)
@tonycoz
sv_utf8_decode(): use SSize_t for string offset
8fcdb5a 
While we can't test this easily from perl (as the comment mentions,
the pos() is cleared in utf8::decode()), testing under the debugger
revealed the pos value being truncated here, so use the correct
type.
@tonycoz
hash keys: validate hash key length at compile time
2f9154b 
This was new to me, I hadn't encountered this failure while working
on the original "other I32 bugs".

The original test here was failing with an "Out of memory" error
since the long hash key length was overflowing the I32.

Once that was fixed the test was failing purely due to the invalid
code, once that was fixed the test passed so I removed the TODO.
@tonycoz tonycoz force-pushed the 20917-other-i32-bugs branch from 77c06b8 to 2f9154b Compare July 26, 2023 04:35
@tonycoz
Copy link
Contributor Author

tonycoz commented Jul 27, 2023

Pushed as merge commit 03f6a79

@tonycoz tonycoz closed this Jul 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@demerphq demerphq demerphq approved these changes

@khwilliamson khwilliamson khwilliamson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tonycoz @jkeenan @demerphq @khwilliamson