Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-46191

Trivial assignment doesn't work when run in a sandbox

      A freestyle job, a single system groovy build step containing the following, use groovy sandbox selected.

      String a;
      a = "abc";

      with this exception

      FATAL: BUG! exception in phase 'class generation' in source unit 'Script1.groovy' Error while popping argument from operand stack tracker in class Script1 method java.lang.Object run().
      BUG! exception in phase 'class generation' in source unit 'Script1.groovy' Error while popping argument from operand stack tracker in class Script1 method java.lang.Object run().
      	at org.codehaus.groovy.classgen.asm.OperandStack.popWithMessage(OperandStack.java:72)
      	at org.codehaus.groovy.classgen.asm.OperandStack.remove(OperandStack.java:207)
      	at org.codehaus.groovy.classgen.asm.OperandStack.replace(OperandStack.java:274)
      	at org.codehaus.groovy.classgen.asm.CallSiteWriter.makeCallSite(CallSiteWriter.java:336)
      	at org.codehaus.groovy.classgen.asm.InvocationWriter.makeCachedCall(InvocationWriter.java:307)
      	at org.codehaus.groovy.classgen.asm.InvocationWriter.makeCall(InvocationWriter.java:397)
      	at org.codehaus.groovy.classgen.asm.InvocationWriter.makeCall(InvocationWriter.java:104)
      	at org.codehaus.groovy.classgen.asm.InvocationWriter.writeInvokeStaticMethod(InvocationWriter.java:515)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitStaticMethodCallExpression(AsmClassGenerator.java:807)
      	at org.codehaus.groovy.ast.expr.StaticMethodCallExpression.visit(StaticMethodCallExpression.java:46)
      	at org.codehaus.groovy.classgen.asm.BinaryExpressionHelper.evaluateEqual(BinaryExpressionHelper.java:316)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitDeclarationExpression(AsmClassGenerator.java:637)
      	at org.codehaus.groovy.ast.expr.DeclarationExpression.visit(DeclarationExpression.java:89)
      	at org.codehaus.groovy.classgen.asm.StatementWriter.writeExpressionStatement(StatementWriter.java:613)
      	at org.codehaus.groovy.classgen.asm.OptimizingStatementWriter.writeExpressionStatement(OptimizingStatementWriter.java:366)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitExpressionStatement(AsmClassGenerator.java:624)
      	at org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:42)
      	at org.codehaus.groovy.classgen.asm.StatementWriter.writeBlockStatement(StatementWriter.java:85)
      	at org.codehaus.groovy.classgen.asm.OptimizingStatementWriter.writeBlockStatement(OptimizingStatementWriter.java:159)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitBlockStatement(AsmClassGenerator.java:570)
      	at org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:71)
      	at org.codehaus.groovy.ast.ClassCodeVisitorSupport.visitClassCodeContainer(ClassCodeVisitorSupport.java:104)
      	at org.codehaus.groovy.ast.ClassCodeVisitorSupport.visitConstructorOrMethod(ClassCodeVisitorSupport.java:115)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitStdMethod(AsmClassGenerator.java:434)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitConstructorOrMethod(AsmClassGenerator.java:387)
      	at org.codehaus.groovy.ast.ClassCodeVisitorSupport.visitMethod(ClassCodeVisitorSupport.java:126)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitMethod(AsmClassGenerator.java:511)
      	at org.codehaus.groovy.ast.ClassNode.visitContents(ClassNode.java:1081)
      	at org.codehaus.groovy.ast.ClassCodeVisitorSupport.visitClass(ClassCodeVisitorSupport.java:53)
      	at org.codehaus.groovy.classgen.AsmClassGenerator.visitClass(AsmClassGenerator.java:233)
      	at org.codehaus.groovy.control.CompilationUnit$17.call(CompilationUnit.java:825)
      	at org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1065)
      	at org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:603)
      	at org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:581)
      	at org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:558)
      	at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:298)
      	at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:268)
      	at groovy.lang.GroovyShell.parseClass(GroovyShell.java:688)
      	at groovy.lang.GroovyShell.parse(GroovyShell.java:700)
      	at groovy.lang.GroovyShell.parse(GroovyShell.java:736)
      	at groovy.lang.GroovyShell.parse(GroovyShell.java:727)
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:165)
      	at hudson.plugins.groovy.SystemGroovy.run(SystemGroovy.java:95)
      	at hudson.plugins.groovy.SystemGroovy.perform(SystemGroovy.java:59)
      	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:730)
      	at hudson.model.Build$BuildExecution.build(Build.java:206)
      	at hudson.model.Build$BuildExecution.doRun(Build.java:163)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:490)
      	at hudson.model.Run.execute(Run.java:1737)
      	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
      	at hudson.model.ResourceController.execute(ResourceController.java:97)
      	at hudson.model.Executor.run(Executor.java:419)

      The workaround is to assign a value when the variable during the declaration.

      String a = "";
      a = "abc";
      

       

          [JENKINS-46191] Trivial assignment doesn't work when run in a sandbox

          Jesse Glick added a comment -

          Is this a regression? If so, from what version?

          Jesse Glick added a comment - Is this a regression ? If so, from what version?

          Andrew Bayer added a comment -

          groovy-sandbox PR up at https://github.com/jenkinsci/groovy-sandbox/pull/39 - adding downstream PR to verify that script-security can still run its tests against this change, though it doesn't need a new test itself.

          Andrew Bayer added a comment - groovy-sandbox PR up at https://github.com/jenkinsci/groovy-sandbox/pull/39 - adding downstream PR to verify that script-security can still run its tests against this change, though it doesn't need a new test itself.

          Andrew Bayer added a comment -

          jglick It is a regression from 1.30 - another side effect of the SECURITY-580 fix.

          Andrew Bayer added a comment - jglick It is a regression from 1.30 - another side effect of the SECURITY-580 fix.

          Andrew Bayer added a comment -

          Andrew Bayer added a comment - script-security verification PR up at https://github.com/jenkinsci/script-security-plugin/pull/141

          Code changed in jenkins
          User: Andrew Bayer
          Path:
          pom.xml
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/58e309f70200b974b8aac8df3093baeefc45c077
          Log:
          JENKINS-46191 Verify fix from groovy-sandbox

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Andrew Bayer Path: pom.xml src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/58e309f70200b974b8aac8df3093baeefc45c077 Log: JENKINS-46191 Verify fix from groovy-sandbox

          Code changed in jenkins
          User: Andrew Bayer
          Path:
          pom.xml
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/be50a6d1ab68b9718298b975155f9df292da467d
          Log:
          Merge pull request #141 from abayer/jenkins-46191

          JENKINS-46191 Verify fix from groovy-sandbox

          Compare: https://github.com/jenkinsci/script-security-plugin/compare/2cc612683d56...be50a6d1ab68

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Andrew Bayer Path: pom.xml src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/be50a6d1ab68b9718298b975155f9df292da467d Log: Merge pull request #141 from abayer/jenkins-46191 JENKINS-46191 Verify fix from groovy-sandbox Compare: https://github.com/jenkinsci/script-security-plugin/compare/2cc612683d56...be50a6d1ab68

          Andrew Bayer added a comment -

          Fixed in script-security 1.33.

          Andrew Bayer added a comment - Fixed in script-security 1.33.

            abayer Andrew Bayer
            pwiseman Peter Wiseman
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: