Re: [mp1] Safe segfaults with mp1
Stas Bekman wrote: [...] It's handy to have p5p people sitting next to you. Just asked this question Tim Bunce, and he replied: Safe is a failed experiment. It works only for several cases. TIEHANDLE is not one of them [print under mod_perl uses a tied STDOUT]. Do not use it if it doesn't work for you. I'm supposed to ask Dan Sugalsky whether perl6 will have this functionality designed from the ground up. I just did that and Dan has replied: Of course! It's working already! So if anybody has a few minutes to port mod_perl to perl6 __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
[mp1] Safe segfaults with mp1
This works, separate file /tmp/test.pl: use Safe; my($compartment) = new Safe; $compartment-permit(qw(:browse)); $compartment-reval(print \gnu\n\;); if($@) { die $@; } print \n\n; (Script prints gnu) This does not work, in perl-handler Handler.pm: [...] use Safe; sub handler { my $r = shift; return DECLINED unless $r-content_type() eq 'text/html'; [...] print Content-type: text/plain\n\n; my($compartment) = new Safe; $compartment-permit(qw(:browse)); $compartment-reval(print \gnu\n\;); if($@) { die $@; } [...] Request results in segfault: [Thu Jul 24 12:59:56 2003] [notice] child pid 3003 exit signal Segmentation fault (11) If I comment out $compartment-reval(), then the process does not segfault. Since Safe works outside mod_perl, I'm guessing there's something with the mod_perl environment that messes things up. I have run the rest of the setup for several months now without noticing any other ill effects, so I don't think it is a bad installation of something. Setup is: Gentoo linux perl 5.8.0 apache 1.3.27 mod_perl 1.27 Ideas anyone? // Joel
Re: [mp1] Safe segfaults with mp1
Joel Palmius wrote: This works, separate file /tmp/test.pl: use Safe; my($compartment) = new Safe; $compartment-permit(qw(:browse)); $compartment-reval(print \gnu\n\;); if($@) { die $@; } print \n\n; (Script prints gnu) This does not work, in perl-handler Handler.pm: [...] use Safe; sub handler { my $r = shift; return DECLINED unless $r-content_type() eq 'text/html'; [...] print Content-type: text/plain\n\n; my($compartment) = new Safe; $compartment-permit(qw(:browse)); $compartment-reval(print \gnu\n\;); if($@) { die $@; } [...] Request results in segfault: [Thu Jul 24 12:59:56 2003] [notice] child pid 3003 exit signal Segmentation fault (11) If I comment out $compartment-reval(), then the process does not segfault. Since Safe works outside mod_perl, I'm guessing there's something with the mod_perl environment that messes things up. I have run the rest of the setup for several months now without noticing any other ill effects, so I don't think it is a bad installation of something. Setup is: Gentoo linux perl 5.8.0 apache 1.3.27 mod_perl 1.27 Ideas anyone? Joel, I have reproduced the segfault using your test script. It's handy to have p5p people sitting next to you. Just asked this question Tim Bunce, and he replied: Safe is a failed experiment. It works only for several cases. TIEHANDLE is not one of them [print under mod_perl uses a tied STDOUT]. Do not use it if it doesn't work for you. I'm supposed to ask Dan Sugalsky whether perl6 will have this functionality designed from the ground up. We could prevent the segfault in mod_perl, but you still won't be able to use Safe under it. So IMHO it's not worth the slowdown to do extra checks. Should probably add it to the troubleshooting section. __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
Re: [mp1] Safe segfaults with mp1
Stas Bekman wrote: Joel Palmius wrote: use Safe; my($compartment) = new Safe; $compartment-permit(qw(:browse)); $compartment-reval(print \gnu\n\;); [...] Request results in segfault: [Thu Jul 24 12:59:56 2003] [notice] child pid 3003 exit signal Segmentation fault (11) [...] Joel, I have reproduced the segfault using your test script. It's handy to have p5p people sitting next to you. Just asked this question Tim Bunce, and he replied: Safe is a failed experiment. It works only for several cases. TIEHANDLE is not one of them [print under mod_perl uses a tied STDOUT]. Do not use it if it doesn't work for you. I'm supposed to ask Dan Sugalsky whether perl6 will have this functionality designed from the ground up. We could prevent the segfault in mod_perl, but you still won't be able to use Safe under it. So IMHO it's not worth the slowdown to do extra checks. Should probably add it to the troubleshooting section. And here is the patch that prevents the segfault. I'm not sure whether it should go in. I have attached it as well, since the original had \t in it and it'll be certainly mangled. Index: src/modules/perl/Apache.xs === RCS file: /home/cvs/modperl/src/modules/perl/Apache.xs,v retrieving revision 1.128 diff -u -r1.128 Apache.xs --- src/modules/perl/Apache.xs 6 Jul 2003 04:51:20 - 1.128 +++ src/modules/perl/Apache.xs 24 Jul 2003 14:38:33 - @@ -1134,7 +1134,9 @@ sv_setiv(sendh, 0); } else { - CV *cv = GvCV(gv_fetchpv(Apache::write_client, FALSE, SVt_PVCV)); +/* should exist already */ +CV *cv = GvCV(gv_fetchpv(Apache::write_client, GV_ADDWARN, SVt_PVCV)); +if(!cv) croak(can't find Apache::write_client, are you using Safe.pm?); soft_timeout(mod_perl: Apache-print, r); PUSHMARK(mark); #ifdef PERL_OBJECT __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com Index: src/modules/perl/Apache.xs === RCS file: /home/cvs/modperl/src/modules/perl/Apache.xs,v retrieving revision 1.128 diff -u -r1.128 Apache.xs --- src/modules/perl/Apache.xs 6 Jul 2003 04:51:20 - 1.128 +++ src/modules/perl/Apache.xs 24 Jul 2003 14:45:16 - @@ -1134,7 +1134,9 @@ sv_setiv(sendh, 0); } else { - CV *cv = GvCV(gv_fetchpv(Apache::write_client, FALSE, SVt_PVCV)); +/* should exist already */ +CV *cv = GvCV(gv_fetchpv(Apache::write_client, GV_ADDWARN, SVt_PVCV)); +if(!cv) croak(can't find Apache::write_client, are you using Safe.pm?); soft_timeout(mod_perl: Apache-print, r); PUSHMARK(mark); #ifdef PERL_OBJECT
Re: [mp1] Safe segfaults with mp1
Ah, well, after a five hours of experimentation I thought up a working workaround anyway. This works with an unpatched version of mp1 ($substr is any perl code fetched from external source): my(@ops) = split(/\x0a/,$substr); my($cell,$reval); foreach $cell (@ops) { $cell =~ s/^[\x09\ ]+//g; $cell =~ s/^print\ /\$output\ \.\=\ /; if($cell) { $reval .= $cell . \n; } } my($output); $reval .= \$output;\n; my($compartment) = new Safe(Tempo); $compartment-permit(qw(:browse)); $output = $compartment-reval($reval); if($@) { $self-{ERROR} = gettext(Security exception: . $@); $self-{ERRORCODE} = 99; } print $output; I just replace all print statements with $output .= , and then make sure that the reval results in the final contents of $output, which I then print outside the reval(). Works fine now. So far nothing else has crashed, although I'm somewhat suspicious of a number of rather random events in the code. I'm almost certain this is me having messed up something else though. However, if I'm not supposed to use Safe in conjunction with mp, what *am* I supposed to use? I might be possible to convince to write a version of Safe specifically for mp1, although I expect I shall have to experience more problems with the existing Safe code to be bothered. :-) // Joel On Thu, 24 Jul 2003, Stas Bekman wrote: Joel, I have reproduced the segfault using your test script. It's handy to have p5p people sitting next to you. Just asked this question Tim Bunce, and he replied: Safe is a failed experiment. It works only for several cases. TIEHANDLE is not one of them [print under mod_perl uses a tied STDOUT]. Do not use it if it doesn't work for you. I'm supposed to ask Dan Sugalsky whether perl6 will have this functionality designed from the ground up. We could prevent the segfault in mod_perl, but you still won't be able to use Safe under it. So IMHO it's not worth the slowdown to do extra checks. Should probably add it to the troubleshooting section. __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
Re: [mp1] Safe segfaults with mp1
Joel Palmius wrote: Ah, well, after a five hours of experimentation I thought up a working workaround anyway. This works with an unpatched version of mp1 ($substr is any perl code fetched from external source): my(@ops) = split(/\x0a/,$substr); my($cell,$reval); foreach $cell (@ops) { $cell =~ s/^[\x09\ ]+//g; $cell =~ s/^print\ /\$output\ \.\=\ /; if($cell) { $reval .= $cell . \n; } } my($output); $reval .= \$output;\n; my($compartment) = new Safe(Tempo); $compartment-permit(qw(:browse)); $output = $compartment-reval($reval); if($@) { $self-{ERROR} = gettext(Security exception: . $@); $self-{ERRORCODE} = 99; } print $output; I just replace all print statements with $output .= , and then make sure that the reval results in the final contents of $output, which I then print outside the reval(). Works fine now. So far nothing else has crashed, although I'm somewhat suspicious of a number of rather random events in the code. I'm almost certain this is me having messed up something else though. Neat. I expect it to work as long as you do simple things, it's going to be much harder to make it working with more complex code. However I was trying to simplify your logic and use IO::String to catch the output: print Content-type: text/plain\n\n; use warnings; use strict; use Safe; our $output = ''; my($cmpt) = new Safe 'MyRoot'; $cmpt-share('$output'); $cmpt-permit(qw(leaveeval entereval caller require :browse )); $cmpt-reval('EOI'); # redirect prints to a buffer use IO::String; my $str_fh = IO::String-new($output); select $str_fh; # put the normal code here print gnu\n; EOI if($@) { die $@; } select STDOUT; print $output; However, if I'm not supposed to use Safe in conjunction with mp, what *am* I supposed to use? I didn't say that. I just said that if it doesn't work for you... but as you have just shown that TIMTOWTDI ;) I might be possible to convince to write a version of Safe specifically for mp1, although I expect I shall have to experience more problems with the existing Safe code to be bothered. :-) You can always give it a try. __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com