From: erik quanstrom <quanstro@quanstro.net>
To: lucio@proxima.alt.za, 9fans@9fans.net
Subject: Re: [9fans] Lock loop in malloc()
Date: Mon, 25 Jul 2011 21:38:21 -0400 [thread overview]
Message-ID: <06a4578109cd8813eadd11616fb8d290@ladd.quanstro.net> (raw)
In-Reply-To: <20110725135837.GC27739@fangle.proxima.alt.za>
well, this was a fun little bug. i downloaded bison and within a few
minutes i'd narrowed the problem down to lib/c-ctype.h. and
it only took another minute to isolate this as the problem statement.
#if (' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
&& ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
&& (')' == 41) && ('*' == 42) && ('+' == 43) && (',' == 44) \
&& ('-' == 45) && ('.' == 46) && ('/' == 47) && ('0' == 48) \
&& ('1' == 49) && ('2' == 50) && ('3' == 51) && ('4' == 52) \
&& ('5' == 53) && ('6' == 54) && ('7' == 55) && ('8' == 56) \
&& ('9' == 57) && (':' == 58) && (';' == 59) && ('<' == 60) \
&& ('=' == 61) && ('>' == 62) && ('?' == 63) && ('A' == 65) \
&& ('B' == 66) && ('C' == 67) && ('D' == 68) && ('E' == 69) \
&& ('F' == 70) && ('G' == 71) && ('H' == 72) && ('I' == 73) \
&& ('J' == 74) && ('K' == 75) && ('L' == 76) && ('M' == 77) \
&& ('N' == 78) && ('O' == 79) && ('P' == 80) && ('Q' == 81) \
&& ('R' == 82) && ('S' == 83) && ('T' == 84) && ('U' == 85) \
&& ('V' == 86) && ('W' == 87) && ('X' == 88) && ('Y' == 89) \
&& ('Z' == 90) && ('[' == 91) && ('\\' == 92) && (']' == 93) \
&& ('^' == 94) && ('_' == 95) && ('a' == 97) && ('b' == 98) \
&& ('c' == 99) && ('d' == 100) && ('e' == 101) && ('f' == 102) \
&& ('g' == 103) && ('h' == 104) && ('i' == 105) && ('j' == 106) \
&& ('k' == 107) && ('l' == 108) && ('m' == 109) && ('n' == 110) \
&& ('o' == 111) && ('p' == 112) && ('q' == 113) && ('r' == 114) \
&& ('s' == 115) && ('t' == 116) && ('u' == 117) && ('v' == 118) \
&& ('w' == 119) && ('x' == 120) && ('y' == 121) && ('z' == 122) \
&& ('{' == 123) && ('|' == 124) && ('}' == 125) && ('~' == 126)
/* The character set is ASCII or one of its variants or extensions, not EBCDIC.
Testing the value of '\n' and '\r' is not relevant. */
#define C_CTYPE_ASCII 1
#endif
from there, the problem was pretty easy to spot NSTAK was too small,
and unguarded. the funny "+ 1" is to allow for a few operators that
can add 2 to the stack in one trip through the loop.
; diffy -c eval.c
/n/dump/2011/0725/sys/src/cmd/cpp/eval.c:2,8 - eval.c:2,8
#include <libc.h>
#include "cpp.h"
- #define NSTAK 32
+ #define NSTAK 1024
#define SGN 0
#define UNS 1
#define UND 2
/n/dump/2011/0725/sys/src/cmd/cpp/eval.c:92,99 - eval.c:92,99
int evalop(struct pri);
struct value tokval(Token *);
- struct value vals[NSTAK], *vp;
- enum toktype ops[NSTAK], *op;
+ struct value vals[NSTAK + 1], *vp;
+ enum toktype ops[NSTAK + 1], *op;
/*
* Evaluate an #if #elif #ifdef #ifndef line. trp->tp points to the keyword.
/n/dump/2011/0725/sys/src/cmd/cpp/eval.c:122,127 - eval.c:122,129
op = ops;
*op++ = END;
for (rand=0, tp = trp->bp+ntok; tp < trp->lp; tp++) {
+ if(op >= ops + NSTAK)
+ sysfatal("cpp: can't evalute #if: increase NSTAK");
switch(tp->type) {
case WS:
case NL:
- erik
next prev parent reply other threads:[~2011-07-26 1:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-25 13:58 Lucio De Re
2011-07-25 14:40 ` erik quanstrom
2011-07-25 14:42 ` Russ Cox
2011-07-25 15:17 ` Lucio De Re
2011-07-25 16:12 ` Russ Cox
2011-07-25 17:51 ` erik quanstrom
2011-07-25 19:31 ` Russ Cox
2011-07-26 1:38 ` erik quanstrom [this message]
2011-07-26 1:41 ` erik quanstrom
2011-07-26 1:56 ` Russ Cox
[not found] ` <CADSkJJUmVYNdy_sUqqM34xdXD9CiWyUUEr89uxouAJ0ydVLpHQ@mail.gmail.c>
2011-07-26 4:01 ` erik quanstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=06a4578109cd8813eadd11616fb8d290@ladd.quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@9fans.net \
--cc=lucio@proxima.alt.za \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).