develooper Front page | perl.perl5.porters | Postings from February 2018

[perl #132884] stack-overflow in S_regclass (perl/regcomp.c:16224)

Thread Next
From:
Karl Williamson via RT
Date:
February 23, 2018 05:57
Subject:
[perl #132884] stack-overflow in S_regclass (perl/regcomp.c:16224)
Message ID:
rt-4.0.24-19774-1519365447-635.132884-15-0@perl.org
On Mon, 19 Feb 2018 17:03:58 -0800, demerphq wrote:
> This is to a certain extent expected with current code. Every open parents
> adds two stack frames. Unless we put significant effort into rewriting this
> code there will always be some limit to the level of nesting we support.
> 
> On 20 Feb 2018 07:27, "Brian Carpenter" <perlbug-followup@perl.org> wrote:
> 
> > # New Ticket Created by  Brian Carpenter
> > # Please include the string:  [perl #132884]
> > # in the subject line of all future correspondence about this issue.
> > # <URL: https://rt.perl.org/Ticket/Display.html?id=132884 >
> >
> >
> > perl v5.27.8-321-ge720636704 compiled with clang 7 trunk and
> > -fsanitize=address.
> >
> > ./perl -e 'm;(((((((((((((((((((((((((((((([' triggers a stack overflow
> > when ulimit -s = 8243 or less. If ulimit -s = 8244, we get Unmatched [ in
> > regex; marked by <-- HERE in m/(((((((((((((((((((((((((((((([ <-- HERE /
> > at test000.pl line 1.
> >
> > AddressSanitizer:DEADLYSIGNAL
> > =================================================================
> > ==16663==ERROR: AddressSanitizer: stack-overflow on address 0x7ffdcd7a1f00
> > (pc 0x000001947519 bp 0x7ffdcd7bbcf0 sp 0x7ffdcd7a1f00 T0)
> >     #0 0x1947518 in S_regclass /root/perl/regcomp.c:16224
> >     #1 0x189f764 in S_regatom /root/perl/regcomp.c:12870:15
> >     #2 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> >     #3 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #4 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #5 0x18a66ca in S_regatom /root/perl/regcomp.c:12894:15
> >     #6 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> >     #7 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #8 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #9 0x18a66ca in S_regatom /root/perl/regcomp.c:12894:15
> >     #10 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> > *SNIP*
> >     #120 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #121 0x18a66ca in S_regatom /root/perl/regcomp.c:12894:15
> >     #122 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> >     #123 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #124 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #125 0x137a079 in Perl_re_op_compile /root/perl/regcomp.c:7197:9
> >     #126 0x5cd95c in Perl_pmruntime /root/perl/op.c:7025:6
> >     #127 0x1271ef5 in Perl_yyparse /root/perl/perly.y:1188:23
> >     #128 0x9cc7ef in S_parse_body /root/perl/perl.c:2563:9
> >     #129 0x9a7d2d in perl_parse /root/perl/perl.c:1857:2
> >     #130 0x50d88c in main /root/perl/perlmain.c:121:10
> >     #131 0x7f2ff855d2b0 in __libc_start_main
> > (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
> >     #132 0x43cd49 in _start (/root/perl/perl+0x43cd49)
> >
> > SUMMARY: AddressSanitizer: stack-overflow /root/perl/regcomp.c:16224 in
> > S_regclass
> > ==16663==ABORTING
> >
> > Worth noting, if we set ulimit -s to 8243 and we put
> > m;(((((((((((((((((((((((((((((([ in test.pl and change the command line
> > to
> > ./perl -Dut test.pl, the stack overflow moves to perl/regcomp.c:18983 in
> > S_regnode_guts:
> >
> > ==6585==ERROR: AddressSanitizer: stack-overflow on address 0x7ffec4f3fc20
> > (pc 0x000001859402 bp 0x7ffec4f40920 sp 0x7ffec4f3fc20 T0)
> >     #0 0x1859401 in S_regnode_guts /root/perl/regcomp.c:18983
> >     #1 0x177b02e in S_reganode /root/perl/regcomp.c:19050:27
> >     #2 0x194c7c1 in S_regclass /root/perl/regcomp.c:16365:11
> >     #3 0x189f764 in S_regatom /root/perl/regcomp.c:12870:15
> >     #4 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> >     #5 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #6 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #7 0x18a66ca in S_regatom /root/perl/regcomp.c:12894:15
> >     #8 0x186358b in S_regpiece /root/perl/regcomp.c:11953:11
> >     #9 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #10 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> > *SNIP*
> >     #125 0x17ac810 in S_regbranch /root/perl/regcomp.c:11878:18
> >     #126 0x1503f24 in S_reg /root/perl/regcomp.c:11604:10
> >     #127 0x137a079 in Perl_re_op_compile /root/perl/regcomp.c:7197:9
> >     #128 0x5cd95c in Perl_pmruntime /root/perl/op.c:7025:6
> >     #129 0x1271ef5 in Perl_yyparse /root/perl/perly.y:1188:23
> >     #130 0x9cc7ef in S_parse_body /root/perl/perl.c:2563:9
> >     #131 0x9a7d2d in perl_parse /root/perl/perl.c:1857:2
> >     #132 0x50d88c in main /root/perl/perlmain.c:121:10
> >     #133 0x7f04d796f2b0 in __libc_start_main
> > (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
> >     #134 0x43cd49 in _start (/root/perl/perl+0x43cd49)
> > SUMMARY: AddressSanitizer: stack-overflow /root/perl/regcomp.c:18983 in
> > S_regnode_guts
> > ==6585==ABORTING
> >
> >

I think this ticket should be rejected, and will do so in a week unless objection is made
-- 
Karl Williamson

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=132884

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About