From cygwin@cygwin.com

This is a bug report for perl from cygwin@​cygwin.com,
generated with the help of perlbug 1.39 running under perl 5.13.10.

op/magic.t panics at test 7 since 5.13.9, threaded and not threaded.
Looks like cygwin is not SIGINT-save anymore.

$ perl5.13.9d-nt.exe -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm =
PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'

panic​: corrupt saved stack index at -e line 1.

$ perl5.13.8d -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm = PVBM; sub
foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'

$ perl5.12.2 -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm = PVBM; sub
foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'

$ perl5.13.10d -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm = PVBM; sub
foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'
panic​: corrupt saved stack index at -e line 1.

$ perl5.13.10d-nt -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm = PVBM;
sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'
panic​: corrupt saved stack index at -e line 1.

gdb debugging fails for me so far. No backtrace, just errorcode 011.
Stepping through also fails, I'll need to build a static libperl first.

Flags​:
  category=core
  severity=medium

This perlbug was built using Perl 5.10.1 - Sat Aug 28 20​:14​:06 CEST 2010
It is being executed now by Perl 5.13.10 - Sun Feb 27 01​:44​:09 CET 2011.

Site configuration information for perl 5.13.10​:

Configured by rurban at Sun Feb 27 01​:44​:09 CET 2011.

Summary of my perl5 (revision 5 version 13 subversion 10) configuration​:
 
  Platform​:
  osname=cygwin, osvers=1.7.8s(0.23653), archname=cygwin-thread-multi-64int
  uname='cygwin_nt-5.1 reini 1.7.8s(0.23653) 20110215 17​:49​:59 i686 cygwin '
  config_args='-de -Dlibperl=cygperl5_13_10d.dll -Dcc=gcc-4 -Dld=g++-4 -Accflags=-march=pentium4 -Accflags=-mfpmath=sse -Accflags=-mieee-fp -Accflags=-mmmx -Accflags=-msse -Accflags=-msse2 -Dmksymlinks -Dusethreads -Dmad=y -Dusedevel -Dstatic_ext=Cwd -DDEBUGGING -Doptimize=-g3'
  hint=recommended, useposix=true, d_sigaction=define
  useithreads=define, usemultiplicity=define
  useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
  use64bitint=define, use64bitall=undef, uselongdouble=undef
  usemymalloc=y, bincompat5005=undef
  Compiler​:
  cc='gcc-4', ccflags ='-DPERL_USE_SAFE_PUTENV -U__STRICT_ANSI__ -march=pentium4 -mfpmath=sse -mieee-fp -mmmx -msse -msse2 -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
  optimize='-g3',
  cppflags='-DPERL_USE_SAFE_PUTENV -U__STRICT_ANSI__ -march=pentium4 -mfpmath=sse -mieee-fp -mmmx -msse -msse2 -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
  ccversion='', gccversion='4.3.4 20090804 (release) 1', gccosandvers=''
  intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=12345678
  d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
  ivtype='long long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
  alignbytes=8, prototype=define
  Linker and Libraries​:
  ld='g++-4', ldflags =' -Wl,--enable-auto-import -Wl,--export-all-symbols -Wl,--enable-auto-image-base -fstack-protector -L/usr/local/lib'
  libpth=/usr/local/lib /usr/lib /lib
  libs=-lgdbm -ldb -ldl -lcrypt -lgdbm_compat
  perllibs=-ldl -lcrypt
  libc=/usr/lib/libc.a, so=dll, useshrplib=true, libperl=cygperl5_13_10d.dll
  gnulibc_version=''
  Dynamic Linking​:
  dlsrc=dl_dlopen.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
  cccdlflags=' ', lddlflags=' --shared -Wl,--enable-auto-import -Wl,--export-all-symbols -Wl,--enable-auto-image-base -L/usr/local/lib -fstack-protector'

Locally applied patches​:
  CYG11 no-bs
  CYG12 no archlib in otherlibdirs
  CYG14 Dynaloader
  CYG15 static-Win32CORE
  CYG17 utf8-paths
  CYG21 LibList-Kid.patch
  CYG22 cygwin-1.7 hints
  CYG23 544-stat
  CYG24 build man pages
  CYG25 rebase_privlib
  Module-Build-0.36_13
  Bug#55162 CYG18 File​::Spec​::case_tolerant performance
  disable ExtUtils​::MakeMaker​::Coverage in Sys-Syslog

@​INC for perl 5.13.10​:
  /usr/lib/perl5/site_perl/5.13.10/i686-debug-cygwin
  /usr/lib/perl5/site_perl/5.13.10
  /usr/lib/perl5/vendor_perl/5.13.10/i686-debug-cygwin
  /usr/lib/perl5/vendor_perl/5.13.10
  /usr/lib/perl5/5.13.10/i686-debug-cygwin
  /usr/lib/perl5/5.13.10
  /usr/lib/perl5/site_perl
  /usr/lib/perl5/vendor_perl
  /usr/lib/perl5/site_perl/5.13.9
  /usr/lib/perl5/site_perl/5.13.8
  /usr/lib/perl5/site_perl/5.13.7
  /usr/lib/perl5/site_perl/5.13.6
  /usr/lib/perl5/site_perl/5.13.5
  /usr/lib/perl5/site_perl/5.12
  /usr/lib/perl5/site_perl/5.10
  /usr/lib/perl5/vendor_perl/5.10
  /usr/lib/perl5/site_perl/5.8
  .

Environment for perl 5.13.10​:
  HOME=/home/rurban
  LANG=C.UTF-8
  LANGUAGE (unset)
  LD_LIBRARY_PATH (unset)
  LOGDIR (unset)
  PATH=~/bin​:/usr/bin​:/usr/sbin​:/usr/local/sbin​:/usr/local/bin​:/usr/bin​:/bin​:/usr/X11R6/bin​:/cygdrive/c/Programme/PC Connectivity Solution​:/cygdrive/c/WINDOWS/system32​:/cygdrive/c/WINDOWS​:/usr/bin​:/cyg1/bin​:/cyg1/usr/local/bin​:/cygdrive/c/WINDOWS/System32/Wbem​:/cygdrive/c/Programme/ATI Technologies/ATI.ACE/Core-Static​:/cygdrive/c/Programme/Gemeinsame Dateien/Ulead Systems/MPEG​:/cygdrive/u​:/cygdrive/c/Programme/Perforce​:/cygdrive/c/Programme/QuickTime/QTSystem​:/usr/lib/lapack
  PERL_BADLANG (unset)
  SHELL (unset)

From @rurban

with -DvlstuXA

(3364​:-e​:1) const(IV(0))

STACK 0​: MAIN
  CX 0​: BLOCK => * PV("INT"\0) IV(3364)
STACK 1​: SIGNAL
  CX 0​: EVAL =>
  retop=(null)
  CX 1​: SUB => IV(0)
  retop=(null)

(3364​:-e​:1) exit
(3364​:-e​:1) CX 1 UNWIND SUB (scope 7,7) at pp_ctl.c​:1621
(3364​:-e​:1) CX 0 UNWIND EVAL (scope 7,6) at pp_ctl.c​:1621
(3364​:-e​:1) pop STACKINFO 1 at perl.c​:4858
(3364​:-e​:1) CX 0 UNWIND BLOCK (scope 7,2) at pp_ctl.c​:1621
(3364​:-e​:1) savestack​: releasing items 30 -> 0
Pad 0x1a73e20[0x1a91d88] clearsv​: 3 sv=0x1ae6800<1> clear
(3364​:-e​:1) JUMPENV_JUMP(2) level=2 at perl.c​:4862
(3364​:-e​:1) JUMPENV_POP level=2 at perl.c​:2657
(3364​:-e​:1) JUMPENV_JUMP(2) level=1 at perl.c​:4862
(3364​:-e​:1) LEAVE scope 7 (savestack=0) at perl.c​:2269
(3364​:-e​:1) LEAVE scope 6 (savestack=0) at perl.c​:2269
(3364​:-e​:1) LEAVE scope 5 (savestack=0) at perl.c​:2269
(3364​:-e​:1) LEAVE scope 4 (savestack=0) at perl.c​:2269
panic​: corrupt saved stack index at -e line 1.
(3364​:-e​:1) JUMPENV_JUMP(2) level=1 at perl.c​:4862
(3364​:-e​:1) LEAVE scope 3 (savestack=0) at perl.c​:2269
(3364​:-e​:1) LEAVE scope 2 (savestack=0) at perl.c​:2269
(3364​:-e​:1) JUMPENV_POP level=1 at perl.c​:2294
(3364​:-e​:1) JUMPENV_PUSH level=1 at perl.c​:562
(3364​:-e​:1) JUMPENV_POP level=1 at perl.c​:568
(3364​:-e​:1) LEAVE scope 1 (savestack=0) at perl.c​:570

--
Reini Urban

From @nwc10

On Tue Mar 01 08​:38​:42 2011, cygwin@​cygwin.com wrote​:

Looks like cygwin is not SIGINT-save anymore.

$ perl5.13.9d-nt.exe -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm

PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep

valgrind shows errors on linux​:

$ valgrind ./perl -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm =
PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep 1;'
==28913== Memcheck, a memory error detector.
==28913== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==28913== Using LibVEX rev 1854, a library for dynamic binary translation.
==28913== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==28913== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation
framework.
==28913== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==28913== For more details, rerun with​: -v
==28913==
==28913== Conditional jump or move depends on uninitialised value(s)
==28913== at 0x4D0935​: Perl_pop_scope (in /home/nick/Perl/perl3/perl)
==28913== by 0x433C68​: perl_run (in /home/nick/Perl/perl3/perl)
==28913== by 0x41C8AB​: main (in /home/nick/Perl/perl3/perl)
==28913== Warning​: bad signal number 0 in sigaction()
==28913==
==28913== ERROR SUMMARY​: 1 errors from 1 contexts (suppressed​: 8 from 1)
==28913== malloc/free​: in use at exit​: 164,079 bytes in 799 blocks.
==28913== malloc/free​: 987 allocs, 188 frees, 185,575 bytes allocated.
==28913== For counts of detected errors, rerun with​: -v
==28913== searching for pointers to 799 not-freed blocks.
==28913== checked 359,512 bytes.
==28913==
==28913== LEAK SUMMARY​:
==28913== definitely lost​: 164,079 bytes in 799 blocks.
==28913== possibly lost​: 0 bytes in 0 blocks.
==28913== still reachable​: 0 bytes in 0 blocks.
==28913== suppressed​: 0 bytes in 0 blocks.
==28913== Rerun with --leak-check=full to see details of leaked memory.

git bisect shows them to start at this commit​:

commit 7fe50b8
Author​: Leon Timmermans <fawaka@​gmail.com>
Date​: Tue Jan 18 16​:40​:07 2011 +0100

  Also unblock signal handlers throwing an exception
 
  Also handle and test the edge case of a signal handler throwing an
  exception

http​://perl5.git.perl.org/perl.git/commit/7fe50b8b8a4dc38fc341e3b403545aaca937f50e

[that doesn't have line numbers. With line numbers, I know that it's the
LEAVE_SCOPE macro in this​:

void
Perl_pop_scope(pTHX)
{
  dVAR;
  const I32 oldsave = PL_scopestack[--PL_scopestack_ix];
  LEAVE_SCOPE(oldsave);
}

]

I don't have any insight as to *why*

Nicholas Clark

The RT System itself - Status changed from 'new' to 'open'

From @greerga

On Tue, 1 Mar 2011, Nicholas Clark via RT wrote​:

On Tue Mar 01 08​:38​:42 2011, cygwin@​cygwin.com wrote​:

Looks like cygwin is not SIGINT-save anymore.

$ perl5.13.9d-nt.exe -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm

PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep

valgrind shows errors on linux​:

Happens under PERL_POISON too​:

- - - 8< - - - 8< - - -
O O O O O O
F F F F F F -Accflags=-DPERL_POISON
O O O O O O -Duse64bitint
O O O O O O -Duselongdouble
O O O O O O -Dusemorebits
O O O O O F -Dmad
O O O O O O -Duseithreads
F F F F F F -Duseithreads -Accflags=-DPERL_POISON
O O O O O O -Duseithreads -Duse64bitint
O O O X O O -Duseithreads -Duselongdouble
O O O O O O -Duseithreads -Dusemorebits
O O O O O O -Duseithreads -Dmad
| | | | | +- LC_ALL = en_US.utf8 -DDEBUGGING
| | | | +--- PERLIO = perlio -DDEBUGGING
| | | +----- PERLIO = stdio -DDEBUGGING
| | +------- LC_ALL = en_US.utf8
| +--------- PERLIO = perlio
+----------- PERLIO = stdio

Failures​: (common-args) -A -Dcc=clang append​:ccflags="
-fno-stack-protector"
[stdio/perlio/en_US.utf8] -Accflags=-DPERL_POISON
[stdio/perlio/en_US.utf8] -DDEBUGGING -Accflags=-DPERL_POISON
[stdio/perlio/en_US.utf8] -Duseithreads -Accflags=-DPERL_POISON
[stdio/perlio/en_US.utf8] -DDEBUGGING -Duseithreads -Accflags=-DPERL_POISON
  ../t/op/magic.t.............................................FAILED
  7
- - - 8< - - - 8< - - -

I don't have my Linux smoker Cc​:'d to p5p at the moment so they're only on
daily-build-reports.

--
George Greer

From @iabyn

On Wed, Mar 02, 2011 at 01​:09​:59AM -0500, George Greer wrote​:

On Tue, 1 Mar 2011, Nicholas Clark via RT wrote​:

On Tue Mar 01 08​:38​:42 2011, cygwin@​cygwin.com wrote​:

Looks like cygwin is not SIGINT-save anymore.

$ perl5.13.9d-nt.exe -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm

PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep

valgrind shows errors on linux​:

Happens under PERL_POISON too​:

Fixed, then improved, with the following two commits

commit 9a7f166
Author​: David Mitchell <davem@​iabyn.com>
AuthorDate​: Sat Mar 19 21​:29​:16 2011 +0000
Commit​: David Mitchell <davem@​iabyn.com>
CommitDate​: Sat Mar 19 22​:03​:40 2011 +0000

  In signal handler, don't inc stack pointers
 
  In Perl_sighandler, we currently increment PL_markstack_ptr and
  PL_scopestack_ix.
 
  This was added back in 1997 in the era of unsafe signals, to make them
  slightly less unsafe. The idea presumably was to stop signal handlers
  inadvertently corrupting the top element of each stack. However, given that
  the normal method of pushing something onto those stacks is to increment
  the pointer before pushing the value, I don't see how that can happen.
 
  The downside of this is that an uninitialised or stale value can be left
  in the 'hole' left on these stacks. When exiting from a signal handler via
  exit(), these holes can be read and corruption occur, while stack
  unwinding is taking place. The ordering of things means we can't use
  SAVEDESTRUCTOR_X to undo the damage.
 
  This commit leaves the 'PL_savestack_ix += 5', because in this case, with
  unsafe signals, it *is* possible to interrupt halfway through a new set of
  save data being pushed onto the stack, and it *is* possible for this to be
  undone via SAVEDESTRUCTOR_X. (But it's still unsafe and half-baked.)

commit a0d63a7
Author​: David Mitchell <davem@​iabyn.com>
AuthorDate​: Sat Mar 19 21​:49​:34 2011 +0000
Commit​: David Mitchell <davem@​iabyn.com>
CommitDate​: Sat Mar 19 22​:03​:40 2011 +0000

  Perl_sighandler​: only inc SS_ix for unsafe signals
 
  Perl_sighandler currently increments the savestack by 5
  before running a signal handler, to avoid messing with a
  partially completed SS push operation that's been interrupted.
 
  This is irrelevant for safe signals, so make this action conditional on
  unsafe signals only.

--
I don't want to achieve immortality through my work...
I want to achieve it through not dying.
  -- Woody Allen

@iabyn - Status changed from 'open' to 'resolved'

From @nwc10

On Sat, Mar 19, 2011 at 10​:07​:19PM +0000, Dave Mitchell wrote​:

On Wed, Mar 02, 2011 at 01​:09​:59AM -0500, George Greer wrote​:

On Tue, 1 Mar 2011, Nicholas Clark via RT wrote​:

On Tue Mar 01 08​:38​:42 2011, cygwin@​cygwin.com wrote​:

Looks like cygwin is not SIGINT-save anymore.

$ perl5.13.9d-nt.exe -e'sub PVBM(){"foo"} index "foo", PVBM; my $pvbm

PVBM; sub foo { exit 0 } $SIG{"INT"} = $pvbm; kill "INT", $$; sleep

valgrind shows errors on linux​:

Happens under PERL_POISON too​:

Fixed, then improved, with the following two commits

Nice piece of detective work.

From reading the description of the problem, that seems a really obscure cause.

Nicholas Clark

From @iabyn

On Sat, Mar 19, 2011 at 10​:10​:02PM +0000, Nicholas Clark wrote​:

Nice piece of detective work.

From reading the description of the problem, that seems a really obscure
cause.

Everything related to signal handling seems obscure :-)

--
Nothing ventured, nothing lost.