* Re: Sam crash
@ 1995-07-01 17:18 mhw
0 siblings, 0 replies; 2+ messages in thread
From: mhw @ 1995-07-01 17:18 UTC (permalink / raw)
To: haertel, sam-fans; +Cc: bobf
haertel@ichips.intel.com wrote:
> Subject: Sam crash
>
> Running sam under AIX 3.2, I get a samterm panic from the following
> sequence of commands typed in the command window:
>
> B /etc/termcap
> ,x/:am/ {
> /:am/
> /:am/
> c/FOO/
> }
>
> Does anybody else observe this behavior?
> [end of included message]
Yes, I've seen this. What's probably happening is that sam core dumps
and samterm panics because the pipe to sam dries up.
The reason sam core dumps is that there's a bug in the execution of
brace commands in cmdexec() in xec.c. It calls lookup() (in cmd.c) to
get the command number of a command character then uses the returned
value as an index into cmdtab (also in cmd.c). '{' isn't in cmdtab
though so lookup() returns -1 and so the array access looks at a
potentially bad address. A patch to fix this is attached.
I've also had problems with sam core dumping in Fupdate() called from
update() in sam.c. I think there's a dubious piece of code here which
appears to delete() a file and then potentially perform operations on
the free()d memory. A patch to fix this is also attached.
I guess the occurence of these two bugs depends on the malloc
implementation and the compiler you're using. I've been bitten
by them though, and the fixes seem to work for me.
-Mark.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Mark H. Wilkinson <mhw@minster.york.ac.uk> : Research student in user
University of York, England : interface management systems
Index: sam/sam.c
diff -c sam/sam.c:1.3 sam/sam.c:1.4
*** sam/sam.c:1.3 Mon Apr 3 12:07:11 1995
--- sam/sam.c Wed Apr 12 16:34:40 1995
***************
*** 303,310 ****
f = tempfile.filepptr[i];
if(f==cmd) /* cmd gets done in main() */
continue;
! if(f->deleted)
delete(f);
if(f->mod==modnum && Fupdate(f, FALSE, downloaded))
anymod++;
if(f->rasp)
--- 303,312 ----
f = tempfile.filepptr[i];
if(f==cmd) /* cmd gets done in main() */
continue;
! if(f->deleted){
delete(f);
+ continue;
+ }
if(f->mod==modnum && Fupdate(f, FALSE, downloaded))
anymod++;
if(f->rasp)
Index: sam/xec.c
diff -c sam/xec.c:1.1.1.1 sam/xec.c:1.2
*** sam/xec.c:1.1.1.1 Sun Jul 31 17:36:14 1994
--- sam/xec.c Wed Apr 12 16:36:33 1995
***************
*** 31,37 ****
cp->cmdc!=('c'|0x100) && !(cp->cmdc=='D' && cp->ctext))
error(Enofile);
i = lookup(cp->cmdc);
! if(cmdtab[i].defaddr != aNo){
if((ap=cp->addr)==0 && cp->cmdc!='\n'){
cp->addr = ap = newaddr();
ap->type = '.';
--- 31,37 ----
cp->cmdc!=('c'|0x100) && !(cp->cmdc=='D' && cp->ctext))
error(Enofile);
i = lookup(cp->cmdc);
! if(i >= 0 && cmdtab[i].defaddr != aNo){
if((ap=cp->addr)==0 && cp->cmdc!='\n'){
cp->addr = ap = newaddr();
ap->type = '.';
^ permalink raw reply [flat|nested] 2+ messages in thread
* Sam crash
@ 1995-06-30 20:17 haertel
0 siblings, 0 replies; 2+ messages in thread
From: haertel @ 1995-06-30 20:17 UTC (permalink / raw)
To: sam-fans
Running sam under AIX 3.2, I get a samterm panic from the following
sequence of commands typed in the command window:
B /etc/termcap
,x/:am/ {
/:am/
/:am/
c/FOO/
}
Does anybody else observe this behavior?
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~1995-07-01 16:21 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1995-07-01 17:18 Sam crash mhw
-- strict thread matches above, loose matches on Subject: below --
1995-06-30 20:17 haertel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).