search

Perl / perl5

🐪 The Perl programming language
https://dev.perl.org/perl5/
Other
1.91k stars 542 forks source link

Segfault/assert fail with regex_sets warning #15045

Closed p5pRT closed 8 years ago

p5pRT commented 8 years ago

Migrated from rt.perl.org#126615 (status was 'resolved')

Searchable as RT126615$

p5pRT commented 8 years ago

From @dcollinsn

Greetings Porters\,

I have compiled bleadperl with the afl-gcc compiler using​:

./Configure -Dusedevel -Dprefix='/usr/local/perl-afl' -Dcc='ccache afl-gcc' -Duselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -des AFL_HARDEN=1 make && make test

And then fuzzed the resulting binary using​:

AFL_NO_VAR_CHECK=1 afl-fuzz -i in -o out bin/perl @​@​

After reducing testcases using `afl-tmin` and performing additional minimization by hand\, I have located the following testcase that triggers an assert fail in DEBUGGING perls and a segmentation fault in other perls. The testcase is the file​:

00./(?[[0]+()+])/

dcollins@​nightshade64​:\~$ perldebug/perl -e '00./(?[[0]+()+])/' The regex_sets feature is experimental in regex; marked by \<-- HERE in m/(?[ \<-- HERE [0]+()+])/ at -e line 1. perl​: regcomp.c​:13902​: S_handle_regex_sets​: Assertion `(! ((lhs)->sv_flags & 0x00000100))' failed. Aborted

**GDB**

(gdb) run Starting program​: /home/dcollins/perl/perl -e 00./\(\?\[\[0\]+\(\)+\]\)/ [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". The regex_sets feature is experimental in regex; marked by \<-- HERE in m/(?[ \<-- HERE [0]+()+])/ at -e line 1.

Program received signal SIGSEGV\, Segmentation fault. Perl__invlist_union_maybe_complement_2nd (a=a@​entry=0xe63898\,   b=\\, complement_b=complement_b@​entry=false\,   output=output@​entry=0x7fffffffd980) at regcomp.c​:8682 8682 array_u = _invlist_array_init(u\, (len_a > 0 && array_a[0] == 0) (gdb) bt #0 Perl__invlist_union_maybe_complement_2nd (a=a@​entry=0xe63898\,   b=\\, complement_b=complement_b@​entry=false\,   output=output@​entry=0x7fffffffd980) at regcomp.c​:8682 #1 0x0000000000636dc5 in S_handle_regex_sets (   pRExC_state=pRExC_state@​entry=0x7fffffffde70\,   return_invlist=return_invlist@​entry=0x0\,   flagp=flagp@​entry=0x7fffffffdad4\, depth=depth@​entry=5\,   oregcomp_parse=oregcomp_parse@​entry=0xe6c3f1 "?[[0]+()+])")   at regcomp.c​:13911 #2 0x0000000000653f6a in S_reg (pRExC_state=0x7fffffffde70\, paren=91\,   flagp=0x7fffffffdad4\, depth=5) at regcomp.c​:10493 #3 0x000000000063a521 in S_regatom (   pRExC_state=pRExC_state@​entry=0x7fffffffde70\,   flagp=flagp@​entry=0x7fffffffdc24\, depth=depth@​entry=4) at regcomp.c​:11801 #4 0x0000000000646da2 in S_regpiece (depth=\\,   flagp=\\, pRExC_state=0x7fffffffde70) at regcomp.c​:10879 #5 S_regbranch (pRExC_state=pRExC_state@​entry=0x7fffffffde70\,   flagp=flagp@​entry=0x7fffffffdc94\, first=first@​entry=1\,   depth=depth@​entry=2) at regcomp.c​:10804 #6 0x000000000065d916 in S_reg (   pRExC_state=pRExC_state@​entry=0x7fffffffde70\,   flagp=flagp@​entry=0x7fffffffdd54\, depth=1\, paren=0) at regcomp.c​:10549 #7 0x00000000006819f6 in Perl_re_op_compile (patternp=patternp@​entry=0x0\, ---Type \ to continue\, or q \ to quit---   pat_count=\\, pat_count@​entry=0\, expr=\\,   expr@​entry=0xe6c1c8\, eng=\\, old_re=old_re@​entry=0x0\,   is_bare_re=is_bare_re@​entry=0x0\, orig_rx_flags=0\, pm_flags=0)   at regcomp.c​:6954 #8 0x00000000004b05c9 in Perl_pmruntime (o=0xe6c208\, expr=0xe6c1c8\,   repl=0x0\, isreg=isreg@​entry=true\, floor=0) at op.c​:5580 #9 0x00000000005ba77a in Perl_yyparse (gramtype=gramtype@​entry=258)   at perly.y​:1032 #10 0x00000000004e758d in S_parse_body (xsinit=0x4274e0 \<xs_init>\, env=0x0)   at perl.c​:2312 #11 perl_parse (my_perl=\\,   xsinit=xsinit@​entry=0x4274e0 \<xs_init>\, argc=\\,   argv=\\, env=env@​entry=0x0) at perl.c​:1634 #12 0x0000000000427108 in main (argc=3\, argv=0x7fffffffe668\,   env=0x7fffffffe688) at perlmain.c​:114 (gdb) info locals array_b = \ len_b = 2 u = 0xe638b0 array_u = \ len_u = \ i_a = 0 i_b = 0 i_u = 0 count = 0

**VALGRIND**

==46142== Memcheck\, a memory error detector ==46142== Copyright (C) 2002-2015\, and GNU GPL'd\, by Julian Seward et al. ==46142== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==46142== Command​: perl/perl -e 00./(?[[0]+()+])/ ==46142== The regex_sets feature is experimental in regex; marked by \<-- HERE in m/(?[ \<-- HERE [0]+()+])/ at -e line 1. ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x60E157​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8602) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x60E314​: Perl__new_invlist (regcomp.c​:8192) ==46142== by 0x60E314​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x60E40F​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E40F​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x7DD12B​: Perl_sv_grow (sv.c​:1601) ==46142== by 0x60E4AA​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E4AA​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x7DD584​: Perl_sv_grow (sv.c​:1601) ==46142== by 0x60E4AA​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E4AA​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x7DD1A7​: Perl_sv_grow (sv.c​:1609) ==46142== by 0x60E4AA​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E4AA​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x7DD1FB​: Perl_sv_grow (sv.c​:1612) ==46142== by 0x60E4AA​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E4AA​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Conditional jump or move depends on uninitialised value(s) ==46142== at 0x4C27BA5​: malloc (vg_replace_malloc.c​:299) ==46142== by 0x6B98EC​: Perl_safesysmalloc (util.c​:153) ==46142== by 0x7DD5D7​: Perl_sv_grow (sv.c​:1628) ==46142== by 0x60E4AA​: Perl__new_invlist (regcomp.c​:8201) ==46142== by 0x60E4AA​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8679) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== ==46142== Use of uninitialised value of size 8 ==46142== at 0x60E521​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8682) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== ==46142== Invalid read of size 8 ==46142== at 0x60E521​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8682) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== Address 0x2b is not stack'd\, malloc'd or (recently) free'd ==46142== ==46142== ==46142== Process terminating with default action of signal 11 (SIGSEGV) ==46142== Access not within mapped region at address 0x2B ==46142== at 0x60E521​: Perl__invlist_union_maybe_complement_2nd (regcomp.c​:8682) ==46142== by 0x636DC4​: S_handle_regex_sets (regcomp.c​:13911) ==46142== by 0x653F69​: S_reg (regcomp.c​:10493) ==46142== by 0x63A520​: S_regatom (regcomp.c​:11801) ==46142== by 0x646DA1​: S_regpiece (regcomp.c​:10879) ==46142== by 0x646DA1​: S_regbranch (regcomp.c​:10804) ==46142== by 0x65D915​: S_reg.constprop.25 (regcomp.c​:10549) ==46142== by 0x6819F5​: Perl_re_op_compile (regcomp.c​:6954) ==46142== by 0x4B05C8​: Perl_pmruntime (op.c​:5580) ==46142== by 0x5BA779​: Perl_yyparse (perly.y​:1032) ==46142== by 0x4E758C​: S_parse_body (perl.c​:2312) ==46142== by 0x4E758C​: perl_parse (perl.c​:1634) ==46142== by 0x427107​: main (perlmain.c​:114) ==46142== If you believe this happened as a result of a stack ==46142== overflow in your program's main thread (unlikely but ==46142== possible)\, you can try to increase the size of the ==46142== main thread stack using the --main-stacksize= flag. ==46142== The main thread stack size used in this run was 8388608. ==46142== ==46142== HEAP SUMMARY​: ==46142== in use at exit​: 100\,183\,339 bytes in 555 blocks ==46142== total heap usage​: 646 allocs\, 91 frees\, 100\,191\,816 bytes allocated ==46142== ==46142== LEAK SUMMARY​: ==46142== definitely lost​: 168 bytes in 1 blocks ==46142== indirectly lost​: 1\,948 bytes in 19 blocks ==46142== possibly lost​: 24 bytes in 1 blocks ==46142== still reachable​: 100\,181\,199 bytes in 534 blocks ==46142== suppressed​: 0 bytes in 0 blocks ==46142== Rerun with --leak-check=full to see details of leaked memory ==46142== ==46142== For counts of detected and suppressed errors\, rerun with​: -v ==46142== Use --track-origins=yes to see where uninitialised values come from ==46142== ERROR SUMMARY​: 10 errors from 10 contexts (suppressed​: 0 from 0) Segmentation fault

**PERL -V**

Summary of my perl5 (revision 5 version 23 subversion 5) configuration​:   Commit id​: fdfd5e4d926a555f6d4f156d79198d8c6db9dc44   Platform​:   osname=linux\, osvers=3.16.0-4-amd64\, archname=x86_64-linux-ld   uname='linux nightshade64 3.16.0-4-amd64 #1 smp debian 3.16.7-ckt11-1+deb8u4 (2015-09-19) x86_64 gnulinux '   config_args='-Dusedevel -Dprefix=/usr/local/perl-afl -Dcc=ccache afl-gcc -Duselongdouble -Duse64bitall -Doptimize=-g -Uversiononly -Uman1dir -Uman3dir -DDEBUGGING -DPERL_POISON -des'   hint=recommended\, useposix=true\, d_sigaction=define   useithreads=undef\, usemultiplicity=undef   use64bitint=define\, use64bitall=define\, uselongdouble=define   usemymalloc=n\, bincompat5005=undef   Compiler​:   cc='ccache afl-gcc'\, ccflags ='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64'\,   optimize='-g'\,   cppflags='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include'   ccversion=''\, gccversion='5.2.0'\, gccosandvers=''   intsize=4\, longsize=8\, ptrsize=8\, doublesize=8\, byteorder=12345678\, doublekind=3   d_longlong=define\, longlongsize=8\, d_longdbl=define\, longdblsize=16\, longdblkind=3   ivtype='long'\, ivsize=8\, nvtype='long double'\, nvsize=16\, Off_t='off_t'\, lseeksize=8   alignbytes=16\, prototype=define   Linker and Libraries​:   ld='ccache afl-gcc'\, ldflags =' -fstack-protector-strong -L/usr/local/lib'   libpth=/usr/local/lib /usr/local/lib/gcc/x86_64-unknown-linux-gnu/5.2.0/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib   libs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc   perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc   libc=libc-2.19.so\, so=so\, useshrplib=false\, libperl=libperl.a   gnulibc_version='2.19'   Dynamic Linking​:   dlsrc=dl_dlopen.xs\, dlext=so\, d_dlsymun=undef\, ccdlflags='-Wl\,-E'   cccdlflags='-fPIC'\, lddlflags='-shared -g -L/usr/local/lib -fstack-protector-strong'

Characteristics of this binary (from libperl)​:   Compile-time options​: DEBUGGING HAS_TIMES PERLIO_LAYERS PERL_COPY_ON_WRITE   PERL_DONT_CREATE_GVSV   PERL_HASH_FUNC_ONE_AT_A_TIME_HARD PERL_MALLOC_WRAP   PERL_PRESERVE_IVUV PERL_USE_DEVEL USE_64_BIT_ALL   USE_64_BIT_INT USE_LARGE_FILES USE_LOCALE   USE_LOCALE_COLLATE USE_LOCALE_CTYPE   USE_LOCALE_NUMERIC USE_LOCALE_TIME USE_LONG_DOUBLE   USE_PERLIO USE_PERL_ATOF   Built under linux   Compiled at Nov 10 2015 21​:44​:35   @​INC​:   /usr/local/perl-afl/lib/site_perl/5.23.5/x86_64-linux-ld   /usr/local/perl-afl/lib/site_perl/5.23.5   /usr/local/perl-afl/lib/5.23.5/x86_64-linux-ld   /usr/local/perl-afl/lib/5.23.5   /usr/local/perl-afl/lib/site_perl/5.23.4   /usr/local/perl-afl/lib/site_perl   .

p5pRT commented 8 years ago

@khwilliamson - Status changed from 'new' to 'open'

p5pRT commented 8 years ago

From @khwilliamson

Thanks for finding this\, now fixed by 2985caa9ee0029932680fc8f354a35492d18fe9a

This and similar bugs you've found are due to my adding asserts to code where my limited imagination did not think the situation could come up\, but wanted to be sure of that\, and not to blindly forge ahead getting a wrong answer. You have found a bunch where it was a syntax error that I my imagination didn't realize\, and one (I think it was only one) where it was legitimate syntax that I overlooked. Now there are just a couple of these asserts left. -- Karl Williamson

p5pRT commented 8 years ago

@khwilliamson - Status changed from 'open' to 'pending release'

p5pRT commented 8 years ago

@mauke - Status changed from 'pending release' to 'resolved'