Skip Menu |

This queue is for tickets about the mod_perl CPAN distribution.

Report information
The Basics
Id: 83921
Status: resolved
Priority: 0/
Queue: mod_perl
People
Owner: Nobody in particular
Requestors: zefram [...] fysh.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Mar 13 10:23:31 2013 zefram [...] fysh.org - Ticket created
Subject: 5.17.6 new hash scheme requires update
Date: Wed, 13 Mar 2013 14:23:17 +0000
To: bug-mod_perl [...] rt.cpan.org
From: Zefram <zefram [...] fysh.org>
On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has disappeared. Attached patch updates mod_perl accordingly. -zefram

Message body is not shown because sender requested not to inline it.

  Thu Mar 14 05:06:44 2013 shay [...] cpan.org - Correspondence added
Thanks for the patch. Testing looks good so far, but I'm confused by the perl versions in this patch. The comment above modperl_hash_seed_set() (which your patch doesn't update, btw -- it would be helpful if it did) speaks of different behaviour before 5.8.1 compared to 5.8.1 onwards, and yet the original code picked out just 5.8.1 for special treatment, which looks odd. Was that wrong to start with? Should it have said #if MP_PERL_VERSION_AT_LEAST(5, 8, 1) rather than #if MP_PERL_VERSION(5, 8, 1)? In your patched version you now refer to #if MP_PERL_VERSION_AT_LEAST(5, 8, 2), i.e. 5.8.2 onwards, which is different again. Is that intentional? Also, am I correct in thinking that the change which this patch is for only went into 5.17.6, and was not part of the rehash security fix that also went into 5.14.4 and 5.16.3? (I think so, not least since mp2 builds fine on those versions, but I'm just double-checking...)
  Thu Mar 14 05:06:45 2013 The RT System itself - Status changed from 'new' to 'open'
  Thu Mar 14 07:38:36 2013 zefram [...] fysh.org - Correspondence added
Subject: Re: [rt.cpan.org #83921] 5.17.6 new hash scheme requires update
Date: Thu, 14 Mar 2013 11:38:12 +0000
To: Steve Hay via RT <bug-mod_perl [...] rt.cpan.org>
From: Zefram <zefram [...] fysh.org>
Steve Hay via RT wrote: Show quoted text
> speaks of different >behaviour before 5.8.1 compared to 5.8.1 onwards, and yet the original >code picked out just 5.8.1 for special treatment, which looks odd. Was >that wrong to start with?
Picking out a single version is pretty much never the right way to construct a perl version condition. You should almost always compare $] Show quoted text
>= constant (or, for the opposite sense, $] < constant). Of the macros
you have for this, only MP_PERL_VERSION_AT_LEAST() performs this preferred type of comparison. In this particular case, it's complicated. 5.8.2 and above, until the change in 5.17.6, have hash_seed and rehash_seed. 5.8.1 has only hash_seed. 5.8.0 and below have *neither*, so neither version of the code there is correct. On those versions the outer conditional, MP_NEED_HASH_SEED_FIXUP, must be false, which it is by virtue of a MP_PERL_VERSION_AT_MOST(5, 8, 0) in the logic defining it. So the existing logic is extensionally correct, in that it produces the correct result on each Perl version. But it's in a misleading form; it *looks* wrong. In the course of adding the new branch to the conditional, with a condition that must be a range check, it seemed least confusing, albeit strictly unncessary, to reformulate the existing condition into the standard form. This way the conditions take the same form, they best express the way changes occur between versions, and the branches of the conditional appear in strict descending order of version range. Show quoted text
> Should it have said #if >MP_PERL_VERSION_AT_LEAST(5, 8, 1) rather than #if MP_PERL_VERSION(5, 8, 1)?
No, that would have been incorrect, because that condition needs to be false on 5.8.2 and above. It could have correctly been MP_PERL_VERSION_AT_MOST(5, 8, 1). The range check behind MP_NEED_HASH_SEED_FIXUP could (and ideally should) be expressed as MP_PERL_VERSION_AT_LEAST(5, 8, 1) rather than the present !MP_PERL_VERSION_AT_MOST(5, 8, 0). Show quoted text
>In your patched version you now refer to #if MP_PERL_VERSION_AT_LEAST(5, >8, 2), i.e. 5.8.2 onwards, which is different again. Is that intentional?
This is just doing the (correct) range check the preferred way round. Show quoted text
>Also, am I correct in thinking that the change which this patch is for >only went into 5.17.6, and was not part of the rehash security fix that >also went into 5.14.4 and 5.16.3?
Yes. Such a radical change isn't allowed in maint releases these days; it's not like the 5.8.1 days. 5.16.3 just tweaks the existing hash mechanism, but 5.17.6 replaces it wholesale. -zefram
  Fri Mar 15 05:14:25 2013 shay [...] cpan.org - Correspondence added
On Thu Mar 14 07:38:36 2013, zefram@fysh.org wrote: Show quoted text
> Steve Hay via RT wrote:
> > speaks of different > >behaviour before 5.8.1 compared to 5.8.1 onwards, and yet the original > >code picked out just 5.8.1 for special treatment, which looks odd. Was > >that wrong to start with?
> > Picking out a single version is pretty much never the right way to > construct a perl version condition. You should almost always compare $]
> >= constant (or, for the opposite sense, $] < constant). Of the macros
> you have for this, only MP_PERL_VERSION_AT_LEAST() performs this preferred > type of comparison. > > In this particular case, it's complicated. 5.8.2 and above, until > the change in 5.17.6, have hash_seed and rehash_seed. 5.8.1 has > only hash_seed. 5.8.0 and below have *neither*, so neither version of > the code there is correct. On those versions the outer conditional, > MP_NEED_HASH_SEED_FIXUP, must be false, which it is by virtue of a > MP_PERL_VERSION_AT_MOST(5, 8, 0) in the logic defining it. > > So the existing logic is extensionally correct, in that it produces the > correct result on each Perl version. But it's in a misleading form; it > *looks* wrong. In the course of adding the new branch to the conditional, > with a condition that must be a range check, it seemed least confusing, > albeit strictly unncessary, to reformulate the existing condition into > the standard form. This way the conditions take the same form, they > best express the way changes occur between versions, and the branches > of the conditional appear in strict descending order of version range.
Thanks for the clarification. I agree it looks much better now :-) Show quoted text
>
> > Should it have said #if > >MP_PERL_VERSION_AT_LEAST(5, 8, 1) rather than #if MP_PERL_VERSION(5,
8, 1)? Show quoted text
> > No, that would have been incorrect, because that condition > needs to be false on 5.8.2 and above. It could have correctly > been MP_PERL_VERSION_AT_MOST(5, 8, 1). The range check behind > MP_NEED_HASH_SEED_FIXUP could (and ideally should) be expressed > as MP_PERL_VERSION_AT_LEAST(5, 8, 1) rather than the present > !MP_PERL_VERSION_AT_MOST(5, 8, 0).
Ah, now that I understand, I would not have asked that question! That's how misleading it *was*!... Show quoted text
>
> >In your patched version you now refer to #if MP_PERL_VERSION_AT_LEAST(5, > >8, 2), i.e. 5.8.2 onwards, which is different again. Is that intentional?
> > This is just doing the (correct) range check the preferred way round. >
> >Also, am I correct in thinking that the change which this patch is for > >only went into 5.17.6, and was not part of the rehash security fix that > >also went into 5.14.4 and 5.16.3?
> > Yes. Such a radical change isn't allowed in maint releases these days; > it's not like the 5.8.1 days. 5.16.3 just tweaks the existing hash > mechanism, but 5.17.6 replaces it wholesale. >
Ok, it looks good to me then, but I will actually test it with various perl versions before committing it. I will do that over this coming weekend and then maybe see if we can get a 2.0.8 release rolled soon.
  Sun Mar 17 22:08:56 2013 shay [...] cpan.org - Correspondence added
Thanks again for the patch. Now committed to mod_perl's trunk as revision 1457618.
  Sun Mar 17 22:08:58 2013 shay [...] cpan.org - Status changed from 'open' to 'resolved'