From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from minster.cs.york.ac.uk ([144.32.16.26]) by hawkwind.utcs.utoronto.ca with SMTP id <23978>; Sat, 1 Jul 1995 12:21:52 -0400 From: mhw@minster.york.ac.uk Message-ID: >From: mhw@minster.york.ac.uk (Mark H. Wilkinson) Date: Sat, 1 Jul 1995 13:18:59 -0400 In-Reply-To: haertel@ichips.intel.com's message, dated Jun 30, 4:17pm X-Face: Bsp[Ds(Y#/{==j:Cv'"IK4R^D0_z]{'OYtp2^EYqpG)88CsdBm&LJ{idLZWx}AKf}E4#|@4DT4cX3 ?!>aIVcxmd#1 X-Url: http://Dcpu1.cs.york.ac.uk:6666/~mhw/ X-Mailer: Mail User's Shell (7.2.5 10/14/92) To: haertel@ichips.intel.com, sam-fans@hawkwind.utcs.toronto.edu Subject: Re: Sam crash Cc: bobf@research.att.com haertel@ichips.intel.com wrote: > Subject: Sam crash > > Running sam under AIX 3.2, I get a samterm panic from the following > sequence of commands typed in the command window: > > B /etc/termcap > ,x/:am/ { > /:am/ > /:am/ > c/FOO/ > } > > Does anybody else observe this behavior? > [end of included message] Yes, I've seen this. What's probably happening is that sam core dumps and samterm panics because the pipe to sam dries up. The reason sam core dumps is that there's a bug in the execution of brace commands in cmdexec() in xec.c. It calls lookup() (in cmd.c) to get the command number of a command character then uses the returned value as an index into cmdtab (also in cmd.c). '{' isn't in cmdtab though so lookup() returns -1 and so the array access looks at a potentially bad address. A patch to fix this is attached. I've also had problems with sam core dumping in Fupdate() called from update() in sam.c. I think there's a dubious piece of code here which appears to delete() a file and then potentially perform operations on the free()d memory. A patch to fix this is also attached. I guess the occurence of these two bugs depends on the malloc implementation and the compiler you're using. I've been bitten by them though, and the fixes seem to work for me. -Mark. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Mark H. Wilkinson : Research student in user University of York, England : interface management systems Index: sam/sam.c diff -c sam/sam.c:1.3 sam/sam.c:1.4 *** sam/sam.c:1.3 Mon Apr 3 12:07:11 1995 --- sam/sam.c Wed Apr 12 16:34:40 1995 *************** *** 303,310 **** f = tempfile.filepptr[i]; if(f==cmd) /* cmd gets done in main() */ continue; ! if(f->deleted) delete(f); if(f->mod==modnum && Fupdate(f, FALSE, downloaded)) anymod++; if(f->rasp) --- 303,312 ---- f = tempfile.filepptr[i]; if(f==cmd) /* cmd gets done in main() */ continue; ! if(f->deleted){ delete(f); + continue; + } if(f->mod==modnum && Fupdate(f, FALSE, downloaded)) anymod++; if(f->rasp) Index: sam/xec.c diff -c sam/xec.c:1.1.1.1 sam/xec.c:1.2 *** sam/xec.c:1.1.1.1 Sun Jul 31 17:36:14 1994 --- sam/xec.c Wed Apr 12 16:36:33 1995 *************** *** 31,37 **** cp->cmdc!=('c'|0x100) && !(cp->cmdc=='D' && cp->ctext)) error(Enofile); i = lookup(cp->cmdc); ! if(cmdtab[i].defaddr != aNo){ if((ap=cp->addr)==0 && cp->cmdc!='\n'){ cp->addr = ap = newaddr(); ap->type = '.'; --- 31,37 ---- cp->cmdc!=('c'|0x100) && !(cp->cmdc=='D' && cp->ctext)) error(Enofile); i = lookup(cp->cmdc); ! if(i >= 0 && cmdtab[i].defaddr != aNo){ if((ap=cp->addr)==0 && cp->cmdc!='\n'){ cp->addr = ap = newaddr(); ap->type = '.';