Skip Menu |
Report information
Id: 132553
Status: open
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: brian.carpenter [at] gmail.com
pipcet [at] gmail.com
Cc:
AdminCc:

Operating System: (no value)
PatchStatus: (no value)
Severity: low
Type: unknown
Perl Version: (no value)
Fixed In: (no value)



From: Brian Carpenter <brian.carpenter [...] gmail.com>
Subject: Assertion failure in Perl__core_swash_init (utf8.c:3840)
To: perlbug [...] perl.org
Date: Fri, 8 Dec 2017 17:42:38 -0600
This assertion failure was triggered in Perl v5.27.6-156-g5d4548b73b, compiled with Clang 6.0.0-trunk and -fsanitize=address.

./perl test012.pl
perl: utf8.c:3840: SV *Perl__core_swash_init(const char *, const char *, SV *, I32, I32, SV *, U8 *const): Assertion `listsv != &PL_sv_undef || strNE(name, "") || invlist' failed.
Aborted

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
#1  0x00007ffff6cc837a in __GI_abort () at abort.c:89
#2  0x00007ffff6cbeb47 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0xd7ea80 <.str.127> "listsv != &PL_sv_undef || strNE(name, \"\") || invlist", file=file@entry=0xd6f020 <.str.1> "utf8.c", line=line@entry=3840,
    function=function@entry=0xd7eae0 <__PRETTY_FUNCTION__.Perl__core_swash_init> "SV *Perl__core_swash_init(const char *, const char *, SV *, I32, I32, SV *, U8 *const)") at assert.c:92
#3  0x00007ffff6cbebf2 in __GI___assert_fail (assertion=0xd7ea80 <.str.127> "listsv != &PL_sv_undef || strNE(name, \"\") || invlist", file=0xd6f020 <.str.1> "utf8.c", line=3840,
    function=0xd7eae0 <__PRETTY_FUNCTION__.Perl__core_swash_init> "SV *Perl__core_swash_init(const char *, const char *, SV *, I32, I32, SV *, U8 *const)") at assert.c:101
#4  0x0000000000b20316 in Perl__core_swash_init (pkg=0xca3ba0 <.str.330> "utf8", name=<optimized out>, listsv=0x1d56ad8 <PL_sv_immortals+24>, minbits=1, none=0, invlist=0x0, flags_p=<optimized out>) at utf8.c:3840
#5  0x0000000000780570 in S_regclass (pRExC_state=0x7fffffffd3e0, flagp=0x7fffffffcce0, depth=5, stop_at_1=true, allow_multi_folds=false, silence_non_portable=false, strict=<optimized out>, optimizable=true, ret_invlist=<optimized out>, return_posix_warnings=<optimized out>) at regcomp.c:16414
#6  0x00000000007704cf in S_regatom (pRExC_state=0x7fffffffd3e0, flagp=0x7fffffffcce0, depth=4) at regcomp.c:12960
#7  0x0000000000766f6b in S_regpiece (pRExC_state=0x7fffffffd3e0, flagp=0x7fffffffcea0, depth=<optimized out>) at regcomp.c:11731
#8  0x0000000000757c0e in S_regbranch (pRExC_state=0x7fffffffd3e0, flagp=0x7fffffffcfe0, first=<optimized out>, depth=3) at regcomp.c:11656
#9  0x00000000006ea0e8 in S_reg (pRExC_state=0x7fffffffd3e0, paren=0, flagp=0x7fffffffd2a0, depth=1) at regcomp.c:11394
#10 0x00000000006d3edd in Perl_re_op_compile (patternp=<optimized out>, pat_count=-10048, expr=<optimized out>, eng=0xc9f0e0 <PL_core_reg_engine>, old_re=0x62100000c250, is_bare_re=0x7fffffffd260, orig_rx_flags=<optimized out>, pm_flags=<optimized out>) at regcomp.c:7377
#11 0x0000000000520bc4 in Perl_pmruntime (o=<optimized out>, expr=<optimized out>, repl=0x0, flags=<optimized out>, floor=0) at op.c:6904
#12 0x00000000006ab358 in Perl_yyparse (gramtype=<optimized out>) at perly.y:1215
#13 0x00000000005a3c22 in S_parse_body (env=<optimized out>, xsinit=<optimized out>) at perl.c:2447
#14 0x000000000059ea24 in perl_parse (my_perl=<optimized out>, xsinit=0x5036f0 <xs_init>, argc=2, argv=<optimized out>, env=0x0) at perl.c:1750
#15 0x0000000000503486 in main (argc=0, argv=0x7ffff6cc677f <__GI_raise+159>, env=0x7fffffffe380) at perlmain.c:121

Download test012.pl
text/x-perl 7b

Message body is not shown because sender requested not to inline it.

From: Zefram <zefram [...] fysh.org>
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
Date: Sat, 9 Dec 2017 03:09:22 +0000
To: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 308b
Brian Carpenter wrote: Show quoted text
>This assertion failure was triggered in Perl v5.27.6-156-g5d4548b73b, >compiled with Clang 6.0.0-trunk and -fsanitize=address.
The assertion failure does not happen for me, compiling with gcc 4.9.2. I get an unsurprising error message from perl about "Empty \p{} in regex". -zefram
From: Brian Carpenter <brian.carpenter [...] gmail.com>
Date: Fri, 8 Dec 2017 21:14:28 -0600
To: perlbug-followup [...] perl.org
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
Download (untitled) / with headers
text/plain 840b
Here is how I compiled it:

./Configure -des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 -g3 -Accflags='-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' -Aldflags='-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' && make

On Fri, Dec 8, 2017 at 9:09 PM, Zefram via RT <perlbug-followup@perl.org> wrote:
Show quoted text
Brian Carpenter wrote:
>This assertion failure was triggered in Perl v5.27.6-156-g5d4548b73b,
>compiled with Clang 6.0.0-trunk and -fsanitize=address.

The assertion failure does not happen for me, compiling with gcc 4.9.2.
I get an unsurprising error message from perl about "Empty \p{} in regex".

-zefram


Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
To: Brian Carpenter <brian.carpenter [...] gmail.com>, perlbug-followup [...] perl.org
Date: Fri, 8 Dec 2017 21:50:00 -0700
From: Karl Williamson <public [...] khwilliamson.com>
Download (untitled) / with headers
text/plain 1.3k
On 12/08/2017 08:14 PM, Brian Carpenter wrote: Show quoted text
> Here is how I compiled it: > > ./Configure -des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 -g3 > -Accflags='-fno-inline-functions -fno-omit-frame-pointer > -fsanitize=address > -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' > -Aldflags='-fno-inline-functions -fno-omit-frame-pointer > -fsanitize=address > -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' > && make > > On Fri, Dec 8, 2017 at 9:09 PM, Zefram via RT <perlbug-followup@perl.org > <mailto:perlbug-followup@perl.org>> wrote: > > Brian Carpenter wrote:
> >This assertion failure was triggered in Perl v5.27.6-156-g5d4548b73b, > >compiled with Clang 6.0.0-trunk and -fsanitize=address.
> > The assertion failure does not happen for me, compiling with gcc 4.9.2. > I get an unsurprising error message from perl about "Empty \p{} in > regex". > > -zefram > >
I managed to compile miniperl with those options, except I'm using clang 4.0. miniperl is sufficient to test, and I get the same results as Zefram, which is what I would have anticipated. I can't imagine how your original test got past the checks for empty braces and got started trying to compile a nonsense property, which is what your stack trace indicates.
From: Karl Williamson <public [...] khwilliamson.com>
Date: Fri, 8 Dec 2017 22:06:05 -0700
To: Brian Carpenter <brian.carpenter [...] gmail.com>, perlbug-followup [...] perl.org
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
Download (untitled) / with headers
text/plain 1.7k
On 12/08/2017 09:50 PM, Karl Williamson wrote: Show quoted text
> On 12/08/2017 08:14 PM, Brian Carpenter wrote:
>> Here is how I compiled it: >> >> ./Configure -des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 -g3 >> -Accflags='-fno-inline-functions -fno-omit-frame-pointer >> -fsanitize=address >> -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' >> -Aldflags='-fno-inline-functions -fno-omit-frame-pointer >> -fsanitize=address >> -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep' >> && make
In looking further, I don't see how this could be what you compiled, as you are using -O0, and the stack trace indicates things were optimized out. If you could try this again with -O0, that would be helpful. Show quoted text
>> >> On Fri, Dec 8, 2017 at 9:09 PM, Zefram via RT >> <perlbug-followup@perl.org <mailto:perlbug-followup@perl.org>> wrote: >> >>     Brian Carpenter wrote: >>      >This assertion failure was triggered in Perl >> v5.27.6-156-g5d4548b73b, >>      >compiled with Clang 6.0.0-trunk and -fsanitize=address. >> >>     The assertion failure does not happen for me, compiling with gcc >> 4.9.2. >>     I get an unsurprising error message from perl about "Empty \p{} in >>     regex". >> >>     -zefram >> >>
> > > I managed to compile miniperl with those options, except I'm using clang > 4.0. > > miniperl is sufficient to test, and I get the same results as Zefram, > which is what I would have anticipated.  I can't imagine how your > original test got past the checks for empty braces and got started > trying to compile a nonsense property, which is what your stack trace > indicates. >
And I looked at the code, and don't see how this could happen. Could you re
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
To: perlbug-followup [...] perl.org
Date: Fri, 8 Dec 2017 23:22:48 -0600
From: Brian Carpenter <brian.carpenter [...] gmail.com>
Download (untitled) / with headers
text/plain 5.4k
./perl -I/root/perl/lib -V
Summary of my perl5 (revision 5 version 27 subversion 7) configuration:
  Commit id: 5d4548b73b1d6298ebeef6d93e510cc249106b85
  Platform:
    osname=linux
    osvers=4.10.0-37-generic
    archname=x86_64-linux
    uname='linux ubuntu-512mb-fra1-01 4.10.0-37-generic #41-ubuntu smp fri oct 6 20:20:37 utc 2017 x86_64 x86_64 x86_64 gnulinux '
    config_args='-des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 -g3 -Accflags=-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep -Aldflags=-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep'
    hint=recommended
    useposix=true
    d_sigaction=define
    useithreads=undef
    usemultiplicity=undef
    use64bitint=define
    use64bitall=define
    uselongdouble=undef
    usemymalloc=n
    default_inc_excludes_dot=define
    bincompat5005=undef
  Compiler:
    cc='clang6'
    ccflags ='-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2'
    optimize='-O0 -g3'
    cppflags='-fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include'
    ccversion=''
    gccversion='4.2.1 Compatible Clang 6.0.0 (trunk 318369)'
    gccosandvers=''
    intsize=4
    longsize=8
    ptrsize=8
    doublesize=8
    byteorder=12345678
    doublekind=3
    d_longlong=define
    longlongsize=8
    d_longdbl=define
    longdblsize=16
    longdblkind=3
    ivtype='long'
    ivsize=8
    nvtype='double'
    nvsize=8
    Off_t='off_t'
    lseeksize=8
    alignbytes=8
    prototype=define
  Linker and Libraries:
    ld='clang6'
    ldflags =' -fno-inline-functions -fno-omit-frame-pointer -fsanitize=address -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep -fstack-protector-strong -L/usr/local/lib'
    libpth=/usr/local/lib /third_party/llvm-build/Release+Asserts/lib/clang/6.0.0/lib /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib/usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib
    libs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.24.so
    so=so
    useshrplib=false
    libperl=libperl.a
    gnulibc_version='2.24'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs
    dlext=so
    d_dlsymun=undef
    ccdlflags='-Wl,-E'
    cccdlflags='-fPIC'
    lddlflags='-shared -O0 -g3 -L/usr/local/lib -fstack-protector-strong'


Characteristics of this binary (from libperl):
  Compile-time options:
    DEBUGGING
    HAS_TIMES
    PERLIO_LAYERS
    PERL_COPY_ON_WRITE
    PERL_DONT_CREATE_GVSV
    PERL_MALLOC_WRAP
    PERL_OP_PARENT
    PERL_PRESERVE_IVUV
    PERL_USE_DEVEL
    USE_64_BIT_ALL
    USE_64_BIT_INT
    USE_LARGE_FILES
    USE_LOCALE
    USE_LOCALE_COLLATE
    USE_LOCALE_CTYPE
    USE_LOCALE_NUMERIC
    USE_LOCALE_TIME
    USE_PERLIO
    USE_PERL_ATOF
  Built under linux
  Compiled at Dec  8 2017 04:04:27
  @INC:
    /root/perl/lib
    /usr/local/lib/perl5/site_perl/5.27.7/x86_64-linux
    /usr/local/lib/perl5/site_perl/5.27.7
    /usr/local/lib/perl5/5.27.7/x86_64-linux
    /usr/local/lib/perl5/5.27.7

On Fri, Dec 8, 2017 at 11:06 PM, karl williamson via RT <perlbug-followup@perl.org> wrote:
Show quoted text
On 12/08/2017 09:50 PM, Karl Williamson wrote:
> On 12/08/2017 08:14 PM, Brian Carpenter wrote:
>> Here is how I compiled it:
>>
>> ./Configure -des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 -g3
>> -Accflags='-fno-inline-functions -fno-omit-frame-pointer
>> -fsanitize=address
>> -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep'
>> -Aldflags='-fno-inline-functions -fno-omit-frame-pointer
>> -fsanitize=address
>> -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep'
>> && make

In looking further, I don't see how this could be what you compiled, as
you are using -O0, and the stack trace indicates things were optimized
out. If you could try this again with -O0, that would be helpful.
>>
>> On Fri, Dec 8, 2017 at 9:09 PM, Zefram via RT
>> <perlbug-followup@perl.org <mailto:perlbug-followup@perl.org>> wrote:
>>
>>     Brian Carpenter wrote:
>>      >This assertion failure was triggered in Perl
>> v5.27.6-156-g5d4548b73b,
>>      >compiled with Clang 6.0.0-trunk and -fsanitize=address.
>>
>>     The assertion failure does not happen for me, compiling with gcc
>> 4.9.2.
>>     I get an unsurprising error message from perl about "Empty \p{} in
>>     regex".
>>
>>     -zefram
>>
>>
>
>
> I managed to compile miniperl with those options, except I'm using clang
> 4.0.
>
> miniperl is sufficient to test, and I get the same results as Zefram,
> which is what I would have anticipated.  I can't imagine how your
> original test got past the checks for empty braces and got started
> trying to compile a nonsense property, which is what your stack trace
> indicates.
>

And I looked at the code, and don't see how this could happen.  Could you re


RT-Send-CC: perl5-porters [...] perl.org
On Fri, 08 Dec 2017 20:50:57 -0800, public@khwilliamson.com wrote: Show quoted text
> On 12/08/2017 08:14 PM, Brian Carpenter wrote:
> > Here is how I compiled it: > > > > ./Configure -des -Dusedevel -DDEBUGGING -Dcc=clang6 -Doptimize=-O0 > > -g3 > > -Accflags='-fno-inline-functions -fno-omit-frame-pointer > > -fsanitize=address > > -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace- > > cmp,trace-div,trace-gep' > > -Aldflags='-fno-inline-functions -fno-omit-frame-pointer > > -fsanitize=address > > -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace- > > cmp,trace-div,trace-gep' > > && make > > > > On Fri, Dec 8, 2017 at 9:09 PM, Zefram via RT <perlbug- > > followup@perl.org > > <mailto:perlbug-followup@perl.org>> wrote: > > > > Brian Carpenter wrote:
> > > This assertion failure was triggered in Perl v5.27.6-156- > > > g5d4548b73b, > > > compiled with Clang 6.0.0-trunk and -fsanitize=address.
> > > > The assertion failure does not happen for me, compiling with gcc > > 4.9.2. > > I get an unsurprising error message from perl about "Empty \p{} in > > regex". > > > > -zefram > > > >
> > > I managed to compile miniperl with those options, except I'm using > clang > 4.0. > > miniperl is sufficient to test, and I get the same results as Zefram, > which is what I would have anticipated. I can't imagine how your > original test got past the checks for empty braces and got started > trying to compile a nonsense property, which is what your stack trace > indicates.
When I compile miniperl with -de -Dusedevel -DDEBUGGING and nothing more, I get the assertion failure: $ perl -e 'print qq|/\\p{\0}/|'|./miniperl Assertion failed: (listsv != &PL_sv_undef || strNE(name, "") || invlist), function Perl__core_swash_init, file utf8.c, line 3840. Abort trap: 6 $ cc -v Apple LLVM version 4.2 (clang-425.0.27) (based on LLVM 3.2svn) Target: x86_64-apple-darwin12.5.0 Thread model: posix $ uname -a Darwin Pint.local 12.5.0 Darwin Kernel Version 12.5.0: Sun Sep 29 13:33:47 PDT 2013; root:xnu-2050.48.12~1/RELEASE_X86_64 x86_64 -- Father Chrysostomos
RT-Send-CC: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 2.4k
On Sat, 09 Dec 2017 07:26:18 -0800, sprout wrote: Show quoted text
> When I compile miniperl with -de -Dusedevel -DDEBUGGING and nothing > more, I get the assertion failure: > > $ perl -e 'print qq|/\\p{\0}/|'|./miniperl > Assertion failed: (listsv != &PL_sv_undef || strNE(name, "") || > invlist), function Perl__core_swash_init, file utf8.c, line 3840. > Abort trap: 6 > $ cc -v > Apple LLVM version 4.2 (clang-425.0.27) (based on LLVM 3.2svn) > Target: x86_64-apple-darwin12.5.0 > Thread model: posix > $ uname -a > Darwin Pint.local 12.5.0 Darwin Kernel Version 12.5.0: Sun Sep 29 > 13:33:47 PDT 2013; root:xnu-2050.48.12~1/RELEASE_X86_64 x86_64
Same result if I add -Aoptimize=-O0, and that gives me an unoptimised backtrace: (gdb) bt #0 0x00007fff8e91fd46 in __kill () #1 0x00007fff8b075f83 in abort () #2 0x00007fff8b076cb9 in __assert_rtn () #3 0x0000000100493c85 in Perl__core_swash_init (pkg=0x1005d27da "utf8", name=0x10070b4c0 "", listsv=0x1005fc418, minbits=1, none=0, invlist=0x0, flags_p=0x7fff5fbfc28f "\006$?p") at utf8.c:3840 #4 0x0000000100190cc0 in S_regclass (pRExC_state=0x7fff5fbfed28, flagp=0x7fff5fbfd474, depth=5, stop_at_1=true, allow_multi_folds=false, silence_non_portable=false, strict=false, optimizable=true, ret_invlist=0x0, return_posix_warnings=0x0) at regcomp.c:16414 #5 0x00000001001a6ab9 in S_regatom (pRExC_state=0x7fff5fbfed28, flagp=0x7fff5fbfd474, depth=4) at regcomp.c:12960 #6 0x00000001001a0127 in S_regpiece (pRExC_state=0x7fff5fbfed28, flagp=0x7fff5fbfd564, depth=3) at regcomp.c:11731 #7 0x000000010017d586 in S_regbranch (pRExC_state=0x7fff5fbfed28, flagp=0x7fff5fbfe458, first=1, depth=2) at regcomp.c:11656 #8 0x0000000100158fab in S_reg (pRExC_state=0x7fff5fbfed28, paren=0, flagp=0x7fff5fbfefc4, depth=1) at regcomp.c:11394 #9 0x00000001001425bd in Perl_re_op_compile (patternp=0x0, pat_count=1, expr=0x10070b2b8, eng=0x1005f67d8, old_re=0x0, is_bare_re=0x0, orig_rx_flags=0, pm_flags=0) at regcomp.c:7377 #10 0x00000001000141c4 in Perl_pmruntime (o=0x10070b2f8, expr=0x10070b2b8, repl=0x0, flags=1, floor=0) at op.c:6904 #11 0x000000010012c520 in Perl_yyparse (gramtype=258) at perly.y:1215 #12 0x00000001000705b7 in S_parse_body (env=0x0, xsinit=0x10050b960 <xs_init>) at perl.c:2447 #13 0x000000010006d2e2 in perl_parse (my_perl=0x1007000e0, xsinit=0x10050b960 <xs_init>, argc=2, argv=0x7fff5fbffc30, env=0x0) at perl.c:1750 #14 0x000000010050b899 in main (argc=2, argv=0x7fff5fbffc30, env=0x7fff5fbffc48) at miniperlmain.c:127 -- Father Chrysostomos
RT-Send-CC: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 810b
On Sat, 09 Dec 2017 07:26:18 -0800, sprout wrote: Show quoted text
> When I compile miniperl with -de -Dusedevel -DDEBUGGING and nothing > more, I get the assertion failure:
$ ../perl.git-copy/Porting/bisect.pl -DDEBUGGING --target=miniperl --crash ./miniperl ~/Downloads/test012.pl ... There are only 'skip'ped commits left to test. The first bad commit could be any of: c6875f946df1255aa7617d8239504e8186077df9 d77eff5dad2005a73486250f392ba19252626fe0 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62 85bb8b90c60f216f831d25542414634aa17a32fc aea1585ca7b05ce6e4dab68540664e1e16bb3007 c33d640f4e90281f3ea730924872c98bd8a5a593 8725053bce5b3b283c5ad03fc646110acb2a1384 f8bb792490baca606d8fb4c7b62bd1c262173b97 f88b23d703fbfddd6a4558c86e56bfd96f4377a4 We cannot bisect more! bisect run cannot continue any more -- Father Chrysostomos
From: Karl Williamson <public [...] khwilliamson.com>
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
Date: Sat, 9 Dec 2017 12:33:09 -0700
CC: perl5-porters [...] perl.org
To: perlbug-followup [...] perl.org
On 12/09/2017 12:08 PM, Father Chrysostomos via RT wrote: Show quoted text
> On Sat, 09 Dec 2017 07:26:18 -0800, sprout wrote:
>> When I compile miniperl with -de -Dusedevel -DDEBUGGING and nothing >> more, I get the assertion failure:
> > $ ../perl.git-copy/Porting/bisect.pl -DDEBUGGING --target=miniperl --crash ./miniperl ~/Downloads/test012.pl > ... > There are only 'skip'ped commits left to test. > The first bad commit could be any of: > c6875f946df1255aa7617d8239504e8186077df9 > d77eff5dad2005a73486250f392ba19252626fe0 > 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62 > 85bb8b90c60f216f831d25542414634aa17a32fc > aea1585ca7b05ce6e4dab68540664e1e16bb3007 > c33d640f4e90281f3ea730924872c98bd8a5a593 > 8725053bce5b3b283c5ad03fc646110acb2a1384 > f8bb792490baca606d8fb4c7b62bd1c262173b97 > f88b23d703fbfddd6a4558c86e56bfd96f4377a4 > We cannot bisect more! > bisect run cannot continue any more >
Thanks, I've figured this out. Brian's testfile in the original email did not show a NUL as the property name, and its 6 bytes are all accounted for.
From: Zefram <zefram [...] fysh.org>
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
To: perl5-porters [...] perl.org
Date: Sat, 9 Dec 2017 20:25:43 +0000
Download (untitled) / with headers
text/plain 837b
Father Chrysostomos via RT wrote: Show quoted text
>$ perl -e 'print qq|/\\p{\0}/|'|./miniperl
Aha, I get the assertion failure too with that test case (still using gcc 4.9.2 and no funny compiler options). That's quite different from the test case that I saw in the mail at the start of this thread, which, in the form that was delivered to me, is a 6-byte file that does not have that nul character between the braces. (I checked for unprintable characters when originally attempting to reproduce it, and I checked again more deeply just now.) However, downloading the test case from rt.perl.org <https://rt.perl.org/Public/Ticket/Attachment/1514320/810864/test012.pl> gives me a 7-byte file that does have the nul. Clearly something has gone wrong in turning the RT ticket into mail, or in mail transmission somewhere between RT and me. -zefram
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
From: Zefram <zefram [...] fysh.org>
To: perl5-porters [...] perl.org
Date: Sat, 9 Dec 2017 20:41:31 +0000
Download (untitled) / with headers
text/plain 228b
Father Chrysostomos via RT wrote: Show quoted text
>There are only 'skip'ped commits left to test. >The first bad commit could be any of:
I didn't find a need to skip. The frist bad commit is 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62. -zefram
Subject: Re: [perl #132553] Assertion failure in Perl__core_swash_init (utf8.c:3840)
From: Zefram <zefram [...] fysh.org>
Date: Sat, 9 Dec 2017 20:47:50 +0000
To: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 550b
I wrote: Show quoted text
> However, downloading the test case from rt.perl.org ><https://rt.perl.org/Public/Ticket/Attachment/1514320/810864/test012.pl> >gives me a 7-byte file that does have the nul.
More data points: neither the nntp.perl.org nor code.activestate.com mailing list archives allow retrieval of the attachment, so it's (a) impossible to tell from them whether the nul reached the mailing list, and (b) generally impossible for anyone reading the archive to see an attached test case. Less useful than I'd hoped, on both counts. -zefram
RT-Send-CC: perl5-porters [...] perl.org
On Sat, 09 Dec 2017 12:48:02 -0800, zefram@fysh.org wrote: Show quoted text
> I wrote:
> > However, downloading the test case from rt.perl.org > ><https://rt.perl.org/Public/Ticket/Attachment/1514320/810864/test012.pl> > >gives me a 7-byte file that does have the nul.
> > More data points: neither the nntp.perl.org nor code.activestate.com > mailing list archives allow retrieval of the attachment, so it's (a) > impossible to tell from them whether the nul reached the mailing list, > and (b) generally impossible for anyone reading the archive to see an > attached test case. Less useful than I'd hoped, on both counts.
$ lwp-request -m GET -e nntp://nntp.perl.org/rt-4.0.24-26548-1512776606-1638.132553-75-0@perl.org | perl -MMIME::Parser -e 'my $p = new MIME::Parser; $p->output_under("/tmp"); $p->parse(\*STDIN); print $p->filer->output_dir' | xargs ls -l This gives me a 6-byte attachment. (But that ‘one’-liner only works with old, pre-6.0 versions of lwp-request. I just keep an old copy around.) -- Father Chrysostomos
Date: Tue, 26 Dec 2017 22:07:55 +0000
To: perlbug [...] perl.org
From: Pip Cet <pipcet [...] gmail.com>
Subject: m/\p{<NUL>}/ segfaults
Download (untitled) / with headers
text/plain 8.5k
This is a bug report for perl from pipcet@gmail.com, generated with the help of perlbug 1.41 running under perl 5.27.7. ----------------------------------------------------------------- [Please describe your issue here] There appear to be fuzzing-triggerable crashes in blead. One of them is: eval "m/\\p{\0}/"; which causes a segfault. (The eval isn't necessary, but I didn't want to include a literal nul character in this message). The gdb backtrace is: Thread 1 "perl" received signal SIGSEGV, Segmentation fault. Perl__core_swash_init (pkg=<optimized out>, name=<optimized out>, listsv=<optimized out>, minbits=<optimized out>, none=<optimized out>, invlist=<optimized out>, flags_p=<optimized out>) at utf8.c:4017 4017 && (int) _invlist_len(swash_invlist) > invlist_swash_boundary) (gdb) bt #0 Perl__core_swash_init (pkg=<optimized out>, name=<optimized out>, listsv=<optimized out>, minbits=<optimized out>, none=<optimized out>, invlist=<optimized out>, flags_p=<optimized out>) at utf8.c:4017 #1 0x0000000000782763 in S_regclass (pRExC_state=<optimized out>, flagp=<optimized out>, depth=<optimized out>, stop_at_1=<optimized out>, allow_multi_folds=<optimized out>, silence_non_portable=<optimized out>, strict=<optimized out>, optimizable=false, ret_invlist=<optimized out>, return_posix_warnings=<optimized out>) at regcomp.c:16414 #2 0x00000000007792aa in S_regatom (pRExC_state=<optimized out>, flagp=0x7fffffffdd9c, depth=<optimized out>) at regcomp.c:12960 #3 0x000000000076c70d in S_regpiece (pRExC_state=<optimized out>, flagp=<optimized out>, depth=<optimized out>) at regcomp.c:11731 #4 S_regbranch (pRExC_state=0x7fffffffe150, flagp=<optimized out>, first=<optimized out>, depth=<optimized out>) at regcomp.c:11656 #5 0x000000000073f8a6 in S_reg (pRExC_state=<optimized out>, paren=1, flagp=<optimized out>, depth=<optimized out>) at regcomp.c:11394 #6 0x000000000073614e in Perl_re_op_compile (patternp=<optimized out>, pat_count=<optimized out>, expr=<optimized out>, eng=<optimized out>, old_re=<optimized out>, is_bare_re=<optimized out>, orig_rx_flags=<optimized out>, pm_flags=<optimized out>) at regcomp.c:7377 #7 0x000000000064d0f6 in Perl_pmruntime (o=<optimized out>, expr=<optimized out>, repl=<optimized out>, flags=<optimized out>, floor=<optimized out>) at op.c:6910 #8 0x0000000000725640 in Perl_yyparse (gramtype=<optimized out>) at perly.y:1215 #9 0x00000000008a5c11 in S_doeval_compile (gimme=<optimized out>, outside=<optimized out>, seq=<optimized out>, hh=<optimized out>) at pp_ctl.c:3451 #10 0x00000000008a4cfb in Perl_pp_entereval () at pp_ctl.c:4427 #11 0x00000000007ed1f9 in Perl_runops_standard () at run.c:44 #12 0x0000000000696dc0 in S_run_body (oldscope=<optimized out>) at perl.c:2589 #13 perl_run (my_perl=<optimized out>) at perl.c:2518 #14 0x000000000040c256 in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at perlmain.c:126 But I don't immediately understand the code in utf8.c. Is no one running a fuzzer on blead as part of continuous testing? [Please do not change anything below this line] ----------------------------------------------------------------- --- Flags: category=core severity=medium --- Site configuration information for perl 5.27.7: Configured by pip at Fri Dec 22 19:24:17 UTC 2017. Summary of my perl5 (revision 5 version 27 subversion 7) configuration: Platform: osname=linux osvers=4.13.0-1-amd64 archname=x86_64-linux uname='linux 4.13.0-1-amd64 #1 smp debian 4.13.10-1 (2017-10-30) x86_64 gnulinux ' config_args='-d -Dusedevel' hint=previous useposix=true d_sigaction=define useithreads=undef usemultiplicity=undef use64bitint=define use64bitall=define uselongdouble=undef usemymalloc=n default_inc_excludes_dot=define bincompat5005=undef Compiler: cc='/home/pip/afl-2.52b/afl-clang-fast++' ccflags ='-std=c++11 -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -I/home/pip/git/sm-emacs/js/src/dist/include -g3 -ggdb -D_FORTIFY_SOURCE=2' optimize='-O2' cppflags='-fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -I/home/pip/git/sm-emacs/js/src/dist/include -g3 -ggdb -D_FORTIFY_SOURCE=2 -I/usr/local/include -std=c++11 -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -I/home/pip/git/sm-emacs/js/src/dist/include -g3 -ggdb -D_FORTIFY_SOURCE=2' ccversion='' gccversion='4.2.1 Compatible Clang 4.0.1 (tags/RELEASE_401/final)' gccosandvers='' intsize=4 longsize=8 ptrsize=8 doublesize=8 byteorder=12345678 doublekind=3 d_longlong=define longlongsize=8 d_longdbl=define longdblsize=16 longdblkind=3 ivtype='long' ivsize=8 nvtype='double' nvsize=8 Off_t='off_t' lseeksize=8 alignbytes=8 prototype=define Linker and Libraries: ld='ld' ldflags =' -fstack-protector-strong -L/usr/local/lib' libpth=/usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib /lib64 /usr/lib64 /usr/local/lib64 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0 /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/x86_64-pc-linux-gnu /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/../../../../include/c++/8.0.0/backward /usr/local/lib /usr/local/lib/gcc/x86_64-pc-linux-gnu/8.0.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib libs=-lpthread -pthread -lnsl -ldl -lm -lcrypt -lutil -lc -L/home/pip/git/sm-emacs/js/src/dist/bin -lmozjs-59a1 -Wl,--whole-archive /home/pip/git/sm-emacs/js/src/mozglue/build/libmozglue.a -Wl,--no-whole-archive perllibs=-lpthread -pthread -lnsl -ldl -lm -lcrypt -lutil -lc -L/home/pip/git/sm-emacs/js/src/dist/bin -lmozjs-59a1 -Wl,--whole-archive /home/pip/git/sm-emacs/js/src/mozglue/build/libmozglue.a -Wl,--no-whole-archive libc=libc-2.25.so so=so useshrplib=false libperl=libperl.a gnulibc_version='2.25' Dynamic Linking: dlsrc=dl_none.xs dlext=none d_dlsymun=undef ccdlflags='' cccdlflags='' lddlflags='' --- @INC for perl 5.27.7: lib /usr/local/lib/perl5/site_perl/5.27.7/x86_64-linux /usr/local/lib/perl5/site_perl/5.27.7 /usr/local/lib/perl5/5.27.7/x86_64-linux /usr/local/lib/perl5/5.27.7 --- Environment for perl 5.27.7: HOME=/home/pip LANG=en_US.UTF-8 LANGUAGE (unset) LD_LIBRARY_PATH=/home/pip/git/sm-emacs/js/src/dist/bin LOGDIR (unset) PATH=/home/pip/.cargo/bin:/home/pip/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/sbin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/sbin:/usr/sbin PERL_BADLANG (unset) SHELL=/bin/bash
From: Karl Williamson <public [...] khwilliamson.com>
Subject: Re: [perl #132658] m/\p{<NUL>}/ segfaults
Date: Tue, 26 Dec 2017 17:17:27 -0700
To: perl5-porters [...] perl.org
Download (untitled) / with headers
text/plain 798b
On 12/26/2017 03:08 PM, Pip Cet (via RT) wrote: Show quoted text
> # New Ticket Created by Pip Cet > # Please include the string: [perl #132658] > # in the subject line of all future correspondence about this issue. > # <URL: https://rt.perl.org/Ticket/Display.html?id=132658 > > > > This is a bug report for perl from pipcet@gmail.com, > generated with the help of perlbug 1.41 running under perl 5.27.7. > > > ----------------------------------------------------------------- > [Please describe your issue here] > > There appear to be fuzzing-triggerable crashes in blead. One of them is: > > eval "m/\\p{\0}/"; > > which causes a segfault. (The eval isn't necessary, but I didn't want > to include a literal nul character in this message). >
This is a duplicate of #132553, but thanks for your report


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org