develooper Front page | perl.perl5.porters | Postings from February 2015

[perl #123753] op_private assert

Thread Previous
Hugo van der Sanden
February 6, 2015 17:00
[perl #123753] op_private assert
Message ID:
# New Ticket Created by  Hugo van der Sanden 
# Please include the string:  [perl #123753]
# in the subject line of all future correspondence about this issue. 
# <URL: >

This is a bug report for perl from,
generated with the help of perlbug 1.40 running under perl 5.21.9.

[Please describe your issue here]

The check to "Assert valid op_private bits in op_free()" added by Dave
in d0c8136d16 can be triggered by the temporary poking of numargs into
op_private by ck_fun(), if a syntax error causes unwinding before the
field has been reset (presumably by a later ck_* function).

My shortest test case is:
% ./miniperl -e 'map+map'
Not enough arguments for map at -e line 1, at EOF
Execution of -e aborted due to compilation errors.
miniperl: op.c:721: Perl_op_free: Assertion `!(o->op_private & ~PL_op_private_valid[type])' failed.
Aborted (core dumped)

In eb8433b7af, Nick added a FIXME comment asking whether the storing of
numargs should move after the "too many args" check, but that wouldn't
help us in this case - first because it's the later "too few args" check
we fail on, and second because the mapstart op we assert on isn't the one
for which we've generated the "Not enough arguments" error.

I'm not sure how to search for what uses the numargs; ideally we'd remove
the need to piggyback on op_private in this way.

(I've been trying out American Fuzzy Lop: this represents a high proportion
of the failure cases I've seen so far. It also finds cases triggering the
same assert for different reasons on an RV2CV, but I haven't looked at 
those yet.)

[Please do not change anything below this line]
Site configuration information for perl 5.21.9:

Configured by hv at Fri Feb  6 16:50:59 GMT 2015.

Summary of my perl5 (revision 5 version 21 subversion 9) configuration:
  Commit id: eb82332cb71f48a5a63aa48dda0f6f55ee333ecb
    osname=linux, osvers=3.13.0-37-generic, archname=x86_64-linux
    uname='linux shad2 3.13.0-37-generic #64-ubuntu smp mon sep 22 21:28:38 utc 2014 x86_64 x86_64 x86_64 gnulinux '
    config_args='-des -Dcc=gcc -Dprefix=/opt/blead-d -Doptimize=-g -O6 -DDEBUGGING -Dusedevel -Uversiononly'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
    cc='gcc', ccflags ='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-g -O6',
    cppflags='-fwrapv -DDEBUGGING -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
    ccversion='', gccversion='4.8.2', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678, doublekind=3
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16, longdblkind=3
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' -fstack-protector -L/usr/local/lib'
    libpth=/usr/local/lib /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib
    libs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -g -O6 -L/usr/local/lib -fstack-protector'

@INC for perl 5.21.9:

Environment for perl 5.21.9:
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PERL_BADLANG (unset)

Thread Previous Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About