-
Notifications
You must be signed in to change notification settings - Fork 559
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
S_no_op: Assertion `s >= oldbp' failed. (toke.c:536) #14472
Comments
From @geeknikBuilt v5.21.9 (v5.21.8-200-ga57d3d4) using the following command line: ./Configure -des -Dusedevel -DDEBUGGING -Dcc=afl-gcc -Doptimize=-O2\ -g && AFL_HARDEN=1 make -j6 test-prep Bug found with AFL (http://lcamtuf.coredump.cx/afl) GDB output: Program received signal SIGABRT, Aborted. Test case hexdump: |
From @geeknik |
From @cpansproutFixed in 488bc57. -- Father Chrysostomos |
|
The RT System itself - Status changed from 'new' to 'open' |
|
@cpansprout - Status changed from 'open' to 'pending release' |
From @geeknikThis bugger is back, albeit in a slight different part of toke.c. Built this from git source: (v5.21.10 (v5.21.9-259-g88d9f32)). I've GDB: Program received signal SIGABRT, Aborted. Managed to minize the test case to 5-bytes, here is the hexdump: GDB: Program received signal SIGABRT, Aborted. |
From @geeknik |
From @hvdsOn Tue Mar 17 01:52:36 2015, brian.carpenter@gmail.com wrote:
I just noticed that the ticket was not reopened, I'll do that now. Brian's new test case is: % echo '0$#{' | ./miniperl -c Hopefully Father C will get time to take a look. Hugo |
|
@hvds - Status changed from 'pending release' to 'open' |
From @wolfsageOn Sun, Mar 22, 2015 at 8:41 PM, Hugo van der Sanden via RT <
I'm not sure if the original fix was enough or the right place to fix Back in 5.18.4, these both worked and reported the correct errors: mhorsfall@dory:~$ ~/dpppperls/debug/perl-5.18.4/bin/perl5.18.4 -ce '0$#{' mhorsfall@dory:~$ ~/dpppperls/debug/perl-5.18.4/bin/perl5.18.4 -ce '0${' In 5.19.5 with the following commit, these started panicing: good - zero exit from ./perl -Ilib /home/mhorsfall/crash.pl toke.c, scan_ident(): use PEEKSPACE() to skip over whitespace. This fixes a number of bugs regarding whitespace and line numbers It goes through a number of hoops to get the correct line number for :040000 040000 fea9796b35814ce4842f64bf81366bad5ee381ba Later in 5.21.5, they started working again in non-debug builds, but begain ("fixed" by:) commit 59685a4 add an assert that the length arg for UTF8f is non-negative If we dont we will just hit a different more confusing assert mhorsfall@dory:~/p5/perl$ runperls -dm 5.21.5 -e '0${' mhorsfall@dory:~/p5/perl$ runperls -dm 5.21.5 -e '0$#{' (Notice that "Missing operator before ?)" doesn't have the identifier The fix for this ticket fixed the first case, but are these individual Also, here's another broken one: mhorsfall@tworivers:~$ perl -e '0@' Though that never appeared to report properly. Also the newline after the @ In any case, I'm not sure if this needs to remain a blocker for 5.22 if we Cheers, -- Matthew Horsfall (alh) |
From @iabynOn Fri, Apr 24, 2015 at 01:06:41PM -0400, Matthew Horsfall (alh) wrote:
I've just fixed the 0$#{ case with v5.21.11-17-g310a0d0, but -- |
From @tonycozOn Fri Apr 24 10:07:10 2015, alh wrote:
I think they'll need individual fixes, since they depend on the handler for each token advancing the buffer pointer to provide enough context.
The attached improves the Missing operator line, it doesn't try to handle '0@$foo' but helps for '0@foo'. The newline for the syntax error line isn't specific to @, it occurs for other similar synax errors too: $ ./perl -e '0$foo' Tony |
From @tonycoz0001-perl-123737-delay-reporting-a-missing-operator-for-a.patchFrom 405867c6d927552e43332df4277784f77119b0e8 Mon Sep 17 00:00:00 2001
From: Tony Cook <[email protected]>
Date: Wed, 25 Nov 2015 16:07:51 +1100
Subject: [perl #123737] delay reporting a missing operator for arrays
Previously it was reported a the beginning of the '@' case, without
even skipping the @ symbol.
Make the code more similar to the scalar case and try to parse an
identifier first.
---
t/lib/croak/toke | 9 +++++++++
toke.c | 7 ++++---
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/t/lib/croak/toke b/t/lib/croak/toke
index 64012fb..50394da 100644
--- a/t/lib/croak/toke
+++ b/t/lib/croak/toke
@@ -37,6 +37,15 @@ syntax error at - line 1, near "0$#"
Missing right curly or square bracket at - line 1, at end of line
Execution of - aborted due to compilation errors.
########
+# NAME (Missing opertaor before @foo) [perl #123737]
+0@foo
+EXPECT
+Array found where operator expected at - line 1, near "0@foo"
+ (Missing operator before @foo?)
+syntax error at - line 1, near "0@foo
+"
+Execution of - aborted due to compilation errors.
+########
# NAME Unterminated here-doc in string eval
eval "<<foo"; die $@
EXPECT
diff --git a/toke.c b/toke.c
index 6d6975c..169c970 100644
--- a/toke.c
+++ b/toke.c
@@ -6353,11 +6353,12 @@ Perl_yylex(pTHX)
TOKEN('$');
case '@':
- if (PL_expect == XOPERATOR)
- no_op("Array", s);
- else if (PL_expect == XPOSTDEREF) POSTDEREF('@');
+ if (PL_expect == XPOSTDEREF)
+ POSTDEREF('@');
PL_tokenbuf[0] = '@';
s = scan_ident(s, PL_tokenbuf + 1, sizeof PL_tokenbuf - 1, FALSE);
+ if (PL_expect == XOPERATOR)
+ no_op("Array", s);
pl_yylval.ival = 0;
if (!PL_tokenbuf[1]) {
PREREF('@');
--
2.1.4
|
From @tonycozOn Tue Nov 24 21:22:47 2015, tonyc wrote:
Applied as a7162bf. Leaving open for further cases. Tony |
From @geeknikI see your fix in the git shortlog (http://perl5.git.perl.org/perl.git/shortlog), but Perl v5.23.7 (v5.23.6-104-g5dcc841) still SIGABRTs with perl -e '0@{': toke.c:539: S_no_op: Assertion `s >= oldbp' failed" Line 539 now as opposed to 536 in my original report. On Sun Jan 10 15:48:38 2016, tonyc wrote:
|
From @tonycozOn Mon Jan 11 16:55:50 2016, brian.carpenter@gmail.com wrote:
Oops, you're right, I got too into improving the message for 0@foo. The attached fixes it for me. Tony |
From @tonycoz0001-perl-123737-handle-a-non-identifer-after-better-for-.patchFrom 25dc4549efb21e888d4f0eaa858fa4fa2341562e Mon Sep 17 00:00:00 2001
From: Tony Cook <[email protected]>
Date: Tue, 12 Jan 2016 15:39:00 +1100
Subject: [perl #123737] handle a non-identifer after @ better for a missing op
Previously this would assert().
---
t/lib/croak/toke | 11 ++++++++++-
toke.c | 10 ++++++++--
2 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/t/lib/croak/toke b/t/lib/croak/toke
index 50394da..18dfa24 100644
--- a/t/lib/croak/toke
+++ b/t/lib/croak/toke
@@ -37,7 +37,7 @@ syntax error at - line 1, near "0$#"
Missing right curly or square bracket at - line 1, at end of line
Execution of - aborted due to compilation errors.
########
-# NAME (Missing opertaor before @foo) [perl #123737]
+# NAME (Missing operator before @foo) [perl #123737]
0@foo
EXPECT
Array found where operator expected at - line 1, near "0@foo"
@@ -46,6 +46,15 @@ syntax error at - line 1, near "0@foo
"
Execution of - aborted due to compilation errors.
########
+# NAME (Missing operator before @{) [perl #123737]
+0@{
+EXPECT
+Array found where operator expected at - line 1, near "0@{"
+ (Missing operator before @{?)
+syntax error at - line 1, near "0@"
+Missing right curly or square bracket at - line 1, at end of line
+Execution of - aborted due to compilation errors.
+########
# NAME Unterminated here-doc in string eval
eval "<<foo"; die $@
EXPECT
diff --git a/toke.c b/toke.c
index 95ce3fd..23c3521 100644
--- a/toke.c
+++ b/toke.c
@@ -6368,8 +6368,14 @@ Perl_yylex(pTHX)
POSTDEREF('@');
PL_tokenbuf[0] = '@';
s = scan_ident(s, PL_tokenbuf + 1, sizeof PL_tokenbuf - 1, FALSE);
- if (PL_expect == XOPERATOR)
- no_op("Array", s);
+ if (PL_expect == XOPERATOR) {
+ d = s;
+ if (PL_bufptr > s) {
+ d = PL_bufptr-1;
+ PL_bufptr = PL_oldbufptr;
+ }
+ no_op("Array", d);
+ }
pl_yylval.ival = 0;
if (!PL_tokenbuf[1]) {
PREREF('@');
--
2.1.4
|
From @tonycozOn Mon Jan 11 20:39:59 2016, tonyc wrote:
Applied as 61d3025. I also checked for similar problems in other calls to no_op() and didn't see any other cases I could make crash, so I'll close this ticket. Tony |
|
@tonycoz - Status changed from 'open' to 'pending release' |
From @khwilliamsonThank you for submitting this report. You have helped make Perl better. Perl 5.24.0 may be downloaded via https://metacpan.org/release/RJBS/perl-5.24.0 |
|
@khwilliamson - Status changed from 'pending release' to 'resolved' |
Migrated from rt.perl.org#123737 (status was 'resolved')
Searchable as RT123737$
The text was updated successfully, but these errors were encountered: