Infinite recursion (+segfault) on die() after goto-ing out of __DIE__ handler #14527
Comments
From @fbriereCreated by @fbriereA full description would probably be longer than this code snippet: $ perl -w $SIG{__DIE__} = \&bar; Segfault aside, I did not expect the die() in foo() to trigger the __DIE__ Perl Info |
From @rurbanThis SEGV with a nested die handler doesn't seem severity low to me. |
|
The RT System itself - Status changed from 'new' to 'open' |
From @ilmari"Reini Urban via RT" <perlbug-followup@perl.org> writes:
You appear to be looking at an outdated copy of the perl source, it was http://perl5.git.perl.org/perl.git/commitdiff/46b27d2f2c37f40dde845f9b4743975c69f2cc27 If you think it should be backported to maint-5.22, feel free to suggest -- |
From @rurbanDie handler testcases added in the attached patch. do not apply, fix it first. -- |
From @rurban0001-die-handler-with-goto-perl-123878.patchFrom 4068db3cd8e813c8f923b9ab18c21920814b4c73 Mon Sep 17 00:00:00 2001
From: Reini Urban <rurban@cpanel.net>
Date: Wed, 12 Aug 2015 15:26:41 +0200
Subject: [PATCH] die handler with goto [perl #123878]
add testcases for the documented die handler exceptions:
... unless the hook routine itself exits via a "goto &sub",
a loop exit, or a "die()". The "__DIE__" handler is
explicitly disabled during the call, so that you can
die from a "__DIE__" handler.
---
MANIFEST | 1 +
t/op/die_goto.t | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
create mode 100644 t/op/die_goto.t
diff --git MANIFEST MANIFEST
index faaa775..0edc27b 100644
--- MANIFEST
+++ MANIFEST
@@ -5198,6 +5198,7 @@ t/op/defins.t See if auto-insert of defined() works
t/op/delete.t See if delete works
t/op/die_except.t See if die/eval avoids $@ clobberage
t/op/die_exit.t See if die and exit status interaction works
+t/op/die_goto.t See if a die handler is disabled during goto
t/op/die_keeperr.t See if G_KEEPERR works for destructors
t/op/die.t See if die works
t/op/die_unwind.t Check die/eval early-$@ backcompat hack
diff --git t/op/die_goto.t t/op/die_goto.t
new file mode 100644
index 0000000..b9c2d04
--- /dev/null
+++ t/op/die_goto.t
@@ -0,0 +1,52 @@
+#!./perl -w
+# This test checks for RT #123878, keeping the die handler still
+# disabled into goto'd function. And the other documented
+# exceptions to enable dying from a die handler.
+
+print "1..4\n";
+
+eval {
+ sub f1 { die "ok 1\n" }
+ $SIG{__DIE__} = \&f1;
+ die;
+};
+print $@;
+
+eval {
+ sub loopexit { for (0..2) { next if $_ } }
+ $SIG{__DIE__} = \&loopexit;
+ die "ok 2\n";
+};
+print $@;
+
+eval {
+ sub foo1 { die "ok 3\n" }
+ sub bar1 { foo1() }
+ $SIG{__DIE__} = \&bar1;
+ die;
+};
+print $@;
+
+eval {
+ sub foo2 { die "ok 4\n" }
+ sub bar2 { goto &foo2 }
+ $SIG{__DIE__} = \&bar2;
+ die;
+};
+print $@;
+
+# Deep recursion on subroutine "main::foo".
+# SEGV
+
+# Segfault aside, I did not expect the die() in foo() to trigger the __DIE__
+# handler; according to perlvar(1), the handler "is explicitly disabled *during*
+# the call", from which we haven't returned yet (even though we have technically
+# left the subroutine).
+
+# perlvar %SIG
+# When a "__DIE__" hook routine returns, the exception processing
+# continues as it would have in the absence of the hook,
+# unless the hook routine itself exits via a "goto &sub",
+# a loop exit, or a "die()". The "__DIE__" handler is
+# explicitly disabled during the call, so that you can
+# die from a "__DIE__" handler.
--
2.4.5
|
From @rurbanOn Aug 12, 2015, at 3:10 PM, Dagfinn Ilmari Mannsåker <ilmari@ilmari.org> wrote:
I only merge blead monthly so I missed that. Good that it is in finally.
Sure it must. |
From @rjbs* Reini Urban <reini.urban@gmail.com> [2015-08-15T17:15:28]
Filing a ticket (or somewhat less reliably, sending a normal p5p mail) to get -- |
From @steve-m-hayOn Sat Aug 15 14:36:13 2015, perl.p5p@rjbs.manxome.org wrote:
Thanks. It's now in the voting file for maint-5.22, which I've just started working on: http://perl5.git.perl.org/perl.git/blob/a5e72c3582fa6693395860fcaf2d1124e146a43e:/votes-5.22.xml#l83 (I've also listed #123878 in the hope that it can be fixed in time, but there is no fix to backport yet.) |
Migrated from rt.perl.org#123878 (status was 'open')
Searchable as RT123878$
The text was updated successfully, but these errors were encountered: