From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: npostavs@users.sourceforge.net Newsgroups: gmane.emacs.bugs Subject: bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size") Date: Mon, 14 Nov 2016 22:08:18 -0500 Message-ID: <87wpg5l9st.fsf@users.sourceforge.net> References: <87twc6tl0i.fsf@users.sourceforge.net> <83h97nlknj.fsf@gnu.org> <87mvhdoh4q.fsf@users.sourceforge.net> <83zilcipcr.fsf@gnu.org> <87a8d4lyzo.fsf@users.sourceforge.net> <83a8d3cq9s.fsf@gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: blaine.gmane.org 1479179608 28430 195.159.176.226 (15 Nov 2016 03:13:28 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 15 Nov 2016 03:13:28 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) Cc: 24751@debbugs.gnu.org To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Nov 15 04:13:19 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c6UBK-0005C1-Fc for geb-bug-gnu-emacs@m.gmane.org; Tue, 15 Nov 2016 04:13:10 +0100 Original-Received: from localhost ([::1]:43853 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c6UBN-00070Z-KU for geb-bug-gnu-emacs@m.gmane.org; Mon, 14 Nov 2016 22:13:13 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:38729) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c6U6P-0002in-Md for bug-gnu-emacs@gnu.org; Mon, 14 Nov 2016 22:08:06 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c6U6M-0005Bk-IJ for bug-gnu-emacs@gnu.org; Mon, 14 Nov 2016 22:08:05 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:42157) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1c6U6M-0005Bg-EV for bug-gnu-emacs@gnu.org; Mon, 14 Nov 2016 22:08:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1c6U6M-0004zH-3Q for bug-gnu-emacs@gnu.org; Mon, 14 Nov 2016 22:08:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: npostavs@users.sourceforge.net Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 15 Nov 2016 03:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 24751 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 24751-submit@debbugs.gnu.org id=B24751.147917925919137 (code B ref 24751); Tue, 15 Nov 2016 03:08:02 +0000 Original-Received: (at 24751) by debbugs.gnu.org; 15 Nov 2016 03:07:39 +0000 Original-Received: from localhost ([127.0.0.1]:57556 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c6U5y-0004ya-IB for submit@debbugs.gnu.org; Mon, 14 Nov 2016 22:07:38 -0500 Original-Received: from mail-it0-f42.google.com ([209.85.214.42]:38015) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1c6U5w-0004yL-JI for 24751@debbugs.gnu.org; Mon, 14 Nov 2016 22:07:36 -0500 Original-Received: by mail-it0-f42.google.com with SMTP id q124so164241176itd.1 for <24751@debbugs.gnu.org>; Mon, 14 Nov 2016 19:07:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=fYjoZ8LKEP98kKGGXHKu3Uk3eXXKxFNRCBxC1MxMjf8=; b=nekUdRdY/jHBgATMjz/7sKn1nTI93LJW5zEzezdy7GYrLV4rcMZkcALJ1YW9D81IR2 fLSzjjAnwGQh+bs4JTfsXekNxAdQCedjqUd1mkPwsrz86j5JRHk75OZMP1T1TE07zfA8 MXt+qkDtf1Ui4mYKSEWpXLH3/pFzN60ZEKjtUJUDHlK6T4RYzAy6ddsk3GBE/SdQ/Np4 srNV/KXcz1uOXtwmdwR/Oeml8lrgK0X4JwHe51EGmYpoxUZWVnu4B10/O4XHee7/85aA 4/X9sMT7lA28dQWTqz9F4VpGToSqhuJf0Ev1nNC/jetEbsaKoTmdMWlnOIB8mMdO2At0 IFrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:from:to:cc:subject:references:date :in-reply-to:message-id:user-agent:mime-version; bh=fYjoZ8LKEP98kKGGXHKu3Uk3eXXKxFNRCBxC1MxMjf8=; b=Q4NfoOP6q+c4eT+0v5P1oMPi3GhhBARDtXZcVHAedF5uEQoE5QwQEm1g75RRHiKyNu WUBJKuxSCJWjrliclJgApaYhKKpf1wWG3lZZmEAvYR21/WM98WJyEdfXYxlhhvp66L3k ryjnhL4rJZZowAt9J99UCq2MxaDGz4sDS7cG4TrjkFfn4jOIdprmTYxQPx6e8BG4bJKE EM7OkTAmWvOYrWNo46W1FLXcNvFY99O//iERMwlpNSG+8pMxVit9E6wNUREl0KaHzt3k IUXP3mNuvg2WTAoQ2PX4sDuJLOSIgDBBSr8tZZT+QzEuBFEcp8Iev6NtCZzsjbNGJCyX uonQ== X-Gm-Message-State: ABUngvdMmsZ3DG/NLRaSrn8KmznDjPR+1v1rALobHxpDIM+T2Tbc6R5EiP9VL21aZuVWVQ== X-Received: by 10.36.83.213 with SMTP id n204mr1217362itb.100.1479179250972; Mon, 14 Nov 2016 19:07:30 -0800 (PST) Original-Received: from zony ([45.2.7.65]) by smtp.googlemail.com with ESMTPSA id h142sm817710itb.1.2016.11.14.19.07.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 14 Nov 2016 19:07:30 -0800 (PST) In-Reply-To: <83a8d3cq9s.fsf@gnu.org> (Eli Zaretskii's message of "Sun, 13 Nov 2016 18:12:47 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:125705 Archived-At: Eli Zaretskii writes: >> >> Yes, I suppose we should also try to make use of the stack, rather than >> calling malloc, right? Something like this: >> >> diff --git i/src/regex.c w/src/regex.c >> index d23ba01..dcabde5 100644 >> --- i/src/regex.c >> +++ w/src/regex.c >> @@ -447,7 +447,11 @@ init_syntax_once (void) >> #else /* not REGEX_MALLOC */ >> >> # ifdef emacs >> -# define REGEX_USE_SAFE_ALLOCA USE_SAFE_ALLOCA >> +# define REGEX_USE_SAFE_ALLOCA \ >> + ptrdiff_t sa_avail = re_max_failures \ >> + * TYPICAL_FAILURE_SIZE * sizeof (fail_stack_elt_t); \ >> + ptrdiff_t sa_count = SPECPDL_INDEX (); bool sa_must_free = false >> + > > Yes. And please also add a comment there saying that this replaces > USE_SAFE_ALLOCA. Actually, we should avoid increasing this limit if the stack wasn't increased, right? Here's what I came up with, I think it doesn't cover Cygwin/Windows though. diff --git c/src/emacs.c i/src/emacs.c index b74df21..d4655c8 100644 --- c/src/emacs.c +++ i/src/emacs.c @@ -831,8 +831,8 @@ main (int argc, char **argv) re_max_failures, then add 33% to cover the size of the smaller stacks that regex.c successively allocates and discards on its way to the maximum. */ - int ratio = 20 * sizeof (char *); - ratio += ratio / 3; + int min_ratio = 20 * sizeof (char *); + int ratio = min_ratio + min_ratio / 3; /* Extra space to cover what we're likely to use for other reasons. */ int extra = 200000; @@ -869,6 +869,7 @@ main (int argc, char **argv) /* Don't let regex.c overflow the stack. */ re_max_failures = lim < extra ? 0 : min (lim - extra, SIZE_MAX) / ratio; + emacs_re_safe_alloca = re_max_failures * min_ratio; } #endif /* HAVE_SETRLIMIT and RLIMIT_STACK and not CYGWIN */ diff --git c/src/regex.c i/src/regex.c index d23ba01..56cffa1 100644 --- c/src/regex.c +++ i/src/regex.c @@ -447,7 +447,13 @@ init_syntax_once (void) #else /* not REGEX_MALLOC */ # ifdef emacs -# define REGEX_USE_SAFE_ALLOCA USE_SAFE_ALLOCA +/* This may be adjusted in main(), if the stack is successfully grown. */ +ptrdiff_t emacs_re_safe_alloca = MAX_ALLOCA; +/* Like USE_SAFE_ALLOCA, but use emacs_re_safe_alloca. */ +# define REGEX_USE_SAFE_ALLOCA \ + ptrdiff_t sa_avail = emacs_re_safe_alloca; \ + ptrdiff_t sa_count = SPECPDL_INDEX (); bool sa_must_free = false + # define REGEX_SAFE_FREE() SAFE_FREE () # define REGEX_ALLOCATE SAFE_ALLOCA # else diff --git c/src/regex.h i/src/regex.h index 4922440..45cbe0a 100644 --- c/src/regex.h +++ i/src/regex.h @@ -187,6 +187,11 @@ /* Roughly the maximum number of failure points on the stack. */ extern size_t re_max_failures; +#ifdef emacs +/* Amount of memory that we can safely stack allocate. */ +extern ptrdiff_t emacs_re_safe_alloca; +#endif + /* Define combinations of the above bits for the standard possibilities. (The [[[ comments delimit what gets put into the Texinfo file, so >> >> >> Actually I find Emacs still compiles if I removed that line completely, >> there's just a compile warning saying >> >> regex.o: In function `re_match_2_internal': >> /home/npostavs/src/emacs/emacs-master/lib-src/../src/regex.c:5529: warning: the 're_max_failures' variable is obsolete and will go away. >> >> I guess there's some kind of definition of it in libc? > > Most probably. You should be able to see that using "nm -A". If > that's indeed so, I think we should rename that variable to something > like emacs_re_max_failures, to avoid stomping on the libc variable.. Ah, right: $ nm -A /usr/lib/libc.so.6 | grep re_max_failures /usr/lib/libc.so.6:0000000000000000 n __evoke_link_warning_re_max_failures /usr/lib/libc.so.6:00000000003981d8 D re_max_failures