Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Assertion Failure: pp_ctl.c:5140: MAGIC *S_doparseform(SV *) #15564

Closed
p5pRT opened this issue Aug 29, 2016 · 8 comments
Closed

Assertion Failure: pp_ctl.c:5140: MAGIC *S_doparseform(SV *) #15564

p5pRT opened this issue Aug 29, 2016 · 8 comments

Comments

@p5pRT
Copy link

p5pRT commented Aug 29, 2016

Migrated from rt.perl.org#129119 (status was 'resolved')

Searchable as RT129119$

@p5pRT
Copy link
Author

p5pRT commented Aug 29, 2016

From @geeknik

Perl v5.25.4-20-gc2f7c0b* and the attached script trigger this assertion failure. Minimizing the script with afl-tmin caused the assertion to go away.

perl​: pp_ctl.c​:5140​: MAGIC *S_doparseform(SV *)​: Assertion `!((((_svpvx)->sv_flags & (0x00004000|0x00008000)) == 0x00008000) && (((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVGV || ((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVLV))' failed.

@p5pRT
Copy link
Author

p5pRT commented Aug 29, 2016

From @geeknik

assert61.gz

@p5pRT
Copy link
Author

p5pRT commented Aug 29, 2016

From @dcollinsn

On Sun Aug 28 18​:21​:51 2016, brian.carpenter@​gmail.com wrote​:

Perl v5.25.4-20-gc2f7c0b* and the attached script trigger this
assertion failure. Minimizing the script with afl-tmin caused the
assertion to go away.

perl​: pp_ctl.c​:5140​: MAGIC *S_doparseform(SV *)​: Assertion
`!((((_svpvx)->sv_flags & (0x00004000|0x00008000)) == 0x00008000) &&
(((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVGV ||
((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVLV))' failed.

Minimized by hand to​:

./perl -e 'print "map{formline*0}<DATA>__END__\n\n0"' | ./perl -Ilib

No valgrind errors, backtrace below​:

(gdb) run
Starting program​: /home/dcollins/toolchain/perl/perl -Ilib assert61min
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
perl​: pp_ctl.c​:5140​: S_doparseform​: Assertion `!isGV_with_GP(_svpvx)' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff6cf31c8 in __GI_raise (sig=sig@​entry=6) at ../sysdeps/unix/sysv/linux/raise.c​:54
54 ../sysdeps/unix/sysv/linux/raise.c​: No such file or directory.
(gdb) bt
#0 0x00007ffff6cf31c8 in __GI_raise (sig=sig@​entry=6) at ../sysdeps/unix/sysv/linux/raise.c​:54
#1 0x00007ffff6cf464a in __GI_abort () at abort.c​:89
#2 0x00007ffff6cec107 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@​entry=0x602f1e "!isGV_with_GP(_svpvx)", file=file@​entry=0x67e154 "pp_ctl.c", line=line@​entry=5140,
  function=function@​entry=0x67f268 <__PRETTY_FUNCTION__.17530> "S_doparseform") at assert.c​:92
#3 0x00007ffff6cec1b2 in __GI___assert_fail (assertion=assertion@​entry=0x602f1e "!isGV_with_GP(_svpvx)", file=file@​entry=0x67e154 "pp_ctl.c", line=line@​entry=5140,
  function=function@​entry=0x67f268 <__PRETTY_FUNCTION__.17530> "S_doparseform") at assert.c​:101
#4 0x0000000000577718 in S_doparseform (sv=0x8e7848) at pp_ctl.c​:5140
#5 Perl_pp_formline () at pp_ctl.c​:494
#6 0x00000000004d7792 in Perl_runops_debug () at dump.c​:2234
#7 0x0000000000451f13 in S_run_body (oldscope=1) at perl.c​:2525
#8 perl_run (my_perl=<optimized out>) at perl.c​:2448
#9 0x0000000000420805 in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at perlmain.c​:123
(gdb) f 4
#4 0x0000000000577718 in S_doparseform (sv=0x8e7848) at pp_ctl.c​:5140
5140 && strnEQ(SvPVX(old), SvPVX(sv), len)
(gdb) l
5135 if (mg) {
5136 /* still the same as previously-compiled string? */
5137 SV *old = mg->mg_obj;
5138 if ( !(!!SvUTF8(old) ^ !!SvUTF8(sv))
5139 && len == SvCUR(old)
5140 && strnEQ(SvPVX(old), SvPVX(sv), len)
5141 ) {
5142 DEBUG_f(PerlIO_printf(Perl_debug_log,"Re-using compiled format\n"));
5143 return mg;
5144 }
(gdb) info locals
_svpvx = 0x8e7848
old = 0x8e73b0
len = 8
send = <optimized out>
skipspaces = 0
fops = <optimized out>
fpc = <optimized out>
ischop = <optimized out>
sv_copy = <optimized out>
base = 0x0
postspace = false
arg = <optimized out>
s = 0x8e1280 "*main​::0"
noblank = false
unchopnum = false
maxops = 12
mg = 0x8e07f0
repeat = false
linepc = 0x0
(gdb) p *old
$1 = {sv_any = 0x8d3e70, sv_refcnt = 1, sv_flags = 17411, sv_u = {svu_pv = 0x8ef6b0 "*main​::0", svu_iv = 9369264, svu_uv = 9369264, svu_nv = 4.629031469217141e-317, svu_rv = 0x8ef6b0,
  svu_rx = 0x8ef6b0, svu_array = 0x8ef6b0, svu_hash = 0x8ef6b0, svu_gp = 0x8ef6b0, svu_fp = 0x8ef6b0}}
(gdb) p *sv
$2 = {sv_any = 0x8ea060, sv_refcnt = 2, sv_flags = 4227081, sv_u = {svu_pv = 0x8e7ed0 "`x\216", svu_iv = 9338576, svu_uv = 9338576, svu_nv = 4.6138695826775648e-317, svu_rv = 0x8e7ed0,
  svu_rx = 0x8e7ed0, svu_array = 0x8e7ed0, svu_hash = 0x8e7ed0, svu_gp = 0x8e7ed0, svu_fp = 0x8e7ed0}}
(gdb)

--
Respectfully,
Dan Collins

@p5pRT
Copy link
Author

p5pRT commented Aug 29, 2016

From [Unknown Contact. See original ticket]

On Sun Aug 28 18​:21​:51 2016, brian.carpenter@​gmail.com wrote​:

Perl v5.25.4-20-gc2f7c0b* and the attached script trigger this
assertion failure. Minimizing the script with afl-tmin caused the
assertion to go away.

perl​: pp_ctl.c​:5140​: MAGIC *S_doparseform(SV *)​: Assertion
`!((((_svpvx)->sv_flags & (0x00004000|0x00008000)) == 0x00008000) &&
(((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVGV ||
((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVLV))' failed.

Minimized by hand to​:

./perl -e 'print "map{formline*0}<DATA>__END__\n\n0"' | ./perl -Ilib

No valgrind errors, backtrace below​:

(gdb) run
Starting program​: /home/dcollins/toolchain/perl/perl -Ilib assert61min
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
perl​: pp_ctl.c​:5140​: S_doparseform​: Assertion `!isGV_with_GP(_svpvx)' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff6cf31c8 in __GI_raise (sig=sig@​entry=6) at ../sysdeps/unix/sysv/linux/raise.c​:54
54 ../sysdeps/unix/sysv/linux/raise.c​: No such file or directory.
(gdb) bt
#0 0x00007ffff6cf31c8 in __GI_raise (sig=sig@​entry=6) at ../sysdeps/unix/sysv/linux/raise.c​:54
#1 0x00007ffff6cf464a in __GI_abort () at abort.c​:89
#2 0x00007ffff6cec107 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@​entry=0x602f1e "!isGV_with_GP(_svpvx)", file=file@​entry=0x67e154 "pp_ctl.c", line=line@​entry=5140,
  function=function@​entry=0x67f268 <__PRETTY_FUNCTION__.17530> "S_doparseform") at assert.c​:92
#3 0x00007ffff6cec1b2 in __GI___assert_fail (assertion=assertion@​entry=0x602f1e "!isGV_with_GP(_svpvx)", file=file@​entry=0x67e154 "pp_ctl.c", line=line@​entry=5140,
  function=function@​entry=0x67f268 <__PRETTY_FUNCTION__.17530> "S_doparseform") at assert.c​:101
#4 0x0000000000577718 in S_doparseform (sv=0x8e7848) at pp_ctl.c​:5140
#5 Perl_pp_formline () at pp_ctl.c​:494
#6 0x00000000004d7792 in Perl_runops_debug () at dump.c​:2234
#7 0x0000000000451f13 in S_run_body (oldscope=1) at perl.c​:2525
#8 perl_run (my_perl=<optimized out>) at perl.c​:2448
#9 0x0000000000420805 in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at perlmain.c​:123
(gdb) f 4
#4 0x0000000000577718 in S_doparseform (sv=0x8e7848) at pp_ctl.c​:5140
5140 && strnEQ(SvPVX(old), SvPVX(sv), len)
(gdb) l
5135 if (mg) {
5136 /* still the same as previously-compiled string? */
5137 SV *old = mg->mg_obj;
5138 if ( !(!!SvUTF8(old) ^ !!SvUTF8(sv))
5139 && len == SvCUR(old)
5140 && strnEQ(SvPVX(old), SvPVX(sv), len)
5141 ) {
5142 DEBUG_f(PerlIO_printf(Perl_debug_log,"Re-using compiled format\n"));
5143 return mg;
5144 }
(gdb) info locals
_svpvx = 0x8e7848
old = 0x8e73b0
len = 8
send = <optimized out>
skipspaces = 0
fops = <optimized out>
fpc = <optimized out>
ischop = <optimized out>
sv_copy = <optimized out>
base = 0x0
postspace = false
arg = <optimized out>
s = 0x8e1280 "*main​::0"
noblank = false
unchopnum = false
maxops = 12
mg = 0x8e07f0
repeat = false
linepc = 0x0
(gdb) p *old
$1 = {sv_any = 0x8d3e70, sv_refcnt = 1, sv_flags = 17411, sv_u = {svu_pv = 0x8ef6b0 "*main​::0", svu_iv = 9369264, svu_uv = 9369264, svu_nv = 4.629031469217141e-317, svu_rv = 0x8ef6b0,
  svu_rx = 0x8ef6b0, svu_array = 0x8ef6b0, svu_hash = 0x8ef6b0, svu_gp = 0x8ef6b0, svu_fp = 0x8ef6b0}}
(gdb) p *sv
$2 = {sv_any = 0x8ea060, sv_refcnt = 2, sv_flags = 4227081, sv_u = {svu_pv = 0x8e7ed0 "`x\216", svu_iv = 9338576, svu_uv = 9338576, svu_nv = 4.6138695826775648e-317, svu_rv = 0x8e7ed0,
  svu_rx = 0x8e7ed0, svu_array = 0x8e7ed0, svu_hash = 0x8e7ed0, svu_gp = 0x8e7ed0, svu_fp = 0x8e7ed0}}
(gdb)

--
Respectfully,
Dan Collins

@p5pRT
Copy link
Author

p5pRT commented Sep 7, 2016

From @cpansprout

On Sun Aug 28 20​:39​:54 2016, dcollinsn@​gmail.com wrote​:

On Sun Aug 28 18​:21​:51 2016, brian.carpenter@​gmail.com wrote​:

Perl v5.25.4-20-gc2f7c0b* and the attached script trigger this
assertion failure. Minimizing the script with afl-tmin caused the
assertion to go away.

perl​: pp_ctl.c​:5140​: MAGIC *S_doparseform(SV *)​: Assertion
`!((((_svpvx)->sv_flags & (0x00004000|0x00008000)) == 0x00008000) &&
(((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVGV ||
((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVLV))' failed.

Minimized by hand to​:

./perl -e 'print "map{formline*0}<DATA>__END__\n\n0"' | ./perl -Ilib

$ ./miniperl -e 'formline *0 for "", 0'
Assertion failed​: (!isGV_with_GP(_svpvx)), function S_doparseform, file pp_ctl.c, line 5140.
Abort trap​: 6

--

Father Chrysostomos

@p5pRT
Copy link
Author

p5pRT commented Sep 7, 2016

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Author

p5pRT commented Mar 29, 2017

From @iabyn

On Wed, Sep 07, 2016 at 12​:54​:02PM -0700, Father Chrysostomos via RT wrote​:

On Sun Aug 28 20​:39​:54 2016, dcollinsn@​gmail.com wrote​:

On Sun Aug 28 18​:21​:51 2016, brian.carpenter@​gmail.com wrote​:

Perl v5.25.4-20-gc2f7c0b* and the attached script trigger this
assertion failure. Minimizing the script with afl-tmin caused the
assertion to go away.

perl​: pp_ctl.c​:5140​: MAGIC *S_doparseform(SV *)​: Assertion
`!((((_svpvx)->sv_flags & (0x00004000|0x00008000)) == 0x00008000) &&
(((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVGV ||
((svtype)((_svpvx)->sv_flags & 0xff)) == SVt_PVLV))' failed.

Minimized by hand to​:

./perl -e 'print "map{formline*0}<DATA>__END__\n\n0"' | ./perl -Ilib

$ ./miniperl -e 'formline *0 for "", 0'
Assertion failed​: (!isGV_with_GP(_svpvx)), function S_doparseform, file pp_ctl.c, line 5140.
Abort trap​: 6

Fixed by the following; closing

Author​: Tony Cook <tony@​develop-help.com>
Date​: Tue Feb 7 16​:14​:53 2017 +1100

  (perl #130722) don't call SvPVX() on a glob
 
  S_doparseform() called SvPVX() on the format argument, which
  produced an assertion failure when the format was supplied as a
  glob.
 
  Since S_doparseform() calls SvPV() initially and stores the result,
  just use that result.

--
Counsellor Troi states something other than the blindingly obvious.
  -- Things That Never Happen in "Star Trek" #16

@p5pRT p5pRT closed this as completed Mar 29, 2017
@p5pRT
Copy link
Author

p5pRT commented Mar 29, 2017

@iabyn - Status changed from 'open' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant