develooper Front page | perl.perl5.porters | Postings from March 2014

[perl #121505] Can't build perl with gcc4.9 due to UB in sv.c

Marek Polacek
March 30, 2014 09:08
[perl #121505] Can't build perl with gcc4.9 due to UB in sv.c
Message ID:
# New Ticket Created by  Marek Polacek 
# Please include the string:  [perl #121505]
# in the subject line of all future correspondence about this issue. 
# <URL: >

This is a bug report for perl from,
generated with the help of perlbug 1.39 running under perl 5.14.3.

When doing mass rebuild of Fedora packages, rebuild of perl-5.18.2-296.fc21.src.rpm
failed, because of undefined behavior in sv.c file.  The problem here is that
the code was trying to negate LONG_MIN, which is undefined behavior.  GCC's
optimizers then optimized the code in such a way that the perl testsuite and
thus rebuild failed.  A patch to fix the issue:

--- sv.c.bak	2014-03-24 15:11:48.007595042 +0100
+++ sv.c	2014-03-25 11:57:41.154752451 +0100
@@ -2008,7 +2008,7 @@ S_sv_2iuv_common(pTHX_ SV *const sv)
 	    if (SvNVX(sv) == (NV) SvIVX(sv)
 		&& (((UV)1 << NV_PRESERVES_UV_BITS) >
-		    (UV)(SvIVX(sv) > 0 ? SvIVX(sv) : -SvIVX(sv)))
+		    (UV)(SvIVX(sv) > 0 ? SvIVX(sv) : -SvUVX(sv)))
 		/* Don't flag it as "accurately an integer" if the number
 		   came from a (by definition imprecise) NV operation, and
 		   we're outside the range of NV integer precision */

With this patch the rebuild passes even with new GCC.

Moreover, GCC's -fsanitize=undefined found more UB in that file, here's a
(untested) patch that should beat some sense in it.  Again, you can't negate

--- sv.c.bak	2014-03-24 15:11:48.007595042 +0100
+++ sv.c	2014-03-24 16:32:56.142470671 +0100
@@ -2117,7 +2117,7 @@ S_sv_2iuv_common(pTHX_ SV *const sv)
 	    } else {
 		/* 2s complement assumption  */
 		if (value <= (UV)IV_MIN) {
-		    SvIV_set(sv, -(IV)value);
+		    SvIV_set(sv, -(UV)value);
 		} else {
 		    /* Too negative for an IV.  This is a double upgrade, but
 		       I'm assuming it will be rare.  */
@@ -2578,7 +2578,7 @@ Perl_sv_2nv_flags(pTHX_ SV *const sv, co
                 if (numtype & IS_NUMBER_NEG) {
-                    SvIV_set(sv, -(IV)value);
+                    SvIV_set(sv, -(UV)value);
                 } else if (value <= (UV)IV_MAX) {
 		    SvIV_set(sv, (IV)value);
 		} else {
@@ -2707,7 +2707,7 @@ S_uiv_2buf(char *const buf, const IV iv,
 	uv = iv;
 	sign = 0;
     } else {
-	uv = -iv;
+	uv = -(UV)iv;
 	sign = 1;
     do {
@@ -10870,7 +10870,7 @@ Perl_sv_vcatpvfn_flags(pTHX_ SV *const s
 			esignbuf[esignlen++] = plus;
 		else {
-		    uv = -iv;
+		    uv = -(UV)iv;
 		    esignbuf[esignlen++] = '-';

I checked the mainline in git and the bugs seem to be still there.
Note that perlbug might send you information about my system perl,
but that's completely irrelevant here.
[Please describe your issue here]

[Please do not change anything below this line]
This perlbug was built using Perl 5.14.3 in the Fedora build system.
It is being executed now by Perl 5.14.3 - Fri Jan 11 13:09:43 UTC 2013.

Site configuration information for perl 5.14.3:

Configured by Red Hat, Inc. at Fri Jan 11 13:09:43 UTC 2013.

Summary of my perl5 (revision 5 version 14 subversion 3) configuration:
    osname=linux, osvers=2.6.32-279.9.1.el6.x86_64, archname=x86_64-linux-thread-multi
    uname='linux 2.6.32-279.9.1.el6.x86_64 #1 smp fri aug 31 09:04:24 edt 2012 x86_64 x86_64 x86_64 gnulinux '
    config_args='-des -Doptimize=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4  -m64 -mtune=generic -Dccdlflags=-Wl,--enable-new-dtags -DDEBUGGING=-g -Dversion=5.14.3 -Dmyhostname=localhost -Dperladmin=root@localhost -Dcc=gcc -Dcf_by=Red Hat, Inc. -Dprefix=/usr -Dvendorprefix=/usr -Dsiteprefix=/usr/local -Dsitelib=/usr/local/share/perl5 -Dsitearch=/usr/local/lib64/perl5 -Dprivlib=/usr/share/perl5 -Dvendorlib=/usr/share/perl5/vendor_perl -Darchlib=/usr/lib64/perl5 -Dvendorarch=/usr/lib64/perl5/vendor_perl -Darchname=x86_64-linux-thread-multi -Dlibpth=/usr/local/lib64 /lib64 /usr/lib64 -Duseshrplib -Dusethreads -Duseithreads -Dusedtrace=/usr/bin/dtrace -Duselargefiles -Dd_semctl_semun -Di_db -Ui_ndbm -Di_gdbm -Di_shadow -Di_syslog -Dman3ext=3pm -Duseperlio -Dinstallusrbinperl=n -Ubincompat5005 -Uversiononly -Dpager=/usr/bin/less -isr -Dd_gethostent_r_proto -Ud_endhostent_r_proto -Ud_sethostent_r_proto -Ud_endprotoent_r_proto
  -Ud_setprotoent_r_proto -Ud_endservent_r_proto -Ud_setservent_r_proto -Dscriptdir=/usr/bin'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=define, usemultiplicity=define
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
    cc='gcc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
    ccversion='', gccversion='4.6.3 20120306 (Red Hat 4.6.3-2)', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' -fstack-protector'
    libpth=/usr/local/lib64 /lib64 /usr/lib64
    libs=-lresolv -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -lc -lgdbm_compat
    perllibs=-lresolv -lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
    libc=, so=so, useshrplib=true,
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,--enable-new-dtags -Wl,-rpath,/usr/lib64/perl5/CORE'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

Locally applied patches:

@INC for perl 5.14.3:

Environment for perl 5.14.3:
    LANGUAGE (unset)
    LOGDIR (unset)
    PERL_BADLANG (unset)
    PERL_MB_OPT=--install_base /home/marek/perl5
    SHELL=/bin/bash Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About