Date: Sat, 10 Apr 2010 17:14:54 -0700 From: David Wolfskill <david@catwhisker.org> To: current@freebsd.org Subject: SIGSEGV in dc, at bcode.c:277 (function reset_bmachine()) Message-ID: <20100411001454.GO73901@bunrab.catwhisker.org>
next in thread | raw e-mail | index | archive | help
--ScBGguMCFzdFq7Io
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
As these things go, this probably isn't as critical as most thinsg
disussed on this list, but I happened to notice it today, built a
debugging world and at least cornered the annoying little varmint.
Sorry; no patch at this time. :-(
Here's how to reproduce it: while running CURRENT, invoke dc(1)
using the command-line expression-soecification ("-e ..."), thus:
freebeast(9.0-C)[2] dc -e "6 2/p"
Segmentation fault (core dumped)
freebeast(9.0-C)[3]=20
This was running:
FreeBSD freebeast.catwhisker.org 9.0-CURRENT FreeBSD 9.0-CURRENT #1 r206447=
: Sat Apr 10 14:49:56 PDT 2010 root@freebeast.catwhisker.org:/common/S1=
/obj/usr/src/sys/GENERIC i386
It's been a while since I did much with gdb, so the attempt at
post-mortem dump analysis wasn't very useful.
However, I did try re-running the test under gdb, which demonstrated
that on (initial) entry to reset_bmachine(), init_bmachine() has
not (yet?) been called; as as result, there is no storage allocated
to bmachine.readstack[].
This is an issue because reset_bmachine() tries to place data in
that array, thus:
270
271 /* Reset the things needed before processing a (new) file */
272 void
273 reset_bmachine(struct source *src)
274 {
275=20
276 bmachine.readsp =3D 0;
277 bmachine.readstack[0] =3D *src;
278 }
279=20
Now, I've not had occasion to prowl around and become familiar with
the internals of dc(1), so I don't know whether invoking reset_bmachine()
without having invoked init_bmachine() beforehand is just bogus, or if
perhaps reset_bmachine() should check to see if init_bmachine() has been
called (and if not, call it), or ....
But I think it's fairly clear that there's a bit of a logic error here.
[In case anyone was wondering why someone might try to use that form
of invocation: I was doing arithmetic in a shell script, and wanted
to be able to control rounding, rather than necessarily performing so-
called "integer" arithmetic.]
I can file a PR if it would help the tracking & getting the bug fixed.
Peace,
david
--=20
David H. Wolfskill david@catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.
See http://www.catwhisker.org/~david/publickey.gpg for my public key.
--ScBGguMCFzdFq7Io
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
iEYEARECAAYFAkvBFHgACgkQmprOCmdXAD0OvACggRZFY4ZkKO6BiFupKJUOYI7C
C7YAn0zl+TY5D7kInmyp6uOrI0t2QAGG
=jGOj
-----END PGP SIGNATURE-----
--ScBGguMCFzdFq7Io--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100411001454.GO73901>