Perl / perl5

🐪 The Perl programming language
https://dev.perl.org/perl5/
Other
1.96k stars 555 forks source link

Segfault with regexp on big match (30000 chars) #38

Closed p5pRT closed 20 years ago

p5pRT commented 25 years ago

Migrated from rt.perl.org#839 (status was 'resolved')

Searchable as RT839$

p5pRT commented 25 years ago

From sdalu@sco.COM

The following line cause perl to do a segmentation fault​:

perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

It seems the limit is arround 27000 characters and depend on the number of @​@​ eventually present.

Perl Info ``` This perlbug was built using Perl 5.00503 - Tue Apr 6 23:33:05 EDT 1999 It is being executed now by Perl 5.00557 - Thu Jun 3 09:53:24 BST 1999. Site configuration information for perl 5.00503: Configured by root at Tue Apr 6 23:33:05 EDT 1999. Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration: Platform: osname=linux, osvers=2.2.1-ac1, archname=i386-linux uname='linux porky.devel.redhat.com 2.2.1-ac1 #1 smp mon feb 1 17:44:44 est 1999 i686 unknown ' hint=recommended, useposix=true, d_sigaction=define usethreads=undef useperlio=undef d_sfio=undef Compiler: cc='cc', optimize='-O2', gccversion=egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) cppflags='-Dbool=char -DHAS_BOOL -I/usr/local/include' ccflags ='-Dbool=char -DHAS_BOOL -I/usr/local/include' stdchar='char', d_stdstdio=undef, usevfork=false intsize=4, longsize=4, ptrsize=4, doublesize=8 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12 alignbytes=4, usemymalloc=n, prototype=define Linker and Libraries: ld='cc', ldflags =' -L/usr/local/lib' libpth=/usr/local/lib /lib /usr/lib libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lc -lposix -lcrypt libc=, so=so, useshrplib=false, libperl=libperl.a Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic' cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib' Locally applied patches: @INC for perl 5.00503: /usr/lib/perl5/5.00503/i386-linux /usr/lib/perl5/5.00503 /usr/lib/perl5/site_perl/5.005/i386-linux /usr/lib/perl5/site_perl/5.005 . Environment for perl 5.00503: HOME=/homes/sdalu LANG (unset) LANGUAGE (unset) LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=/homes/sdalu/bin::/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/usr/games PERL_BADLANG (unset) SHELL=bash ```
p5pRT commented 24 years ago

From [Unknown Contact. See original ticket]

Thanks for your bug report. Version 5.6 does not core dump on​:

  perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

I've marked the bug as closed.

Cheers;

Nat

p5pRT commented 24 years ago

From [Unknown Contact. See original ticket]

At 20​:44 -0700 2000-03-20\, Nathan Torkington wrote​:

Thanks for your bug report. Version 5.6 does not core dump on​:

perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;'

I've marked the bug as closed.

For completeness\, follow the perl manpage's sage advice​:

  If something strange has gone wrong with your program and   you're not sure where you should look for help\, try the -w   switch first. It will often point out exactly where the   trouble is.

perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;' Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

(I have a particularly weedy complex regular subexpression recursion limit; you'll see 32766 most other systems.) -- Dominic Dunlop

p5pRT commented 24 years ago

From @vanstyn

In \14550\.61491\.534434\.775503@​prometheus\.frii\.com\, Nathan Torkington writes​: :Thanks for your bug report. Version 5.6 does not core dump on​: : : perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​] @​@​)*/gc;'

:I've marked the bug as closed.

RC2 core dumps here​:

crypt% perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;' Segmentation fault (core dumped) crypt%

Is this not the standard stacksize issue?

Hugo


Summary of my perl5 (revision 5.0 version 6 subversion 0) configuration​:   Platform​:   osname=linux\, osvers=2.2.5-16\, archname=i686-linux-64int   uname='linux crypt.compulink.co.uk 2.2.5-16 #1 sun may 30 23​:00​:18 bst 1999 i686 unknown '   config_args='-des -Doptimize=-g -O6 -Dprefix=/opt/perl-5.6.0-RC2.64bit -Duse64bitint'   hint=recommended\, useposix=true\, d_sigaction=define   usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef   useperlio=undef d_sfio=undef uselargefiles=define   use64bitint=define use64bitall=undef uselongdouble=undef usesocks=undef   Compiler​:   cc='cc'\, optimize='-g -O6'\, gccversion=egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)   cppflags='-DDEBUGGING -fno-strict-aliasing'   ccflags ='-DDEBUGGING -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64'   stdchar='char'\, d_stdstdio=define\, usevfork=false   intsize=4\, longsize=4\, ptrsize=4\, doublesize=8   d_longlong=define\, longlongsize=8\, d_longdbl=define\, longdblsize=12   ivtype='long long'\, ivsize=8\, nvtype='double'\, nvsize=8\, Off_t='off_t'\, lseeksize=8   alignbytes=4\, usemymalloc=n\, prototype=define   Linker and Libraries​:   ld='cc'\, ldflags =' -L/usr/local/lib'   libpth=/usr/local/lib /lib /usr/lib   libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lc -lposix -lcrypt   libc=/lib/libc-2.1.1.so\, so=so\, useshrplib=false\, libperl=libperl.a   Dynamic Linking​:   dlsrc=dl_dlopen.xs\, dlext=so\, d_dlsymun=undef\, ccdlflags='-rdynamic'   cccdlflags='-fpic'\, lddlflags='-shared -L/usr/local/lib'

Characteristics of this binary (from libperl)​:   Compile-time options​: DEBUGGING USE_64_BIT_INT USE_LARGE_FILES   Locally applied patches​:   v5.6.0-RC2   Built under linux   Compiled at Mar 15 2000 11​:20​:32   @​INC​:   /opt/perl-5.6.0-RC2.64bit/lib/5.6.0/i686-linux-64int   /opt/perl-5.6.0-RC2.64bit/lib/5.6.0   /opt/perl-5.6.0-RC2.64bit/lib/site_perl/5.6.0/i686-linux-64int   /opt/perl-5.6.0-RC2.64bit/lib/site_perl/5.6.0   /opt/perl-5.6.0-RC2.64bit/lib/site_perl   .

p5pRT commented 24 years ago

From @vanstyn

In \p04310108b4fce2bf145b@​\[192\.168\.1\.4\]\, Dominic Dunlop writes​: :At 20​:44 -0700 2000-03-20\, Nathan Torkington wrote​: :>Thanks for your bug report. Version 5.6 does not core dump on​: :> :> perl -e '$i = "i" x 30000; $i =~ /(?​:[^@​] @​@​)*/gc;' :> :>I've marked the bug as closed.

:For completeness\, follow the perl manpage's sage advice​: : : If something strange has gone wrong with your program and : you're not sure where you should look for help\, try the -w : switch first. It will often point out exactly where the : trouble is. : :perl -we '$i = "i" x 30000; $i =~ /(?​:[^@​]|@​@​)*/gc;' :Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

That won't help if you are getting core dumps due to too high a CRSRL.

Hugo

p5pRT commented 24 years ago

From [Unknown Contact. See original ticket]

At 11​:20 +0000 2000-03-21\, Hugo wrote​:

​:Complex regular subexpression recursion limit (2046) exceeded at -e line 1.

That won't help if you are getting core dumps due to too high a CRSRL.

Quite. The warning is not triggered by all dangerously recursive regexps\, which remain a way of making perl reliably dump core (if that isn't an oxymoron). Allowing perl a higher stack size limit's the only way out of that one -- and even then\, one needs an arbitrarily large limit to be anywhere near totally safe. Maybe once 5.6 is out\, I'll try tapping my head against the stack overflow check wall one more time. (See http​://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1999-09/msg01234.html).

The favoured fix\, flattening the regexp engine\, isn't on the todo list. Maybe it should be. (See http​://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1999-07/msg01177.html.) -- Dominic Dunlop