When using the adump function to output the SYMTAB array, a coredump occ

bug-gawk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

When using the adump function to output the SYMTAB array, a coredump occ

From:	zhou shuiqing
Subject:	When using the adump function to output the SYMTAB array, a coredump occurs.
Date:	Wed, 5 Apr 2023 16:14:42 +0000

Hi，I encountered an issue while using gawk.

By adding the compilation parameter -DAYYAYDEBUG, I am using the adump 
function. However, when I try to output SYMTAB or FUNCTAB, an error occurs.

Perhaps the function should not be used to process SYMTAB/FUNCTAB, but 
user-defined arrays.

Machine info:
$arch
x86_64
$uname -a
Linux localhost.localdomain 5.10.0-60.18.0.50.oe2203.x86_64 #1 SMP Wed Mar 30 
03:12:24 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
$rpm -qa | grep gcc
gcc-10.3.1-10.oe2203.x86_64

Reproduction Method:
1. $git clone https://git.savannah.gnu.org/git/gawk.git
2. $cd gawk && ./configure && make -j4 CFLAGS="$CFLAGS -O0 -g -DARRAYDEBUG"
3. cat /home/test.awk
BEGIN{
        adump(SYMTAB)
}
4. $./gawk -f /home/test.awk
array `SYMTAB'
    array_func: str_array_func
    STR_CHAIN_MAX: 2
    array_size: 13
    table_size: 28
    Avg # of items per chain: 2.2
    memory: 1.4 kB
    Hash distribution:
        [0]:2
        [1]:2
        [2]:3
        [3]:4
        [4]:2

    I: [SYMTAB:<"ARGV">:MALLOC|STRING|STRCUR:2]
    V: [array `ARGV'
        array_func: cint_array_func
        NHAT: 10
        THRESHOLD: 2048
        table_size: 1 (total), 1 (cint), 0 (int + str)
        array_capacity: 32
        Load Factor: 0.031
        memory: 0.92 kB (total)
    ]
    I: [SYMTAB:<"ROUNDMODE">:MALLOC|STRING|STRCUR:2]
    V: [gawk: ../test.awk:2: fatal error: internal error
Aborted (core dumped)

Reason：
The "coredumpe" error occurred, and replacing adump(FUNCTAB) will also result 
in "coredumpe". Then I found the core file in /var/lib/systemd/coredump. I 
executed gdb to debug:
$ gdb ./gawk /var/lib/systemd/coredump/corexxx
(gdb) bt
#0  0x00007fa9e285cf1f in ?? () from /usr/lib64/libc.so.6
#1  0x00007fa9e2810fc6 in raise () from /usr/lib64/libc.so.6
#2  0x00007fa9e27fc457 in abort () from /usr/lib64/libc.so.6
#3  0x000000000045a433 in catchsig (sig=11) at main.c:1331
#4  <signal handler called>
#5  0x0000000700000001 in ?? ()
#6  0x000000000040549c in assoc_dump (symbol=0xc0c160, ndump=0x4b4160 <ndump>) 
at array.c:192
#7  0x000000000040675e in assoc_info (subs=0xc0c108, val=0xc0c160, 
ndump=0x4b4160 <ndump>, aname=0xc1e4f0 "SYMTAB") at array.c:758
#8  0x0000000000465886 in str_dump (symbol=0xc0ae20, ndump=0x4b4160 <ndump>) at 
str_array.c:538
#9  0x000000000040549c in assoc_dump (symbol=0xc0ae20, ndump=0x4b4160 <ndump>) 
at array.c:192
#10 0x0000000000406871 in do_adump (nargs=1) at array.c:794
#11 0x000000000043ecef in r_interpret (code=0xc15638) at interpret.h:1089
#12 0x00000000004588f9 in main (argc=3, argv=0x7ffe28eadea8) at main.c:541
(gdb) f 6
#6  0x000000000040549c in assoc_dump (symbol=0xc0c160, ndump=0x4b4160 <ndump>) 
at array.c:192
192                     (void) symbol->adump(symbol, ndump);
(gdb) p *symbol
$1 = {sub = {nodep = {l = {lptr = 0xc0c1b8, li = 0xc0c1b8, ll = 12632504, lp = 
0xc0c1b8}, r = {rptr = 0x0, preg = {0x0, 0x0}, av = 0x0, bv = 0x0, uptr = 0x0, 
iptr = 0x0}, x = {extra = 0x45b478 <set_ROUNDMODE>, aptr = 0x45b478 
<set_ROUNDMODE>, xl = 4568184,
        cmnt = 0x45b478 <set_ROUNDMODE>}, name = 0xc0ef00 "ROUNDMODE", reserved 
= 0, rn = 0x0, cnt = 0, reflags = 0}, val = {fltnum = 6.2412862473521303e-317, 
sp = 0x0, slen = 0, idx = 4568184, wsp = 0xc0ef00 L"\x4e554f52\x444f4d44E", 
wslen = 0, typre = 0x0, comtype = 0}},
  type = Node_var, flags = 0, valref = 1}
(gdb) p *symbol->sub->nodep->l->lp
$3 = {name = 0x0, init = 0xc0ef40, type_of = 0x1, lookup = 0xffffffff, exists = 
0x0, clear = 0x0, remove = 0x0, list = 0x0, copy = 0x0, dump = 0x700000001, 
store = 0x1}
(gdb) f 7
#7  0x000000000040675e in assoc_info (subs=0xc0c108, val=0xc0c160, 
ndump=0x4b4160 <ndump>, aname=0xc1e4f0 "SYMTAB") at array.c:758
758                     assoc_dump(val, ndump);


The function "assoc_info" in the "array.c" file, line 751, only handles "type 
== Node_val", but "ROUNDMODE" in the "SYMTAB" is of type "Node_var". Therefore, 
it enters the "assoc_dump" function and causes a coredump.

If you make this modification, the problem will be solved:

$cat fixit.path
From 54006fce8773c7318829de4ce14e86cc7893948b Mon Sep 17 00:00:00 2001
From: Shuiqing Zhou <zhoushuiqing321@outlook.com>
Date: Wed, 5 Apr 2023 12:36:44 +0800
Subject: [PATCH] test

---
 array.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/array.c b/array.c
index 6d2ed19b..532ce428 100644
--- a/array.c
+++ b/array.c
@@ -751,7 +751,7 @@ assoc_info(NODE *subs, NODE *val, NODE *ndump, const char 
*aname)
      if (val->type == Node_val) {
            fprintf(output_fp, "V: [scalar: ");
            value_info(val);
-     } else {
+     } else if ( val->type == Node_var_array ) {
            fprintf(output_fp, "V: [");
            ndump->alevel++;
            ndump->adepth--;
--
2.33.0

core.gawk
Description: core.gawk

[Prev in Thread]

Current Thread

[Next in Thread]

When using the adump function to output the SYMTAB array, a coredump occurs., zhou shuiqing <=
- Re: When using the adump function to output the SYMTAB array, a coredump occurs., arnold, 2023/04/07

Prev by Date: Re: SYMTAB array does not work properly. It is semi-read-only.
Next by Date: Re: SYMTAB array does not work properly. It is semi-read-only
Previous by thread: SYMTAB array does not work properly. It is semi-read-only.
Next by thread: Re: When using the adump function to output the SYMTAB array, a coredump occurs.
Index(es):
- Date
- Thread