develooper Front page | perl.perl5.porters | Postings from June 2002

[ID 20020627.002] Regexp causing segmentation fault

Thread Next
From:
Philip Taylor
Date:
June 27, 2002 07:03
Subject:
[ID 20020627.002] Regexp causing segmentation fault
Message ID:
UjiriEABnxG9EwNt@zaynar.demon.co.uk
This is a bug report for perl from philip@zaynar.demon.co.uk,
generated with the help of perlbug 1.33 running under perl v5.6.1.


-----------------------------------------------------------------

I've written some code using a regular expression which uses
an array of tags to apply formatting to text (converting HTML-style
tags into actual HTML). If the text contains
"[table]...some text...[/table]" it runs a specific subroutine
(through /e on the regexp) to handle the [table] tag, and that
subroutine runs &formatText again on the 'some text'.

When the second calling of &formatText finishes and execution
goes back to the original regexp, it crashes: Under Windows
("v5.6.1 built for MSWin32-x86-multi-thread", "Binary build 631
provided by ActiveState"), perl performs an illegal operation
stating "PERL caused an invalid page fault in module PERL56.DLL".
Under Linux ("v5.6.0 built for i686-linux", as well as v5.8.0rc2
by someone else), it says "Segmentation fault".

While attempting to make some test code to demonstrate the
problem, perl (under Windows) died with various regexp-related
"panic" errors, which indicates some problem in the regexp code.
Also, it worked correctly on Linux until I added some more
characters into the "[table]...[/table]" input text. In the original
CGI program (running on that Linux machine) it worked fine once every
several times, and did the segmentation fault on the other
occasions, in a seemingly random pattern.

The code below outputs:
  Entering formatText
  Doing regexp:
    [(table)(?: ([^]]+))?](.*?)[/table]
  Entering formatText
  Doing regexp:
    [(table)(?: ([^]]+))?](.*?)[/table]
  Doing regexp:
    [(table)(?: ([^]]+))?](.*?)[/table_]
  Leaving formatText
then crashes.
When it's run with only a single tag in the list, there's no problem.
When there are multiple identical tags, there's no problem. When there
are two different tags (so the regexp changes) it crashes.


#!/usr/bin/perl
use strict;
use warnings;
my @tags = (
  ["table", "/table", \&formatText_table ],
  ["table", "/table_", \&formatText_table ],
);
print &formatText("[table]ooooooooooooo[/table]");
sub formatText {
  my $text = shift;
  print "Entering formatText\n";
  foreach my $tag (@tags) {
    print "Doing regexp:\n  \[($tag->[0])(?: ([^\]]+))?\](.*?)\[$tag-
>[1]\]\n"; ### (possibly wrapped line...)
    $text =~ s#\[($tag->[0])(?: ([^\]]+))?\](.*?)\[$tag->[1]\]#&{$tag-
>[2]}($1, $2, $3)#seig; ### (possibly wrapped line...)
  }
  print "Leaving formatText\n";
  return $text;
}
sub formatText_table {
  my ($self, $params, $text) = @_;
  return qq{<table border="1">} . &formatText($text) . qq{</table>};
}

-----------------------------------------------------------------
---
Flags:
    category=core
    severity=medium
---
Site configuration information for perl v5.6.1:

Summary of my perl5 (revision 5 version 6 subversion 1) configuration:
  Platform:
    osname=MSWin32, osvers=4.0, archname=MSWin32-x86-multi-thread
    uname=''
    config_args='undef'
    hint=recommended, useposix=true, d_sigaction=undef
    usethreads=undef use5005threads=undef useithreads=define
usemultiplicity=define
    useperlio=undef d_sfio=undef uselargefiles=undef usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
  Compiler:
    cc='cl', ccflags ='-nologo -O1 -MD -DNDEBUG -DWIN32 -D_CONSOLE -
DNO_STRICT -DHAVE_DES_FCRYPT  -DPERL_IMPLICIT_CONTEXT -
DPERL_IMPLICIT_SYS -DPERL_MSVCRT_READFIX',
    optimize='-O1 -MD -DNDEBUG',
    cppflags='-DWIN32'
    ccversion='', gccversion='', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=undef, longlongsize=8, d_longdbl=define, longdblsize=10
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t',
lseeksize=4
    alignbytes=8, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='link', ldflags ='-nologo -nodefaultlib -release  -libpath:"F:\IN
TERNET\PERL\lib\CORE"  -machine:x86'
    libpth="e:\VISUAL~1\VC98\LIB" "e:\VISUAL~1\VC98\MFC\LIB"
"F:\INTERNET\PERL\lib\CORE"
    libs=  oldnames.lib kernel32.lib user32.lib gdi32.lib winspool.lib
comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib
netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib  version.lib
odbc32.lib odbccp32.lib msvcrt.lib
    perllibs=  oldnames.lib kernel32.lib user32.lib gdi32.lib
winspool.lib  comdlg32.lib advapi32.lib shell32.lib ole32.lib
oleaut32.lib  netapi32.lib uuid.lib wsock32.lib mpr.lib winmm.lib
version.lib odbc32.lib odbccp32.lib msvcrt.lib
    libc=msvcrt.lib, so=dll, useshrplib=yes, libperl=perl56.lib
  Dynamic Linking:
    dlsrc=dl_win32.xs, dlext=dll, d_dlsymun=undef, ccdlflags=' '
    cccdlflags=' ', lddlflags='-dll -nologo -nodefaultlib -release  -
libpath:"F:\INTERNET\PERL\lib\CORE"  -machine:x86'

Locally applied patches:
    ACTIVEPERL_LOCAL_PATCHES_ENTRY

---
@INC for perl v5.6.1:
    F:/Internet/Perl/lib
    F:/Internet/Perl/site/lib
    .

---
Environment for perl v5.6.1:
    HOME (unset)
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=C:\CYGWIN\BIN\;F:\INTERNET\PERL\BIN\;C:\WINDOWS;C:\WINDOWS\COMM
AND;F:\INTERNET\PERL\BIN;E:\OMNIHT~1\PHP;E:\MYSQL\BIN;F:\GRAPHICS\DISCRE
ET\BACKBURNER\;F:\INTERNET\PERL\SITE\LIB\AUTO\IMAGE\MAGIC;E:\VISUAL~1\VC
98\BIN
    PERL_BADLANG (unset)
    SHELL (unset)


Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About