Igor Schein on Fri, 30 Jul 1999 09:59:47 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

stack corruption


the following happens on Alpha (RedHat 6.0):

? pol=y^2-2;
? bnfinit(pol);m=matrix(0,2);m[0,1];
  ***   array index (0) out of allowed range [1-0]: ...nit(pol);m=matrix(0,2);m[
  ***   0,1];
? bnfinit(pol);
  ***   segmentation fault: bug in GP (please report).

At the point the stack becomes corrupted and you can't even kill
the session gracefully - you have to ^Z and kill %.

I don't get this behavior on any other platform I tried.  

3 remarks here.

1) Since being able to  reproduce this problem heavily depends
on memory layout, one needs to start gp with -f flags to assure

2) If you split the 2nd command into 2 parts, SEGV doesn't occur.

3) allowed range is listed as [1-0], which is nonsense.  This leads
me to believe it's a PARI bug.

Finally, below is gdb output.  
Can you reproduce the bug, fellow Alpha users?



#0  0x200008611d0 in chunk_free (ar_ptr=0x20000a0b748, p=0x120413dd0)
    at malloc.c:3009
#1  0x20000863c74 in __libc_free (mem=0x20000a0b748) at malloc.c:2932
#2  0x12025358c in killbloc0 (x=0x120413df8, inspect=0)
    at ../src/language/init.c:507
#3  0x120253628 in gunclone (x=0x120413df8) at ../src/language/init.c:512
#4  0x1200a80a8 in ideallllredall (nf=0x200012c31c0, x=0x200012c0148, 
    vdir=0x12040f440, prec=5, precint=3) at ../src/basemath/base4.c:1575
#5  0x1200efdc4 in mulred (nf=0x200012c31c0, x=0x200012c03b0, I=0x200012c0380, 
    prec=5, precint=3) at ../src/basemath/buch2.c:160
#6  0x1200f028c in powsubfactgen (nf=0x200012c31c0, a=16, prec=5, precint=3)
    at ../src/basemath/buch2.c:202
#7  0x120102ad8 in buchall (P=0x120412d88, gcbach=0x11ffff6b0, 
    gcbach2=0x11ffff6b0, gRELSUP=0x11ffff670, gborne=0x12040f460, nbrelpid=4, 
    minsfb=3, flun=-2, prec=4) at ../src/basemath/buch2.c:2645
#8  0x120100aa8 in classgroupall (P=0x120412d88, data=0x0, flag=0, prec=4)
    at ../src/basemath/buch2.c:2319
#9  0x120100c4c in bnfinit0 (P=0x120412d88, flag=0, data=0x0, prec=4)
    at ../src/basemath/buch2.c:2343
#10 0x12023f278 in identifier () at ../src/language/anal.c:1397
#11 0x12023bbb4 in truc () at ../src/language/anal.c:699
#12 0x12023b658 in facteur () at ../src/language/anal.c:638
#13 0x12023a7e8 in expr () at ../src/language/anal.c:421
#14 0x12023a55c in seq () at ../src/language/anal.c:393
#15 0x12023975c in lisseq0 (t=0x120411f10 "bnfinit(pol);", f=0x12023a460 <seq>)
    at ../src/language/anal.c:160
#16 0x120239848 in lisseq (t=0x120411f10 "bnfinit(pol);")
    at ../src/language/anal.c:174
#17 0x1202399cc in readseq (c=0x120411f10 "bnfinit(pol);", strict=1)
    at ../src/language/anal.c:200
#18 0x120269bf0 in gp_main_loop () at ../src/gp/gp.c:1990
#19 0x12026aca8 in main (argc=3, argv=0x11ffffc08) at ../src/gp/gp.c:2215
#20 0x2000081dfb0 in __libc_start_main (main=0x12026aa00 <main>, argc=3, 
    argv=0x11ffffc08, init=0x1200159a0 <_init>, fini=0x12027a560 <_fini>, 
    rtld_fini=0x20000a0b748 <main_arena>, stack_end=0x11ffffbf0)
    at ../sysdeps/generic/libc-start.c:78