develooper Front page | perl.perl5.porters | Postings from April 2010

Re: Hardening via random code generator (was: [perl #74764] -E 'given( goto f ) { f: }' => crash)

Thread Previous
From:
Nicholas Clark
Date:
April 30, 2010 02:08
Subject:
Re: Hardening via random code generator (was: [perl #74764] -E 'given( goto f ) { f: }' => crash)
Message ID:
20100430090804.GL2576@plum.flirble.org
On Fri, Apr 30, 2010 at 10:04:13AM +0100, Tim Bunce wrote:
> > The following code crashes perl:
> > 
> >         % perl5.12.0 -E 'given ( goto f ) { f: }'
> >         Use of "goto" to jump into a construct is deprecated at -e line 1.
> >         perl5.12.0: pp_ctl.c:4005: Perl_pp_leavegiven: Assertion `((cx)->cx_u.cx_subst.sbu_type & 0xf) == 3' failed.
> >         zsh: abort      /opt/perl/perl-5.12.0-RC3/bin/perl5.12.0 -E 'given ( goto f ) { f: }
> 
> This report triggers vague memories of a tool (not perl related) that
> generated random code fragments in an attempt to find flaws in a
> compiler or cpu (I forget which now). Ring a bell for anyone?

ftp://ftp.cs.wisc.edu/paradyn/technical_papers/fuzz-revisited.ps

Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and
Services.

I believe that Ilya Z also did something related by using Markov chains to
feed plausible garbage to the perl interpreter, identifying the cause of
the crashes, and then patching the bugs.

Nicholas Clark

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About