Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segfault with regexp on big match (30000 chars) #38

Closed
p5pRT opened this issue Jun 3, 1999 · 6 comments
Closed

Segfault with regexp on big match (30000 chars) #38

p5pRT opened this issue Jun 3, 1999 · 6 comments

Comments

@p5pRT
Copy link

p5pRT commented Jun 3, 1999

Migrated from rt.perl.org#839 (status was 'resolved')

Searchable as RT839$

@p5pRT
Copy link
Author

p5pRT commented Jun 3, 1999

From sdalu@sco.COM

The following line cause perl to do a segmentation fault​:

perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

It seems the limit is arround 27000 characters and depend on the
number of @​@​ eventually present.

Perl Info


This perlbug was built using Perl 5.00503 - Tue Apr  6 23:33:05 EDT 1999
It is being executed now by  Perl 5.00557 - Thu Jun  3 09:53:24 BST 1999.

Site configuration information for perl 5.00503:

Configured by root at Tue Apr  6 23:33:05 EDT 1999.

Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration:
  Platform:
    osname=linux, osvers=2.2.1-ac1, archname=i386-linux
    uname='linux porky.devel.redhat.com 2.2.1-ac1 #1 smp mon feb 1 17:44:44 est 1999 i686 unknown '
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef useperlio=undef d_sfio=undef
  Compiler:
    cc='cc', optimize='-O2', gccversion=egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
    cppflags='-Dbool=char -DHAS_BOOL -I/usr/local/include'
    ccflags ='-Dbool=char -DHAS_BOOL -I/usr/local/include'
    stdchar='char', d_stdstdio=undef, usevfork=false
    intsize=4, longsize=4, ptrsize=4, doublesize=8
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lc -lposix -lcrypt
    libc=, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
    cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    


@INC for perl 5.00503:
    /usr/lib/perl5/5.00503/i386-linux
    /usr/lib/perl5/5.00503
    /usr/lib/perl5/site_perl/5.005/i386-linux
    /usr/lib/perl5/site_perl/5.005
    .


Environment for perl 5.00503:
    HOME=/homes/sdalu
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/homes/sdalu/bin::/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/usr/games
    PERL_BADLANG (unset)
    SHELL=bash

@p5pRT
Copy link
Author

p5pRT commented Mar 20, 2000

From [Unknown Contact. See original ticket]

Thanks for your bug report. Version 5.6 does not core dump on​:

  perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

I've marked the bug as closed.

Cheers;

Nat

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2000

From [Unknown Contact. See original ticket]

At 20​:44 -0700 2000-03-20, Nathan Torkington wrote​:

Thanks for your bug report. Version 5.6 does not core dump on​:

perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

I've marked the bug as closed.

For completeness, follow the perl manpage's sage advice​:

  If something strange has gone wrong with your program and
  you're not sure where you should look for help, try the -w
  switch first. It will often point out exactly where the
  trouble is.

perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'
Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

(I have a particularly weedy complex regular subexpression recursion
limit; you'll see 32766 most other systems.)
--
Dominic Dunlop

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2000

From @vanstyn

In <14550.61491.534434.775503@​prometheus.frii.com>, Nathan Torkington writes​:
:Thanks for your bug report. Version 5.6 does not core dump on​:
:
: perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'
:
:I've marked the bug as closed.

RC2 core dumps here​:

crypt% perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'
Segmentation fault (core dumped)
crypt%

Is this not the standard stacksize issue?

Hugo


Summary of my perl5 (revision 5.0 version 6 subversion 0) configuration​:
  Platform​:
  osname=linux, osvers=2.2.5-16, archname=i686-linux-64int
  uname='linux crypt.compulink.co.uk 2.2.5-16 #1 sun may 30 23​:00​:18 bst 1999 i686 unknown '
  config_args='-des -Doptimize=-g -O6 -Dprefix=/opt/perl-5.6.0-RC2.64bit -Duse64bitint'
  hint=recommended, useposix=true, d_sigaction=define
  usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
  useperlio=undef d_sfio=undef uselargefiles=define
  use64bitint=define use64bitall=undef uselongdouble=undef usesocks=undef
  Compiler​:
  cc='cc', optimize='-g -O6', gccversion=egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
  cppflags='-DDEBUGGING -fno-strict-aliasing'
  ccflags ='-DDEBUGGING -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64'
  stdchar='char', d_stdstdio=define, usevfork=false
  intsize=4, longsize=4, ptrsize=4, doublesize=8
  d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
  ivtype='long long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
  alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries​:
  ld='cc', ldflags =' -L/usr/local/lib'
  libpth=/usr/local/lib /lib /usr/lib
  libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lc -lposix -lcrypt
  libc=/lib/libc-2.1.1.so, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking​:
  dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
  cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Characteristics of this binary (from libperl)​:
  Compile-time options​: DEBUGGING USE_64_BIT_INT USE_LARGE_FILES
  Locally applied patches​:
  v5.6.0-RC2
  Built under linux
  Compiled at Mar 15 2000 11​:20​:32
  @​INC​:
  /opt/perl-5.6.0-RC2.64bit/lib/5.6.0/i686-linux-64int
  /opt/perl-5.6.0-RC2.64bit/lib/5.6.0
  /opt/perl-5.6.0-RC2.64bit/lib/site_perl/5.6.0/i686-linux-64int
  /opt/perl-5.6.0-RC2.64bit/lib/site_perl/5.6.0
  /opt/perl-5.6.0-RC2.64bit/lib/site_perl
  .

@p5pRT
Copy link
Author

p5pRT commented Mar 21, 2000

From @vanstyn

In <p04310108b4fce2bf145b@​[192.168.1.4]>, Dominic Dunlop writes​:
:At 20​:44 -0700 2000-03-20, Nathan Torkington wrote​:
:>Thanks for your bug report. Version 5.6 does not core dump on​:
:>
:> perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'
:>
:>I've marked the bug as closed.
:
:For completeness, follow the perl manpage's sage advice​:
:
: If something strange has gone wrong with your program and
: you're not sure where you should look for help, try the -w
: switch first. It will often point out exactly where the
: trouble is.
:
:perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'
:Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

That won't help if you are getting core dumps due to too high a CRSRL.

Hugo

@p5pRT
Copy link
Author

p5pRT commented Mar 22, 2000

From [Unknown Contact. See original ticket]

At 11​:20 +0000 2000-03-21, Hugo wrote​:

​:Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

That won't help if you are getting core dumps due to too high a CRSRL.

Quite. The warning is not triggered by all dangerously recursive
regexps, which remain a way of making perl reliably dump core (if
that isn't an oxymoron). Allowing perl a higher stack size limit's
the only way out of that one -- and even then, one needs an
arbitrarily large limit to be anywhere near totally safe. Maybe once
5.6 is out, I'll try tapping my head against the stack overflow check
wall one more time. (See
http​://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1999-09/msg01234.html).

The favoured fix, flattening the regexp engine, isn't on the todo
list. Maybe it should be. (See
http​://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1999-07/msg01177.html.)
--
Dominic Dunlop

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant