Modify

Ticket #89 (closed defect: invalid)

Opened 6 years ago

Last modified 6 years ago

SIGSEGV if certain ints are not declared

Reported by: mzagrabe@… Owned by: xi
Priority: normal Component: pyyaml
Severity: normal Keywords:
Cc:

Description (last modified by xi) (diff)

The following program segfaults if any one of the integers:

canonical unicode k done

are not declared.

---------{ yaml_error.c begins }---------
#include <yaml.h>
#include <stdio.h>
#include <string.h>

int main()
{
/* Comment out 'canonical' to demonstrate segfault
  int canonical;
*/
  int unicode;
  int k;
  int done;

  yaml_parser_t parser;

  yaml_parser_initialize(&parser);
  yaml_parser_delete(&parser);
  return 0;
}
---------{ yaml_error.c ends }---------
% gcc -Wall -ggdb -c yaml_error.c && gcc -Wall -ggdb -lyaml -o yaml_error yaml_error.o
% gdb ./yaml_error
(gdb) run
Starting program: /home/mzagrabe/code/misc/c++/yaml/yaml_error 

Program received signal SIGSEGV, Segmentation fault.
0x08048514 in main () at yaml_error.c:19
19      }
(gdb) 

Running Debian Sid:

ii  libyaml-0-1      0.1.1-1
ii  libyaml-dev      0.1.1-1
ii  gcc              4:4.3.1-2

Attachments

Change History

comment:1 Changed 6 years ago by xi

  • Description modified (diff)

Works perfectly for me. Could you possibly run it under valgrind?

comment:2 Changed 6 years ago by mzagrabe@…

Well, it looks like it might be bad memory. I compiled and ran on a different Debian Sid box and did not receive the segfault.

FWIW, I did run under valgrind. I don't use valgrind much, is it obvious from the output that my system has bad memory?

% valgrind -v ./yaml_error
==4915== Memcheck, a memory error detector.
==4915== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4915== Using LibVEX rev 1854, a library for dynamic binary translation.
==4915== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4915== Using valgrind-3.3.1-Debian, a dynamic binary instrumentation framework.
==4915== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4915== 
--4915-- Command line
--4915--    ./yaml_error
--4915-- Startup, with flags:
--4915--    --suppressions=/usr/lib/valgrind/debian-libc6-dbg.supp
--4915--    -v
--4915-- Contents of /proc/version:
--4915--   Linux version 2.6.25-2-686 (Debian 2.6.25-6) (maks@debian.org) (gcc version 4.1.3 20080623 (prerelease) (Debian 4.1.2-23)) #1 SMP Fri Jun 27 03:23:20 UTC 2008
--4915-- Arch and hwcaps: X86, x86-sse1-sse2
--4915-- Page sizes: currently 4096, max supported 4096
--4915-- Valgrind library directory: /usr/lib/valgrind
--4915-- Reading syms from /lib/ld-2.7.so (0x4000000)
--4915-- Reading debug info from /lib/ld-2.7.so...
--4915-- ... CRC mismatch (computed 36af6df2 wanted bc87fe6a)
--4915--    object doesn't have a symbol table
--4915-- Reading syms from /home/mzagrabe/code/misc/c++/yaml/yaml_error (0x8048000)
--4915-- Reading syms from /usr/lib/valgrind/x86-linux/memcheck (0x38000000)
--4915--    object doesn't have a dynamic symbol table
--4915-- Reading suppressions file: /usr/lib/valgrind/debian-libc6-dbg.supp
--4915-- Reading suppressions file: /usr/lib/valgrind/default.supp
--4915-- Reading syms from /usr/lib/valgrind/x86-linux/vgpreload_core.so (0x401E000)
--4915-- Reading syms from /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so (0x4020000)
--4915-- Reading syms from /usr/lib/libyaml-0.so.1.0.0 (0x4043000)
--4915--    object doesn't have a symbol table
--4915-- Reading syms from /lib/i686/cmov/libc-2.7.so (0x4061000)
--4915-- Reading debug info from /lib/i686/cmov/libc-2.7.so...
--4915-- ... CRC mismatch (computed b9a5d6d7 wanted f3d4db0a)
--4915--    object doesn't have a symbol table
--4915-- REDIR: 0x40d76d0 (rindex) redirected to 0x40240c0 (rindex)
--4915-- REDIR: 0x40d3490 (malloc) redirected to 0x4023cb0 (malloc)
--4915-- REDIR: 0x40d1660 (free) redirected to 0x4022ad0 (free)
==4915== Warning: client switching stacks?  SP change: 0xBEB75F38 --> 0xFFFFFFFC
==4915==          to suppress, use: --max-stackframe=1095278788 or greater
==4915== Invalid read of size 4
==4915==    at 0x8048514: main (yaml_error.c:19)
==4915==  Address 0xfffffffc is not stack'd, malloc'd or (recently) free'd
==4915== 
==4915== Process terminating with default action of signal 11 (SIGSEGV)
==4915==  Access not within mapped region at address 0xFFFFFFFC
==4915==    at 0x8048514: main (yaml_error.c:19)
==4915== 
==4915== Process terminating with default action of signal 11 (SIGSEGV)
==4915==  Access not within mapped region at address 0xFFFFFFF8
==4915==    at 0x401E200: _vgnU_freeres (vg_preloaded.c:56)
==4915== 
==4915== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 15 from 1)
==4915== 
==4915== 1 errors in context 1 of 1:
==4915== Invalid read of size 4
==4915==    at 0x8048514: main (yaml_error.c:19)
==4915==  Address 0xfffffffc is not stack'd, malloc'd or (recently) free'd
--4915-- 
--4915-- supp:     15 dl-hack3-cond-1
==4915== 
==4915== IN SUMMARY: 1 errors from 1 contexts (suppressed: 15 from 1)
==4915== 
==4915== malloc/free: in use at exit: 0 bytes in 0 blocks.
==4915== malloc/free: 8 allocs, 8 frees, 67,008 bytes allocated.
==4915== 
==4915== All heap blocks were freed -- no leaks are possible.
--4915--  memcheck: sanity checks: 0 cheap, 1 expensive
--4915--  memcheck: auxmaps: 0 auxmap entries (0k, 0M) in use
--4915--  memcheck: auxmaps_L1: 0 searches, 0 cmps, ratio 0:10
--4915--  memcheck: auxmaps_L2: 0 searches, 0 nodes
--4915--  memcheck: SMs: n_issued      = 10 (160k, 0M)
--4915--  memcheck: SMs: n_deissued    = 0 (0k, 0M)
--4915--  memcheck: SMs: max_noaccess  = 65535 (1048560k, 1023M)
--4915--  memcheck: SMs: max_undefined = 0 (0k, 0M)
--4915--  memcheck: SMs: max_defined   = 23 (368k, 0M)
--4915--  memcheck: SMs: max_non_DSM   = 10 (160k, 0M)
--4915--  memcheck: max sec V bit nodes:    0 (0k, 0M)
--4915--  memcheck: set_sec_vbits8 calls: 0 (new: 0, updates: 0)
--4915--  memcheck: max shadow mem size:   464k, 0M
--4915-- translate:            fast SP updates identified: 1,158 ( 88.7%)
--4915-- translate:   generic_known SP updates identified: 78 (  5.9%)
--4915-- translate: generic_unknown SP updates identified: 69 (  5.2%)
--4915--     tt/tc: 2,852 tt lookups requiring 2,875 probes
--4915--     tt/tc: 2,852 fast-cache updates, 2 flushes
--4915--  transtab: new        1,416 (31,417 -> 442,597; ratio 140:10) [0 scs]
--4915--  transtab: dumped     0 (0 -> ??)
--4915--  transtab: discarded  0 (0 -> ??)
--4915-- scheduler: 24,744 jumps (bb entries).
--4915-- scheduler: 0/1,528 major/minor sched events.
--4915--    sanity: 1 cheap, 1 expensive checks.
--4915--    exectx: 769 lists, 25 contexts (avg 0 per list)
--4915--    exectx: 32 searches, 7 full compares (218 per 1000)
--4915--    exectx: 0 cmp2, 43 cmp4, 0 cmpAll
--4915--  errormgr: 9 supplist searches, 183 comparisons during search
--4915--  errormgr: 16 errlist searches, 51 comparisons during search
zsh: segmentation fault  valgrind -v ./yaml_error

comment:3 Changed 6 years ago by xi

  • Status changed from new to closed
  • Resolution set to invalid

I'd say if it were caused by bad memory, it would not be reproducable. From your description, it sounds like you get a segfault every time you run the program. A faulty compiler, maybe? Could you run the segfaulting program on a different computer? Anyway, it looks like it's not a libyaml issue, so I'm closing the ticket. Feel free to reopen it if needed.

comment:4 Changed 6 years ago by mzagrabe@…

It looks like it might be a compiler issue.

gcc-3.3 => no segfault

gcc-4.1 => segfault

gcc-4.3 => segfault

Also, I tried a live-cd and did not get a segfault when compiling and running in that environment.

FWIW, I did try:

# aptitude reinstall gcc-4.3

and it did not change the results. (I used gcc-4.3 on other boxes and did _not_ get the segfault.)

comment:5 Changed 6 years ago by xi

It works for me under gcc-4.1 and gcc-4.2. Are you using libyaml from the debian package? Could you possibly rebuild libyaml from source and test it again?

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.