segfault when trying to run concat_str test
jnahmias opened this issue · comments
Hello,
I'm getting a segmentation fault when make test tries to run the concat_str test. Here's a full backtrace from gdb:
$ gdb src/dasm
GNU gdb (Debian 8.2.1-2+b3) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from src/dasm...done.
(gdb) set args test/concat_str.asm -oconcat_str.bin -Lconcat_str.list.txt -DINEEPROM
(gdb) run
Starting program: /home/joe/dev/Debian/NES/dasm/src/dasm test/concat_str.asm -oconcat_str.bin -Lconcat_str.list.txt -DINEEPROM
char = '{' 123 (-1: 34)
char = '}' 125 (-1: 50)
Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt full
#0 0x0000000000000000 in ?? ()
No symbol table info available.
#1 0x0000555555566930 in evaltop () at exp.c:623
No locals.
#2 0x000055555556658d in eval (str=0x555555587ef8 <Avbuf+24> "", wantmode=0)
at exp.c:557
base = 0x555555599260
cur = 0x555555599260
oldargibase = 0
oldopibase = 0
scr = 0
pLine = 0x555555587eee <Avbuf+14> "(_1 \"A\"{2}"
#3 0x00005555555643c5 in v_set (str=0x555555587eee <Avbuf+14> "(_1 \"A\"{2}",
dummy=0x555555571048 <Ops+2856>) at ops.c:1232
sym = 0x1800000018
lab = 0x0
dynamicname = "0\000\000\000\060\000\000\000\220\335\377\377\377\177\000\000\300\334\377\377\377\177\000\000\000n\372\274\000\063\036\377\320\334\377\377\377\177\000\000\000n\372\274\000\063\036\377 \000\000\000\000\000\000\000\341~XUUU\000\000\344~XUUU\000\000*\246VUUU\000\000 uXUUU\000\000\a\333\377\377\377\177\000\000\t\241VUUU\000\000\345\351\345\367\377\177\000\000\344~XUUU\000\000\000UZUUU\000\000.\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000.\000\000\000\000\000\000\000\340pXUUU\000\000\240\262\371\367\377\177\000\000\350:\345\367\377\177\000\000\340pXUUU\000\000\000UZUUU\000\000\340\335\377\377\377\177\000\000"...
i = 3
j = 1431769160
setundefined = 0
#4 0x000055555555e605 in MainShadow (ac=5, av=0x7fffffffe3c8,
pbTableSort=0x7fffffffe2db) at main.c:649
comment = 0x55555556a62a ""
nError = 0
bDoAllPasses = false
buf = "str_var .set (_1 \"A\"{2}\000\000},{size}\n\000\377\177\000\000_\232\177g\000\000\000\000\360\344\377\367\377\177\000\000H\340\377\377\377\177\000\000\360\331\377\367\377\177\000\000\000\000\000\000\000\000\000\000\250I\372\367\377\177\000\000\217\363\375\367\377\177\000\000\001\000\000\000\000\000\000\000\250I\372\367\377\177\000\000\001", '\000' <repeats 15 times>, "\001\000\000\000\000\000\000\000\360\331\377\367\377\177\000\000\061Y\375\367\377\177\000\000\000\000\000\000\001\000\000\000 \337\377\377\377\177\000\000\060\337\377\377\377\177\000\000\360\344\377\367\377\177\000\000\000\000\000\000\000\000\000\000\300\340\377\377\377\177\000\000"...
i = 5
argVal = 0
mne = 0x555555571048 <Ops+2856>
oldredo = -1
oldwhy = 0
oldeval = 0
#5 0x0000555555561069 in main (ac=5, av=0x7fffffffe3c8) at main.c:1747
bTableSort = false
nError = 0
(gdb)
Trying it with dasm 2.20.13, it does NOT segfault. I get the following output:
dasm-2.20.13$ src/dasm concat_str.asm -oconcat_str.bin -Lconcat_str.list.txt -DINEEPROM
char = '{' 123 (-1: 40)
char = '}' 125 (-1: 49)
not within a macro
concat_str.asm (6): error: Unknown Mnemonic '.macro'.
concat_str.asm (6): error: Not enough args passed to Macro.
concat_str.asm (7): error: Not enough args passed to Macro.
concat_str.asm (8): error: Illegal character '{1}'.
concat_str.asm (8): error: Illegal character '}'.
concat_str.asm (8): error: Syntax Error ''.
concat_str.asm (13): error: Unknown Mnemonic 'concat_str'.
concat_str.asm (14): error: Unknown Mnemonic 'concat_str'.
concat_str.asm (15): error: Unknown Mnemonic 'concar_str'.
Unrecoverable error(s) in pass, aborting assembly!
Complete.
I forgot to turn on debug in the prior runs. Here's a run using trunk/master with debug on:
$ src/dasm test/concat_str.asm -d1 -oconcat_str.bin -Lconcat_str.list.txt -DINEEPROM
Debug trace ON
char '0'
stackarg 0 (@0)
5629e5c0fd80
5629e5c0fd80 PROCESSOR 6502
5629e5c0fd80
5629e5c0fd80 ORG 0
char '0'
stackarg 0 (@0)
5629e5c0fd80
5629e5c0fd80 .macro concat_str ; {name},{size}
5629e5c0fd80 {1} .set str_var
5629e5c0fd80 str_var .set ({1}{2})
5629e5c0fd80 .endm
5629e5c0fd80
5629e5c0fd80 str_var .set ""
char '"'
stackarg 0 (@0)
STRING:
5629e5c0fd80
5629e5c0fd80 concat_str _1 "A"
5629e5c10e60 {1} .set str_var
macro tail: '{1} .set str_var'
add/str: -3 ' .set str_var'
strlist: '_1 "A"' 6
5629e5c10e60 str_var .set ({1}{2})
macro tail: '{1}{2})'
add/str: -3 '{2})'
strlist: '_1 "A"' 6
macro tail: '{2})'
add/str: -3 ')'
char '('
char '_'
stackarg 0 (@0)
char ' '
char '"'
stackarg 0 (@1)
char '{'
char = '{' 123 (-1: 34)
char '2'
stackarg 2 (@2)
char '}'
char = '}' 125 (-1: 50)
evaltop @(A,O) 3 1
Segmentation fault
Yes, you get a segfault while running this test. It was the intension of this test, to provoke the segfault. It shows a bug.
That is why I added this testcase with commit 3aad3ea. It is a follow-up to issue #32.
It will segfault as long as nobody starts working on this issue ...
BTW: The root cause is again recursion. Just avoid recursion. Dasm performs not superior with recursions.
Running make test doesn't halt with a segfault on our build machines (or my local machine).
Which version of gcc are you using?
@dionoid happens with both gcc 8.3.0 & 10.2.0.
Note that make test does not abort completely -- just that test causes dasm to segfault.
I can reproduce this by running:
bin/dasm test/concat_str.asm -oconcat_str.bin -Lconcat_str.list.txt -DINEEPROM -v1 -d1
Running
make testdoesn't halt with a segfault on our build machines (or my local machine).
Which version of gcc are you using ?
If a segmentation fault is triggered depends also on the linux kernel especcially which countermeasures against kernel exploits are compiled in (i.e. stack protection) or how the allocation scheme for memory works (sometimes more memory as needed gets allocated). I expect to see more of this kind of segmentation fault errors in the future because (a) we write better testcases to get more coverage (b) have better and more strict compilers and OS