[Coke] (bah. the bisect pointed at that commit, but I'm having trouble getting a working version with the moarvm just before that, either.) 00:33
TimToady my cursory glance at perl6-all-modules seems to indicate most parser tests are success oriented, or use boolean context for failure, so that's close to okay 00:49
Geth rakudo/nom: cbfda90615 | (Aleks-Daniel Jakimenko-Aleksejev)++ | docs/ChangeLog
Log all changes since 2017.07

Deliberately not logged:
0d7ea0a0 8cc64696 6723006f 4c8b1523 37b14836 d56573a7 de02bc3d 278e2918 d37be249 91be8bc1 8e960522 b8036aff d46f8371 875b0843 356dc404 e0d108bf 64064187 1d06770b 15debeec dc4ed746 50d38a1f 5a58498c 59e55646 99375e4a 48ce47e6 f083cfc6 a8016278 7fdbb49c f1464e22 c63c57e9 67455170 6e001867 59ba9c02 3c797b05 a256c26d 7599e0c3 c43ba0d0 d9f51da8 412c576b abf1cfe7 bf7063d1 c3da74d8 da4a0f50 29e41b45 c68762f4 6c76ed0a ce0b7b31 d151d8ad
00:51
roast/6.c-errata: b0044b0751 | TimToady++ | 2 files
fix tests that depend on failed parse --> Nil
AlexDaniel releasable6: status 00:57
releasable6 AlexDaniel, Next release in 3 days and ?18 hours. 2 blockers. 164 out of 165 commits logged
AlexDaniel, Details: gist.github.com/cd7f696d7be986c6f6...0adad0299b
AlexDaniel releasable6: how can I log (or ignore) something if I don't know its sha yet? You stupid.
releasable6 AlexDaniel, I cannot recognize this command. See wiki for some examples: github.com/perl6/whateverable/wiki/Releasable
timotimo "added change of changelog to changelog" 00:59
"added change of changing the changelog to changelog"
AlexDaniel timotimo: but then you'll have to, yes
TimToady
.oO(What is the name of the changelog called?)
01:00
AlexDaniel This is how robot uprising is going to look like. They will torture us asking to include a sha in the commit message of the same damn commit
timotimo we have to mine changelogcoin 01:01
AlexDaniel wait, but it's only 8 characters
which isā€¦ kinda a lot, but what's the estimate? 01:02
timotimo should be doable with a little time investment
Zoffix (+ Internal: + Introduced Mixy.total-positive [f49c49bb].... that's not a very internal-looking method name; wrong section?) 01:03
Dunno, is this really worth putting in the changelog? ĀÆ\_(?)_/ĀÆ "+ Removed a 3-year old hack [e86bdfca]" 01:04
AlexDaniel Zoffix: yea, I've been thinking about this too. It's not in roast yet, as far as I know, so decided to put it there
Zoffix "Internal" section was originally meant as "large internal changes that may indirectly impact users".
AlexDaniel oh
Zoffix Just saying. I'm not here to tell you how to run the show :)
Zoffix re-disappears
AlexDaniel feedback is welcome, thanks :) 01:05
Geth roast: b53616f8e6 | TimToady++ | 2 files
fix tests that depend on failed parse --> Nil
01:06
roast: 1fb68c4b7a | TimToady++ | S05-grammar/example.t
generalize overly specific parsing test

We shouldn't be testing to see that a parse specifically returns Nil, since in the future it will be returning Failure. In any case, that's not what this test is trying to test, so it shouldn't.
rakudo/nom: 9501edae4f | TimToady++ | src/core/Grammar.pm
return Failure from failed P6-level .parse

The .parse and .parsefile methods will now return a Failure object that points to the high-water state of the parser, if available. (The .subparse method does not, since it is presumed to be for lower-level piecemeal matching that is likelier to be success-oriented and have its own failure recovery modes.)
01:13
TimToady okay, we'll see if that flies in the ecosystem 01:14
if not, it's an easy retraction
my inspection of perl6-all-modules did not turn up any danger signs, but we could yet be blindsided
otoh, we're getting an amount of bad press about not showing a default error message on grammar failure, so it might be worth a bit of heartburn 01:15
AlexDaniel this looks very promising 01:35
but oh Larry, our brave man. Three days before the release :) 01:36
TimToady sometimes it's difficult to tell the brave from the foolhardy, except in retrospect :) 01:37
TimToady just hopes perl6-all-modules is representative of most usage
otoh, it can be argued that people who don't test the return value of .parse deserve what they get :) 01:38
and in any case, the fixes should be relative trivial, if any are needed 01:39
*tively
samcv TimToady, why would you show an error on false parses though? 01:40
i mean we don't do it for regex
i mean i guess it could be optional? 01:41
not sure why they would expect it though. there's LOADS of times a failed parse is expected
AlexDaniel it gives you a Failure, you don't have to sink it ;)
TimToady and you can always use .subparse if you want finer control 01:42
AlexDaniel m: grammar G { rule TOP { <a> <a> }; rule a { <b> }; rule b { <c> }; rule c { $<d>=x } }; my $x = G.parse('x z'); say WHAT $x
camelia (Failure)? 01:50
AlexDaniel m: grammar G { rule TOP { <a> <a> }; rule a { <b> }; rule b { <c> }; rule c { $<d>=x } }; G.parse('x z')
camelia 5===SORRY!5=== Error while compiling <anon>?Confused?at <anon>:1?------> 3<BOL>7?5x z?Actually thrown at:? in block <unit> at <tmp> line 1??
awwaiid TimToady: I just checked a random script of mine which does .parse, and it indeed blindly tries to use the result -- I believe in a way that is no worse off with your change, and will be significantly proved if it takes your change into account (with only a single line addition). As another datapoint for you :)
AlexDaniel c: HEAD~10 grammar G { rule TOP { <a> <a> }; rule a { <b> }; rule b { <c> }; rule c { $<d>=x } }; my $x = G.parse('x z'); say WHAT $x
committable6 AlexDaniel, Ā¦HEAD~10: Ā«(Any)Ā»
awwaiid significantly improved
TimToady almost all the uses of .parse I saw were success oriented in that way :)
I guess ilbot missed that bit of conversation :) 01:53
travis-ci Rakudo build failed. TimToady 'return Failure from failed P6-level .parse 02:13
travis-ci.org/rakudo/rakudo/builds/264970177 github.com/rakudo/rakudo/compare/c...01edae4f73
buggable [travis build above] ? All failures are due to timeout (0), missing build log (0), GitHub connectivity (1), or failed make test (0).
samcv yay more tests 02:21
Geth roast: 649d9dc503 | (Samantha McVey)++ | S03-operators/comparison.t
Add tests to make sure synthetics compare properly

These tests are to handle the fixes done here:
  "Fix MVM_string_compare to support deterministic comparing of synthetics"
  github.com/MoarVM/MoarVM/commit/ab...c0dcb693cd
roast: 8695092352 | (Samantha McVey)++ | S03-operators/comparison.t
Change all tests in comparison.t to use is-deeply

Also remove some trailing whitespace.
BenGoldberg m: sub foo { COMPILING::<bar> = my sub { 42 } }; package Baz { BEGIN foo(); bar() }; # What am I doing wrong? 02:25
camelia 5===SORRY!5=== Error while compiling <tmp>?Undeclared routine:? bar used at line 1. Did you mean 'VAR', 'bag'???
samcv all the 3 i added fail before i added that change. declared the strings in the order that would cause them to fail 02:27
Geth roast: 51c4ac08bd | (Samantha McVey)++ | S03-operators/comparison.t
Add a large number of string comparison tests

  * Test comparing empty strings with cmp & leg
  = Add a function to test various cases:
  * Test same string but different in length
   ** Test reversed term returns opposite result
  * Same string of various lengths but last grapheme is different
  * Same length string but different character is in various locations
   ** Same as previous test, but the different character is a lower codepoint
   than previous test
03:42
AlexDaniel samcv++ 03:51
samcv i wonder how much work adding a string search algorithm would be 03:56
since now ignoremark/ignorecase+ignoremark/plain index operations all go through the same function 03:57
well aside from the index when both are flat strings of the same type that use memmem
adding it before would have required either doing it for just plain search or doing what has now been done AND adding the algorithm. but now that it's all in one function it makes adding the algorithm work for all the functions which is pretty nice 03:58
lizmat Files=1217, Tests=67435, 267 wallclock secs (13.61 usr 5.08 sys + 1795.67 cusr 176.89 csys = 1991.25 CPU) 08:43
[Coke] has someone written a script to do a bisect across rakudo/nqp/moarvm? 12:46
brrt don't think we have. also, arguably not easily bisectable, since the space is threedimensional 12:52
yoleaux 11:49Z <markmont> brrt: irclog.perlgeek.de/moarvm/2017-08-16#i_15024158
nine Zoffix: would you be ok with IRC::Client not just catching all exceptions and turning them into warnings? That's the reason why Geth keeps disappearing. Connection gets reset for some reason and the warning logged, but since Geth doesn't exit, systemd will not restart it. 13:36
AlexDaniel brrt: doesn't necessarily have to be. If I got it right, you can swap moar in some cases without any issues
brrt: and even if not, you can compile on demand. There are 12 steps IIRC, so that's 12Ɨ3 minutes approximately 13:38
brrt: but you can speed it up if you compile two rakudos ahead of time for the next step
that should halve the time, if I got it right 13:39
there's github.com/perl6/whateverable/issues/40 and maybe github.com/perl6/whateverable/issues/195 13:40
whateverable right now has moar and rakudo built on every commit since 2014.01 13:41
and it takes just a little bit of space actually
so even if it is threedimensional as you say, you can still squish it into a reasonable amount of space
oh also, 12 steps a wrong number. Should be less because you only have a couple of commits between bumps 13:46
Zoffix nine: what's the warning?
AlexDaniel that's considering the fact that rakudo bisect is a solved problem
Zoffix I rather IRC::Client reconnect instead of crashing and relying on some support script to restart it 13:47
nine Zoffix: that would be absolutely fine, too, of course :) 13:54
Zoffix: warning could be "Jul 29 23:15:52 camelia perl6[32400]: ??? _ Connection closed"
Zoffix: also "Aug 13 10:35:56 camelia perl6[27970]: [ERROR] [27970] [11] connection reset by peer in method send-response at /home/geth/.perl6/sources/41D120CC8C5AC1ADBAA2CC7E606E4F8710D84044 (HTTP::Server::Tiny) line 350"
Or this one: Aug 11 13:55:29 beta perl6[25007]: connection reset by peer 13:55
Zoffix .in 3d fix IRC::Client/Geth: irclog.perlgeek.de/perl6-dev/2017-...i_15024568 14:00
yoleaux Zoffix: I'll remind you on 19 Aug 2017 14:00Z
Zoffix K, I'll try to fix this on the weekend
nine ++Zoffix
[Coke] AlexDaniel: can't use whatever for this because I'm specifically chasing something on OS X. 14:12
(though maybe I can if I install it locally, I dunno) 14:13
AlexDaniel [Coke]: I know, right. I'm planning to make bots easily runnable locally, right now they are not.
Geth rakudo/nom: 63cdc426ad | (Zoffix Znet)++ (committed using GitHub Web editor) | src/core/Rakudo/Iterator.pm
Fix two typos to unbreak JVM build

Per
  - github.com/rakudo/rakudo/commit/3a...t-23677553
  - github.com/rakudo/rakudo/commit/50...t-23677589
15:22
lizmat Zoffix++ # catching JVM build errors /me let through 15:27
Skarsnik Hello, Dunno if it's interesting but some tests for NC fail on my chromebook (armv71) 15:29
lizmat hmmm I had given up on building JVM, but it appears it is now busted for me completely: 15:32
gist.github.com/lizmat/ca7311a55f0...013a53e715
lizmat tries a fresh clone 15:34
timotimo lizmat: the method it refers to, String.codePoints, seems to be new in Java8?
lizmat same result :-(
$ javac -version 15:35
javac 1.7.0_45
timotimo is java8 just java 1.8? or is it more silly than that? 15:36
Skarsnik gist.github.com/Skarsnik/8df31328a...93664d644f
timotimo Skarsnik: little endian vs big endian? 15:37
nine timotimo: it's just that
timotimo ok, so if we use String.codePoints we definitely should somehow explicitly require Java8 or newer
lizmat timotimo: I have *no* idea
timotimo so it bails out with a much more helpful error message
Skarsnik hm 15:39
can someone fix the test message in github.com/rakudo/rakudo/blob/nom/...args.t#L62 ? (replace uint8 by uint16 and uint32). I could do it and do a PR but I have to create a branch on my fork and sync it with upstream probably 15:41
timotimo you can make changes to files directly on github, it'll create a correct branch for you if i'm not mistaken 15:42
lizmat hmmm... so I upgraded to 8.0.144 or so, now it still claims to use 1.7.045 :-(
Skarsnik directly on rakudo repository or my fork? 15:43
lizmat Skarsnik: will do
Geth rakudo/nom: 591f69af1e | (Elizabeth Mattijsen)++ | t/04-nativecall/02-simple-args.t
Fix copy-pasto, Skarsnik++
15:45
lizmat gives up on JVM 16:02
Skarsnik hm 16:06
I added a printf in github.com/MoarVM/MoarVM/blob/mast...all.c#L239 to have the value of the ushort before the cast. I end with -15xxxxx instead of just 65518 16:08
jnthn TimToady: So I'm adding various atomic ops to enable doing various lock-free algos (as well as atomic increment/decrement). For now cas is a function, but while putting them in I just did github.com/rakudo/rakudo/blob/atom.../Atomic.pm 16:10
TimToady: That is, threw them in a class so you write Atomic.assign($head, $node) or so
But my feeling is they want to be functions really 16:11
There's nothing method-y about them
I'm having a bit of a hard job naming them though, in that postfix:<++> is now we spell post-increment, and = is how we spell assignment, so atomic-assign and atomic-int feel a tad odd. 16:12
TimToady well, that's why the setting is an outer scope, so it won't override a user's sub atomic ($particle) { "or so" }
jnthn Any thoughts? :)
Sure, I'm not worried about users with existing functions
I'm worried about what to even call them in the first place :) 16:13
TimToady but yeah, if you have an additional name there, I gotta think a little
Skarsnik *65534
jnthn Yeah, my names so far are in the file I linked. I mean, we could just call them atomic-fetch, atomic-inc, atomic-add, etc.
TimToady well, that's pretty clear, if a bit clunky 16:14
jnthn Yeah, feels it to me too
TimToady I guess what bothers me is that you'd like to name them as variants of built-in operators where possible
jnthn Right
TimToady but maybe that's not doable 16:15
jnthn The inc/dec have the semantics of the postfix, not prefix, fwiw.
TimToady atomic:<++> leaves out the category in a C++y way...
will we have both prefix and infix ones? 16:16
jnthn Yeah
TimToady atomic-infix:<+> is even longer, but how often are you going to call them anyway?
infix:<+>:atomic 16:17
jnthn The operations (these are tied to what hardware typically provides) are ++, --, +=, =, .<> (that is, decont)
Note that it's += not just +
That is, the operation (at a low level) takes the address of an integer and another integer to add 16:18
TimToady well, atomic-infix:<+=> would presumably just be a name, nothing special on the category
jnthn Yeah
TimToady is carefully not suggesting capitalizing them :) 16:19
Skarsnik :nuclearemojiunicode:+=
perlpilot atomic::infix:<+> :-)
TimToady INFIX:<+>
jnthn Skarsnik: Haha, I already thought about looking for atomic-y Unicode chars and doing a meta-op :P
But...well no :P
Huffman coding wise, these will be rarely used 16:20
TimToady $a A+= $b
but that don't work so well for prefix/postfix
jnthn Yeah, but then you'd have to write $foo\A++
lizmat +++ ?
Skarsnik hm, should I run the spec test on my chromebook? 16:21
jnthn Skarsnik: What's the worst that could happen? :)
Skarsnik it explode !
perlpilot make sure you get video if that happens.
PerlĀ 6 -- so advanced, it makes chromebooks explode. 16:22
Skarsnik having NC test that fails bother me x)
TimToady $foo? ++ 16:23
jnthn *groan* :)
Skarsnik huhu
Zoffix ? looks really nice :) 16:24
nuka-infix:<+>
TimToady $foo++? might be perceived more as a modifier 16:26
Geth rakudo/nom: 435f7e36c0 | (Elizabeth Mattijsen)++ | t/04-nativecall/02-simple-args.t
Oops, Skarsnik++
lizmat .u ? 16:27
yoleaux U+2622 RADIOACTIVE SIGN [So] (?)
jnthn True
How'd we Texas it? :)
lizmat hmmm.. isn't this all about scalars ?
TimToady why would we want to nuke Texas?
lizmat perhaps use ? as a sigil ?
b2gills postfix:<?++>
Zoffix u: ? 16:28
unicodable6 Zoffix, U+269B ATOM SYMBOL [So] (?)
TimToady if it's rare enough, I'd say the obscurity of unicode is a feature :)
Zoffix lol :D
TimToady I like ?
Skarsnik I don't see it x)
TimToady atomic orbitals and a nucleus 16:29
though I don't think any atom has 3 symmetrical orbitals like that :)
Skarsnik are some spec tests supposed to fail?
TimToady not generally
Skarsnik I have S17-supply-syntax that is marked dubious
TimToady we do still have occasional glitches, so try rerunning the test by hand 16:30
b2gills The orbits are actually more like electron clouds of possible position in real atoms
TimToady anything in S17 tends to have occasional races, though thankfully they are getting rarer
I had that one fail in my last run with TEST_JOBS=6, but running it alone works okay 16:31
jnthn Yeah, I see that one occasionally get unhappy also
Didn't manage to figure it out yet. 16:32
lizmat FWIW, I think the race conditions are now mostly in the tests :-)
jnthn In general I like the idea of something that looks like the operators. I guess we could have a prefix of it on its own as the atomic fetch also 16:34
I figure full-memory-barrier() can just be a function called that :P
I'd really like an ASCII form though.
lizmat jnthn: but if you do such an op on a variable with a REPR that doesn't support it, wouldn't that crash and burn ? 16:35
jnthn lizmat: The set of things you can do this one is VERY constrained
You can do it on a native int (which may be held in a lexical, attribute, or native array) for the integer operations 16:36
Or a Scalar container for the reference ones
These are really quite low level
lizmat is surprised a Scalar container works at all
or is there some magic involving a native int involved there ?
jnthn No, it's because you can CAS a pointer
lizmat ah, ok 16:37
jnthn That's how most lock free data structures are done
(Yes, I'll do docs once we get the naming straightened out)
There are places in CORE.setting we'll be able to use these. Like the increment/decrement of loads in ThreadPoolScheduler 16:38
Zoffix What's CAS stand for anyway? 16:39
jnthn (atomic) compare and swap
Zoffix Ah, thanks.
Skarsnik hm rakudo github page show that travis an appvoyer build failed. it that normal?
lizmat jnthn: and I know one place in Damians Quantum:: modules that could use it as well 16:40
Zoffix Skarsnik: not really. Though since it's not reported by a bot, sometimes the failures on it can go unnoticed for a bit.
TimToady for Texas we could just fall back on an :atomic operator modifier, I suppose
$a + $b :atomic
jnthn Well, except only += is available as an atomic op, not +
TimToady $a +- $b :atomic
jnthn The point of these are they do an atomic update of a storage location 16:41
Skarsnik probably need new op then?
TimToady $a += $b :atomic
lizmat (atom++)
(atom+=)
etc ?
jnthn Or what lizmat suggested
Which is consistent with our other texas forms I guess 16:42
Thoudh I'd atomic rather than atom :)
lizmat agree :-)
Skarsnik does other language like c++ has special op or something for that? 16:43
jnthn Skarsnik: Probably they just do it as functions
Which our operators are anyway
I think the main attraction to me of doing it with operators is 16:44
atomic-inc($a) # OK, is it returning the original or the new?
Whereas
$a(atomic++) doesn't leave you guessing
I only worry if there'd be ambiguity there with call syntax... :S 16:45
lizmat ah, but wouldn't that be interpreted as a call of a Callable in $a ?
Skarsnik std::atomic<long> value(0);
value++; //This is an atomic op
value += 5; //And so is this
jnthn Depends if LTM wins...
Skarsnik this is so ugly ><
jnthn But yeah, that's a downside of the parens approach
We're back to "not enough ASCII" again :P 16:46
TimToady I know, we could use special Unicode brackets instead :P
TimToady again profers the fact that $a += $b :atomic is already available 16:47
lizmat m: sub postfix:<(atomic++)> (\a) { a++ }; my $a = 42; dd $a(atomic++); dd $a # actually, it works :-)
camelia 42?Int $a = 43?
TimToady but it's misleading to the eye
druther just have to write $a\A++ if it comes to that 16:49
at least it looks different from anything we have
jnthn What could we do with regards to a prefix? 16:50
TimToady LTM wins there too
jnthn True
TimToady and $a A+= $b already looks metaoppy
ugexe too bad you cant do something like Atomic[+=] or some such, like with R[+=] but with a postfix 16:51
TimToady well, we can, it'd just be a special case
jnthn I kinda thought ?$a would be atomic load, but A$a is probably gonna be rathr problematic ;)
*rather
TimToady well, that might need a bit of special casing, but it could work as a syntax, at least until someone defines class A 16:53
b2gills Isn't there already a problem if they defined class X 16:54
TimToady well, there used to be more of a problem
but the internals look up things in SETTING or so these days
jnthn That was a namespace clash rather than a syntax clash :) 16:55
b2gills We could make it so you can't create a class with a single letter without doing ::(A)
ugexe is there special handling of X:: ? if so, where? (this could be related to a weird bug I was hunting down)
TimToady obviously we need a load prefix that is a no-op ordinarily :)
jnthn Well, actually .<> is our spelling of decont
So a postfix A<> would be an option too 16:56
TimToady A<> $x
but I still think there's a case to be made for leaving out the Texas version entirely, and using foo() notation in that case instead 16:57
Geth rakudo/atomics: 46b1a7f277 | (Jonathan Worthington)++ | src/core/Atomic.pm
Make full-barrier() just a sub.
jnthn TimToady: Yeah, I'd also be good with that
sub atomic:<++>(int $x is rw) { $x++ }; my int $x = 42; atomic:<++>($x); say $x 16:59
m: sub atomic:<++>(int $x is rw) { $x++ }; my int $x = 42; atomic:<++>($x); say $x
camelia 5===SORRY!5=== Error while compiling <tmp>?Cannot add tokens of category 'atomic'?at <tmp>:1?------> 3sub atomic:<++>7?5(int $x is rw) { $x++ }; my int $x = 42;?
jnthn If we want that we'll have to allow it I guess 17:00
Geth roast: bd54af79c2 | (Jonathan Worthington)++ | S17-lowlevel/atomic.t
Follow function -> method change.
17:01
jnthn Well, guess I should head home and have dinner :) 17:06
travis-ci Rakudo build passed. Zoffix Znet 'Fix two typos to unbreak JVM build
travis-ci.org/rakudo/rakudo/builds/265201947 github.com/rakudo/rakudo/compare/9...cdc426adbc
Skarsnik make spectest take forever x) 17:21
TimToady we mostly run it in parallel using TEST_JOBS=4 make spectest or whatever 17:27
(I use 6)
((cuz I have 4 cores))
Skarsnik gist.github.com/Skarsnik/7f9836d34...72e41fc50b (the grep is here because I can't scroll while selecting stuff in the console) 17:45
nine m: use NativeCall; sub foo() { my sub memcpy(Pointer $d, Pointer $s, size_t $size) returns Pointer is native(Str) { * }; memcpy(Pointer, Pointer, 0); }; foo; foo; 17:46
camelia Type check failed for return value; expected NativeCall::Types::Pointer but got Whatever (*)? in sub memcpy at <tmp> line 1? in sub foo at <tmp> line 1? in block <unit> at <tmp> line 1??
nine ^^^ golf of RT #131898 17:47
synopsebot6 Link: rt.perl.org/rt3/Public/Bug/Display...?id=131898
nine It's....really odd. When one moves the memcpy sub outside the foo sub it works
timotimo and this happens at run-time? :\ 17:49
Skarsnik how he event found memcpy after the sub declaration?
nine m: use NativeCall; use nqp; sub foo() { my sub memcpy(Pointer $d, Pointer $s, size_t $size) returns Pointer is native(Str) { * }; say nqp::objectid(&memcpy); memcpy(Pointer, Pointer, 0); }; foo; foo;
camelia 22278832?22279328?Type check failed for return value; expected NativeCall::Types::Pointer but got Whatever (*)? in sub memcpy at <tmp> line 1? in sub foo at <tmp> line 1? in block <unit> at <tmp> line 1??
Skarsnik *even
nine It's a different &memcpy object on the second run. But why then doesn't the still existing &CALL-ME method get called?
The same sub that creates the new subroutine body changes the invokespec so the body gets called instead of &CALL-ME. So how can the latter part be in effect but the new subroutine body be missing? 17:50
TimToady Skarsnik: that looks like you're out of sync with nqp/moarvm, so maybe try . config.status and then remake 17:51
nine Or asked the other way round: how can the new &memcpy object have a changed invokespec? It has never been called and thus neither it's !create-optimized-call. 17:53
timotimo closure clones? 17:54
nine That would of course explain the different objectids 17:58
But somehow nqp::bindattr seems to affect the clone while nqp::setinvokespec affects the original which then propagates into the clones. 17:59
Because of course the invocation_spec is part of the STable which is shared by the clone. 18:04
So now I feel like I understand the problem. But a solution has yet to reveal itself. 18:06
Skarsnik config.status? 18:10
it's weird, it's like an install from 2 weeks 18:12
geekosaur finds "config.status --recheck" a handy way to resync
(no ".""souce" needed, in fact it's likely a bad idea as you don't want to pollute your interactive shell with all its temporary vars)
Skarsnik it's a git command? 18:13
geekosaur no
it's generated by configure, and is a quick way to regenerate configure results 18:14
with --recheck it basically reruns configure with everything it had the first time, without your having to know/remember how it was run before, so it will pick up changes to dependencies
without --recheck it just regenerates everything configure generated the first time, in case you lost/trashed them somehow 18:15
Skarsnik unkwon option, hm 18:16
too bad I can't install synergy on this :(
timotimo well, we don't have a traditional configure script like autotools would create
Skarsnik I mean it display the help of the config.pl
and says there is no --recheck option 18:17
geekosaur oh, then you might well have to just rerun it. I still suspect the "." is wrong unless someone practiced very careful script hygiene
travis-ci Rakudo build passed. Elizabeth Mattijsen 'Fix copy-pasto, Skarsnik++'
travis-ci.org/rakudo/rakudo/builds/265211901 github.com/rakudo/rakudo/compare/6...1f69af1e05
Skarsnik I ran sh config.status --recheck
timotimo geekosaur: what do you mean your terminals aren't throw-away? :) 18:22
samcv nine, you regressed my change I made here: github.com/rakudo/rakudo/commit/96e6b338c with your commit github.com/rakudo/rakudo/commit/ec7bc25c4 18:29
Geth rakudo/nom: 9a0afcbcec | (Stefan Seifert)++ | 2 files
RT 131898: Fix native closures failing on the second run

On the first call of a native sub we create a new subroutine body and replace the original (stored in the routine's $!do attribute). We also set the invocation spec so the body will be called instead of the CALL-ME method. This invocation spec is shared between an original routine and it's clones. If the routine is a clousre, the body won't be shared as only a clone of the routine will be actually visible in the lexical scope. So until someone comes up with a better idea, we won't create an optimized version for a closure anymore.
18:32
nine On a scale from 1 to OMG, how ugly is this workaround? ^^^
Skarsnik I say blue 18:34
nine samcv: oh, sorry about that. I do need to communicate the nesting level to the precompilation processes and RAKUDO_MODULE_DEBUG seemed like a good vehicle for that.
Zoffix ninety :) 18:36
samcv so how did you change the functionality of the variable with that commit?
Zoffix Also, IIRC callsame is much slower than just doing the actual call; which one is it calling self.Mu::clone? Perhaps it's faster to rewrite it to that
samcv i believe my fix made it so if it was 0 or empty it was false and if it was some other nonempty string then it was true 18:37
nine samcv: well I assume I start out with 1 and can increment it for every level of nested precompilation so I know how far to indent the debug output.
samcv if you set it to a nonnumber then rakudo won't compile
i would think that should make it assume a number of '1' instead of breaking everything 18:38
nine samcv: to be honest that feels very much like a DIHWIDT
samcv DIHWIDT?
"Doctor, It Hurts When I Do This."
hmm uhm
true 18:39
i mean i'm not totally against changing it as long as we get something out of it
but you should change the comment at the top of the file if we're changing what we accept
i'm not sure why your change causes that. at least the CRON job started failing immediately after that commit so you could have made another commit that did it? but that's the only commit since mine to the file i did which fixed it back to how it used to be many months ago 18:41
hmm ok it seems maybe in src/Perl6/ModuleLoader.nqp things may have stayed the same but in src/core/Process.pm it got changed to only accept numbers? 18:42
not sure what the results of your change do, to be honest 18:43
nine I guess I should use $DEBUG instead of $rakudo-module-debug? Will it retain positive numbers other than 1?
Haha, I'm not sure what the nqp::radix business does either :)
samcv i'm not against using rakudo-modelu-debug
well i think i wrote this code: github.com/rakudo/rakudo/commit/ec...3bdf2f2aL3
but it does what the comment shows above it 18:44
nine Meh...we'd still have to duplicate the same here: github.com/rakudo/rakudo/commit/ec...21d722ccR4 18:45
And at that point it really feels like just not worth the hassle. 18:46
If it's fine by you, I'll just remove the now misleading comment
samcv yeah it's fine if you change it
just change the comment
and then we should be good 18:47
Geth rakudo/nom: 3e70d44d47 | (Stefan Seifert)++ | src/Perl6/ModuleLoader.nqp
Remove now misleading comment

The RAKUDO_MODULE_DEBUG environment variable is now used for communicating the nesting level to precompilation processes, so it really should always be numeric. Would have been more user friendly to accept any truthy value but the implementation hassle just seems not worth it any longer.
samcv cool thanks :-) 18:49
NeuralAnomaly, status 18:50
NeuralAnomaly samcv, [?] Next release will be in 2 days and 9 hours. Since last release, there are 50 new still-open tickets (4 unreviewed and 1 blockers) and 170 unreviewed commits. See perl6.fail/release/stats for details
samcv m: sub foo(:color(:$colour)) { $colour + 1 }; my $s; for ^1000000 { $s += foo(:color($_)) }; say $s; say now - INIT now 18:51
camelia Unexpected named argument 'color' passed? in sub foo at <tmp> line 1? in block <unit> at <tmp> line 1??
Skarsnik how bugs end in this list? x) 18:58
Zoffix Which list? perl6.fail ? It's all of rakudo's currently-open bugs on one page. 19:05
Skarsnik hm, bug with a rakudo tag on rt? 19:07
like I don't see this one rt.perl.org/Ticket/Display.html?id=126688
AlexDaniel by the way, what time of the day people expect the release to happen? 19:08
for example, releasable6 currently reports slightly different time
releasable6: status
releasable6 AlexDaniel, Next release in 2 days and ?23 hours. 1 blocker. 164 out of 171 commits logged
AlexDaniel, Details: gist.github.com/0628c6ffa9c5c00537...37921a0c41
geekosaur Skarsnik, it was merged into another ticket 19:09
AlexDaniel so one hour ago on Saturday
lucasb m: sub f(:a(:$b)) {}; f(:a) for ^1000 19:10
camelia ( no output )
Skarsnik how do you see that? for me it's merged with this bug number
lucasb m: sub f(:a(:$b)) {}; f(:a) for ^10000
camelia Unexpected named argument 'a' passed? in sub f at <tmp> line 1? in block <unit> at <tmp> line 1??
lucasb known issue, right?
^^ samcv showed above
AlexDaniel Also, can I have access for ā€œUpload the tarball and the signature to rakudo.org/downloads/rakudo and rakudo.perl6.org/downloads/rakudo/ā€ ? 19:11
geekosaur Skarsnik, I think you just said the same thing. the point is, your ticket is no longer an independent ticket; it will be considered part of the ticket it was merged into 19:12
so only that ticket should show up in lists
AlexDaniel or is somebody willing to upload these for me?
Zoffix Skarsnik: no, all open bugs. It's there on the main page perl6.fail/ You're probably looking at perl6.fail/release/stats , which only shows tickets since last release. 19:13
AlexDaniel: what's your public key?
Skarsnik Oh yeah, that was it
AlexDaniel Zoffix: github.com/AlexDaniel.keys
Zoffix how come it's so short? Mine is like 4 lines long: github.com/zoffixznet.keys 19:14
lucasb AlexDaniel: congrats on the commit bit and good luck on shipping the release saturday :)
AlexDaniel lucasb: thanks! 19:15
Zoffix: I'm wondering that tooā€¦ hold onā€¦
geekosaur Zoffix, yours describes an RSA key with a long bit length; AlexDaniel's is an elliptic curve key
AlexDaniel right!
Skarsnik AlexDaniel, did you finish your Benchable stuff to check for memory usage? 19:18
Zoffix AlexDaniel: ok, ssh [email@hidden.address] the dirs with tarballs are in /home/rakudo/public_html/downloads/ and ssh [email@hidden.address] the dirs with tarballs are in /var/www/rakudo.perl6.org/public_html
AlexDaniel Skarsnik: no, no yet. But why are you interested?
Skarsnik: because maybe I can do something quickly for you 19:19
Zoffix As for when people expect release: there's no set time.
Skarsnik To show that run 'echo', 'foo'; take nearly 100Mb now. since 2 release 19:20
AlexDaniel Zoffix: ssh-ed to [email@hidden.address] just fine, but can't get into [email@hidden.address]
Skarsnik gist.github.com/Skarsnik/6adfba55f...e923112393
well not 100Mb, but too much 19:21
AlexDaniel it asks me for password which probably means that my key was not installed right
Skarsnik even when forcing a gc
AlexDaniel does it mean that it simply does not support ed25519 somehow? 19:23
Zoffix AlexDaniel: can you try once more? Don't seem I did any changes, but I copy-pasted the line with the key off p6c.org directly to rakudo.org now... 19:24
AlexDaniel Zoffix: nope, doesn't work. Let's try with rsa key maybe, but I'll have to make one nowā€¦ 19:25
samcv i don't see RAKUDO_MODULE_DEBUG documented anywhere
and while MoarVM shows a list of respected ENV vars when doing moar --help, perl6 doesn't
maybe we want a command line option that will show a list of all ENV vars that influence behavior of Perl 6?
would be a nice option, since it can be a possible security/implementation issue to know what env vars can affect it. and relates directly to the binary itself, and not just the language 19:26
so could make sense to be able to be shown there
Zoffix $ cat /etc/*release* 19:27
CentOS release 5.8 (Final)
no idea if that supports ed25519
AlexDaniel Zoffix: ok try this one github.com/AlexDaniel.keys 19:28
Zoffix AlexDaniel: done. Did it work? 19:29
ZofBot: the suspense is killing me! 19:31
ZofBot Zoffix, x = ''; method y { nqp::iseq_s($!x, $!x) } }
Zoffix Damn. I need to reset its brain. Nothing but code :(
AlexDaniel Zoffix: I think it does, but I have to do something on my endā€¦ 19:32
Zoffix ZofBot: how are you feeling now? 19:33
ZofBot Zoffix, To open a ticket, email> "rakudobug@perl
AlexDaniel it says ā€œAuthentication failed.ā€, why?
Zoffix <3
No idea. 19:34
moritz: are you around? AlexDaniel has trouble getting to [email@hidden.address] despite my trying to add a key to keys files :/ any ideas?
oh 19:37
AlexDaniel on my end it feels like the key was not installed
Zoffix AlexDaniel: can you try one more time?
AlexDaniel doesn't work 19:38
ā€œAuthentication failed.ā€
Zoffix :| no idea
AlexDaniel Zoffix: but what was the issue?
Zoffix oh wait
AlexDaniel: can you try again? There are stray newlines in the "sha-rsa sig name" 19:39
were
AlexDaniel works
Zoffix \o/
AlexDaniel Zoffix: \o/ thanks!
Zoffix moritz: nevermind :D
geekosaur something "helpfully" line-wrapped it for you. possibly the browser 19:40
Zoffix :)
AlexDaniel and ed25519 simply didn't work huhā€¦ I remember having this kind of issues with it two years ago or something 19:42
geekosaur if the sshd is old enough then it may not support it
Zoffix Yeah, ed was on one line. uname -a tells me the install is from 2011... Still sporting perl 5.8.8 >_<
geekosaur well, the kernel is. but it sounds like a downrev debian and its sshd probably does predate elliptic curve keys 19:44
AlexDaniel Zoffix: hm, maybe NeuralAnomaly should take a break, as it currently reports information which is a bit out of sync from what I do
NeuralAnomaly: status
NeuralAnomaly AlexDaniel, [?] Next release will be in 2 days and 8 hours. Since last release, there are 50 new still-open tickets (4 unreviewed and 1 blockers) and 170 unreviewed commits. See perl6.fail/release/stats for details
AlexDaniel releasable6: status
releasable6 AlexDaniel, Next release in 2 days and ?23 hours. 1 blocker. 164 out of 171 commits logged
AlexDaniel, Details: gist.github.com/1d9f37c5e6bef048fa...f792161828
AlexDaniel or maybe not, just please don't wonder why there are 170 unreviewed commits :) 19:45
Zoffix NeuralAnomaly: status 19:47
NeuralAnomaly Zoffix, Use releasable6 bot instead. e.g. try: releasable6: status
Zoffix NeuralAnomaly: botsnack
NeuralAnomaly Zoffix, om nom nom nom
synopsebot6 om nom nom
Zoffix :)
<3 IRC::Client
travis-ci Rakudo build passed. Elizabeth Mattijsen 'Oops, Skarsnik++' 19:53
travis-ci.org/rakudo/rakudo/builds/265227064 github.com/rakudo/rakudo/compare/5...5f7e36c01c
Skarsnik timotimo, after a rebuild I get the same fail for the spectest Moar is 2017.07.15-g07 ad rakudo 2017.07-69.g5a5 19:56
AlexDaniel Zoffix: actually, I can make it respond to NeuralAnomaly 19:59
I mean, when somebody says ā€œNeuralAnomaly:ā€
but this works too 20:00
hm I can do it anyway 20:02
samcv i'm excited for the release 20:08
so i can get my knuth-morris-pratt string search algorithm merged in afterward :-)) 20:09
AlexDaniel Skarsnik: oh, it is also using runā€¦ so we need unrestricted bot here, I see 20:16
Skarsnik: thing is, you can already use Linux::Proc::Statm from within the bot 20:17
Skarsnik yeah but you want to bisect based on this value and not a run time?
AlexDaniel c: use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data> 20:18
committable6 AlexDaniel, Ā¦use: Ā«Cannot find this revision (did you mean ā€œallā€?)Ā»
AlexDaniel c: HEAD use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data>
committable6 AlexDaniel, Ā¦HEAD(3e70d44): Ā«988260Ā»
AlexDaniel so in theory you can just ā€œsay get-statm<data> < 424242ā€ and give it to bisectable
Skarsnik hm that 900Mb what 20:19
AlexDaniel squints
mch: use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data>
committable6 AlexDaniel, Ā¦2015.12: Ā«78820Ā» Ā¦HEAD(3e70d44): Ā«163332Ā»
AlexDaniel mch: use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data>
committable6 AlexDaniel, Ā¦2015.12: Ā«75144Ā» Ā¦HEAD(3e70d44): Ā«163336Ā»
AlexDaniel c: releases use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data> 20:20
Skarsnik: I think it was the precompilation
Skarsnik precomp was around 200Mb for me I think
or does it precomp all module?
committable6 AlexDaniel, gist.github.com/f73cc92d8da4d09a9a...591e027e3d
AlexDaniel just this one I think
am Iā€¦ seeing this right? 20:21
c: releases use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm<data>
committable6 AlexDaniel, gist.github.com/424dee4cd04b8f0dcb...1199157368
Skarsnik mch: use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm-human<data> 20:22
committable6 Skarsnik, Ā¦2015.12: Ā«75.132 kBĀ» Ā¦HEAD(3e70d44): Ā«163.336 kBĀ»
AlexDaniel thing is, I don't know what it does when you point different versions to same precomp files
Skarsnik I think it redoes it?
AlexDaniel I don't know, but numbers seem to go down when you try it again 20:23
Skarsnik: I guess you're right, I'll have to do it properly in benchableā€¦
Skarsnik what was the test for each release? 20:24
c: releases use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm-human<data> 20:25
committable6 Skarsnik, gist.github.com/4ffbb86b8e7802cf80...b7195ef6c6
Skarsnik still head is crazy
AlexDaniel I thing I know how to bisect this XD 20:26
Skarsnik inline the code of l:p:statm
AlexDaniel c: 9658dd98c9dd8ec use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm-human<data> 20:27
committable6 AlexDaniel, Ā¦9658dd9: Ā«163.392 kBĀ»
AlexDaniel c: 9658dd98c9dd8ec^^ use lib ā€˜data/all-modules/Skarsnik/p6-linux-proc-statmā€™; use Linux::Proc::Statm; say get-statm-human<data>
committable6 AlexDaniel, Ā¦9658dd98c9dd8ec^^: Ā«85.620 kBĀ»
AlexDaniel there
jnthn: do you have any thoughts on this? ? 20:28
Skarsnik: I bisected this by running bisectable as many times as it was needed
Skarsnik: it feels like in the end the right stuff was precomped and I got to this stable result
Skarsnik m: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] 20:29
camelia 34066?
AlexDaniel oh 20:30
nice
Skarsnik m: sub getpagesize is native(Str) returns int32 { * }; say getpagesize();
camelia 5===SORRY!5=== Error while compiling <tmp>?Can't use unknown trait 'is native' in a sub declaration.?at <tmp>:1? expecting any of:? rw raw hidden-from-backtrace hidden-from-USAGE? pure default DEPRECATED inlinable nodal? ā€¦
Skarsnik m: use NativeCall; sub getpagesize is native(Str) returns int32 { * }; say getpagesize();
camelia 4096?
AlexDaniel bisect: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] < 100000
bisectable6 AlexDaniel, On both starting points (old=2015.12 new=3e70d44) the exit code is 0 and the output is identical as well
AlexDaniel, Output on both points: Ā«TrueĀ»
Skarsnik m: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096
camelia 140095488?
AlexDaniel c: releases say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5]
committable6 AlexDaniel, gist.github.com/2fd4039561080668f7...93a3d282c8 20:31
Skarsnik You need the pagesize
it depend on your system
AlexDaniel bisect: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] < 30000
bisectable6 AlexDaniel, Bisecting by output (old=2015.12 new=3e70d44) because on both starting points the exit code is 0
AlexDaniel, bisect log: gist.github.com/5cf477671560bad212...7895708d94
AlexDaniel, There are 3 candidates for the first ā€œnewā€ revision. See the log for more details
AlexDaniel it's the same result
Skarsnik m: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096 / 1024; 20:32
camelia 136452?
Skarsnik hm, that still a lot
136mb
AlexDaniel ok let's bisect your wget code. Changes are it's the same thing 20:33
Skarsnik c: release say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096 / 1024;
committable6 Skarsnik, Ā¦release: Ā«Cannot find this revision (did you mean ā€œreleasesā€?)Ā»
Skarsnik c: releases say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096 / 1024;
you can put echo "plop"
committable6 Skarsnik, gist.github.com/19a3389f02aba56f13...fb297c61a2 20:34
Skarsnik I think it's the same
yeah HEAD is big
in this
AlexDaniel Skarsnik: is it identically bad with qqx, shell and run? 20:35
Skarsnik c: releases sub mem { say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096 / 1024 }; mem(); run 'yes'; mem(); 20:36
Yeah, was the same
committable6 Skarsnik, gist.github.com/e5a93da89dd32dcb11...e36ad4678f
Skarsnik damn
AlexDaniel it's ok I can do it here 20:37
this is what I'm going to try: gist.github.com/AlexDaniel/4e97dcb...19b2b481a3
Skarsnik there is nqp::gc_force I think to force a gc pass 20:39
AlexDaniel Skarsnik: perhaps join #whateverable if you're interested to see it in action 20:40
pmurias if I find a serious security hole in rakudo what should I do besides fixing it? 21:39
Geth nqp: b15923522c | pmurias++ | src/vm/js/nqp-runtime/multicache.js
[js] Stop caching captures with named arguments

The partial way we did was causing problems
21:40
nqp: dd25a92463 | pmurias++ | 3 files
Fix serious security hole
Skarsnik repport it?
pmurias when run in a directory perl6-m executes code from the blib subdirectory there 21:42
[Coke] pmurias: theoretically, there is a mailing list for that that ends up in a ticket queue.
which would give us a chance to remediate the issue before publishing it. 21:43
jnthn AlexDaniel: The new spesh data collection initially (after that commit) logged closures, which could end up keeping a lot of stuff alive. That was later resolved, though. If HEAD is still costly, not sure. 21:44
pmurias [Coke]: you could easily find the issue from the commit
AlexDaniel jnthn: RT #131914 and RT #131915
synopsebot6 Link: rt.perl.org/rt3/Public/Bug/Display...?id=131914
Link: rt.perl.org/rt3/Public/Bug/Display...?id=131915
AlexDaniel jnthn: personally, I don't care about 131915 as much, but 131914 is a bit unfortunate :) 21:45
pmurias if you run perl6-m -e '123' in a say a random github repo clone it will execute the hostile bytecode from the repo
AlexDaniel jnthn: I think our mistake is not including numbers for HEADā€¦ yes. One second
jnthn It's no surprise whatsoever that Proc costs as much as Proc::Async now :)
Or more
AlexDaniel still LTA a bit 21:46
pmurias jnthn: I removed code from nqp that makes perl6-m execute code from $CWD
jnthn pmurias: Alright, thanks. Well, it's disclosed now, so I guess all folks can do is upgrade...
AlexDaniel jnthn: Ā¦9658dd98c9dd8ec^^: Ā«58628Ā» Ā¦9658dd9: Ā«138220Ā» Ā¦HEAD(3e70d44): Ā«136436Ā» 21:47
jnthn Should probably include a prominent notice about it in the release that's a couple of days away.
AlexDaniel that's this code: say "/proc/$*PID/statm".IO.lines[0].split(/\s/)[5] * 4096 / 1024
[Coke] and make sure there's an RT for it if there isn't already.
pmurias++
jnthn Odd 21:48
/usr/bin/time perl6-m -e 'sleep 2'
0.11user 0.05system 0:02.22elapsed 7%CPU (0avgtext+0avgdata 70524maxresident)k
AlexDaniel pmurias: can you create a ticket?
pmurias AlexDaniel: no
jnthn 70 is quite a lot less than 136
pmurias AlexDaniel: I mean I didn't create one 21:49
AlexDaniel: what should a ticket mention
jnthn Wonder what statm is reporting on
AlexDaniel [Coke]: ? ?
Skarsnik resident (2) resident set size 21:50
(same as VmRSS in /proc/[pid]/status)
shared (3) number of resident shared pages (i.e., backed by a file)
(same as RssFile+RssShmem in /proc/[pid]/status)
text (4) text (code)
lib (5) library (unused since Linux 2.6; always 0)
data (6) data + stack
damn
5 is data (the doc start at 1)
[Coke] At some point, we should have the vulnerability described so that we can write a test for it. I don't know how much detail we want to start with in a public-facing ticket. some guidance from mst or p5 folk or people who have dealt with this in other OS projects would be nice. 21:51
(if we knew what we were doing, we'd have already advertised the process)
(e.g. I just tried to duplicate this with a recentish perl6 and cannot)
ugexe with PERL6LIB="" we didnt do anything special 21:52
pmurias [Coke]: you mean you can't duplicate the vulnerability I found
?
[Coke] pmurias: with the one line description you mentioned? right. 21:54
if there's steps to reproduce, I didn't see those.
ugexe its just dot @INC
same thing
wiki.gentoo.org/wiki/Project:Perl/...NC-Removal # same concept 21:55
[Coke] so, why don't we try to follow what we'd want in a new ticket and create an item in the security queue. One sec, let me find that email addy.
travis-ci NQP build passed. pmurias 'Fix serious security hole' 21:56
travis-ci.org/perl6/nqp/builds/265341823 github.com/perl6/nqp/compare/99abf...25a9246389
[Coke] please open a security ticket by emailing to [email@hidden.address] 21:57
ugexe github.com/perl6/roast/commit/10cf...2519fcf3a9 # here is a test for a similar flaw at perl6 level
AlexDaniel .tell stmuk you may be interested in this discussion: irclog.perlgeek.de/perl6-dev/2017-...i_15027543
yoleaux AlexDaniel: I'll pass your message to stmuk.
[Coke] moritz & I have access to that today, so we can do a run through about how things would work from there. 21:58
ugexe from 'Avoid magic $cwd in module search path RT #130883 ' 21:59
synopsebot6 Link: rt.perl.org/rt3/Public/Bug/Display...?id=130883
[Coke] so, I'm confused I guess - this is a new vulnerability, or one that was fixed and we just want to advertise the fix? 22:01
if it's pre-existing and reported, don't bother opening a new ticket. If it's new, then the exercise is probably still worth it.
[Coke] commutes.
ugexe it gives prior art for how such a ticket might be handled, and a model to test it
pmurias [Coke]: it's old pre-exisiting an fixed
* and
[Coke]: there are some details to reproduce it which I'll mention in the ticket I'm writing 22:02
[Coke] ah, then ignore my new ticket crap. Use that for -new- security vulnerabilities. :)
pmurias [Coke]: so should I explain the details on irc? 22:04
[Coke]: I don't think it was reported
timotimo [Coke]: the profiler will grab a template from a relative path if it can (it assumes it might be in the nqp repository) - is this security-relevant or just unfortunate? 22:09
ugexe its only a problem if you are running something with elevated privs that will load something from somewhere that someone with less privs can place code (like /tmp) 22:11
pmurias [Coke]: I sent the mail to perl6-security-report
ugexe perl community seemed pretty split on if perl should fix dot @INC or if debian should just be more careful 22:12
e.g. i dont think the security ramifications are huge here 22:13
pmurias if you download a repo from github that you don't trust you can't run any Perl 6 programs in that directory 22:14
ugexe that is always the case
timotimo ugexe: well, it does generate a html page that the user then probably opens right away, so could be a way to abuse a browser bug. if the profiler result is then hosted somewhere it could steal cookies and stuff 22:15
ugexe it has to have moarvm bytecode, which i assume also has to be generated specifically for your env/rakudo
pmurias ugexe: do you expect cd ~/untrusted-directory;perl6-m -e 'say "hi"' to hijack your system? 22:16
ugexe m: use Test:from<NQP>;
camelia ===SORRY!===?While looking for 'Test.moarvm': no such file or directory?
ugexe i dont expect a Test.moarvm from some repo to run on my local system
pmurias perl6-m would just load the blib/Perl6/Ops.moarvm from the $CWD 22:18
ugexe oh, it autoloads modules, not just sets up a lib that can be hijacked? 22:19
pmurias ugexe: yes 22:20
ugexe still, it would have to be precompiled already as well yes?
timotimo ugexe: actually, you can build a .moarvm file to rely on no other files
or at least it should be possible
ugexe doesn't its location on the file system matter?
or what built in? 22:21
built it^
pmurias you can avoid serialization dependencies in a custom built .moarvm 22:22
I noticed the exploit because perl6-m was annoying me by loading bytecode from a different checkout 22:24
ugexe ive seen it in gdb output but I never thought it could be exploited as such 22:36
or maybe strace
stat("./NQPCORE.setting.moarvm", 0x7ffd00da2450) = -1 ENOENT (No such file or directory) 22:40
stat("blib/NQPCORE.setting.moarvm", 0x7ffd00da2450) = -1 ENOENT (No such file or directory)
stuff like that
travis-ci Rakudo build failed. Stefan Seifert 'Remove now misleading comment 22:52
travis-ci.org/rakudo/rakudo/builds/265279497 github.com/rakudo/rakudo/compare/9...70d44d47d1
buggable [travis build above] ? Did not recognize some failures. Check results manually.
ugexe While looking for 'Perl6/ModuleLoader.moarvm': no such file or directory 22:53
it must have pulled in that nqp commit
now i remember why i left this alone :) 22:55
pmurias: that breaks rakudo for some reason 23:02
pmurias ugexe: I'll grab some sleep and if nobody fixes rakudo get round to it tomorrow morning 23:17
ugexe its in the Makefile. it needs the nqp equivilent of -I. or -Iblib/ 23:18
...but i dont know what that is
there we go. --module-lib 23:20
Zoffix .tell [Coke] good news! I got paid :) 23:26
yoleaux Zoffix: I'll pass your message to [Coke].
Zoffix Spent it all in one place on a shiny new toy :D twitter.com/zoffix/status/897962614696882182
[Coke] Zoffix: (paid) glad to hear it, thanks for your work! 23:46
yoleaux 23:26Z <Zoffix> [Coke]: good news! I got paid :)
samcv yay for getting paid 23:59