fix for segfaults


To <ng-spice@ieee.ing.uniroma1.it>,<hugovdm@mail.com>
From "Jon Engelbert" <jon@beigebag.com>
Date Wed, 26 Sep 2001 20:05:12 -0400
Delivered-To mailing list ng-spice@ieee.ing.uniroma1.it
Importance Normal
In-Reply-To <20010927004023.A31929@baboon.wilgenhof.sun.ac.za >
Mailing-List contact ng-spice-help@ieee.ing.uniroma1.it; run by ezmlm
Reply-To ng-spice@ieee.ing.uniroma1.it

Hugo,
I reported a fix for this a couple of months ago... however, I'm running on
Windows, not on Unix, so there may be other problems.  Please let me know if
this fixes it for you.

ifnewuid.c:
        if ( (newname = (char *) malloc(strlen((char *) olduid) +
strlen(suffix) + 2)) == NULL)

The "2" is for the pound sign ('#') and for the end of string ('\0').
Strlen("#\0") returns 1.
Previously, it was one character short.  It needs the character for end of
string (\0)... the way it's written was confusing and evil.

I found this after hours of debugging.  I found a tool on the university of
Oregon web-site that proved very useful.  It's two files, mm.h and mm.c.
Here's some info from its header file.
*
 * Memory Manager Debugger Library Header file
 *
 * Prefix: mm, none
 * $Id: mm.h,v 1.7 2000/01/03 23:19:58 clements Exp $
 * $Source: /misc/projects/CIRL/CVS/include/mm.h,v $
 *
 *
 *
 * MEMORY MANAGEMENT DEBUGGER LIBRARY
 * ----------------------------------
 *
 * The memory management debugger library remaps the standard memory
allocation
 * and free routines to equivalent routines that do additional error
checking
 * and bookkeeping.  The library also contains routines that print out or
 * validate the current state of memory allocations.
 *
 *
 *
 * MM_DEBUG
 * --------
 *
 * The remapping of standard memory allocation & free routines is done only
 * if MM_DEBUG is #defined.  The other support routines are also only
 * called if MM_DEBUG is #defined.  See USAGE and un USAGE below.
 *
Jon Engelbert
President, Beige Bag Software
279 E. Liberty, Ann Arbor, MI 48105
jon@beigebag.com

-----Original Message-----
From: Hugo van der Merwe [mailto:hugovdm@mail.com]
Sent: Wednesday, September 26, 2001 6:40 PM
To: ng-spice@ieee.ing.uniroma1.it
Subject: [ng-spice] ng-spice-rework-14pre3 and segfaults


I compiled ng-spice-rework-14pre3, but when running it (with no
parameters) I get a segfault. Some lines from "strace ngspice" below. I
compiled and installed this as a user (that is in group staff, so can
write to /usr/local).

Is this a known problem?

Thanks,
Hugo van der Merwe


<SNIP>
open("/usr/local/stow/ng-spice//lib/ng-spice-rework/libc.so.6", O_RDONLY)
= -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\30\327"..., 1024) =
1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1163240, ...}) = 0
old_mmap(NULL, 1179680, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x404b1000
mprotect(0x405c7000, 40992, PROT_NONE)  = 0
old_mmap(0x405c7000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x115000) = 0x405c7000
old_mmap(0x405cd000, 16416, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x405cd000
close(3)                                = 0
open("/usr/local/stow/ng-spice//lib/ng-spice-rework/libpthread.so.0",
O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/local/stow/ng-spice//lib/ng-spice-rework/libpthread.so.0",
O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libpthread.so.0", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340Q\0"..., 1024) =
1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=104689, ...}) = 0
old_mmap(NULL, 88028, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x405d2000
mprotect(0x405e0000, 30684, PROT_NONE)  = 0
old_mmap(0x405e0000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0xd000) = 0x405e0000
close(3)                                = 0
open("/usr/local/stow/ng-spice//lib/ng-spice-rework/libXpm.so.4", O_RDONLY)
= -1 ENOENT (No such file or directory)
open("/usr/local/stow/ng-spice//lib/ng-spice-rework/libXpm.so.4", O_RDONLY)
= -1 ENOENT (No such file or directory)
open("/usr/X11R6/lib/libXpm.so.4", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\"\0"..., 1024)
= 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=53032, ...}) = 0
old_mmap(NULL, 56040, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x405e8000
mprotect(0x405f5000, 2792, PROT_NONE)   = 0
old_mmap(0x405f5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0xc000) = 0x405f5000
close(3)                                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x405f6000
mprotect(0x4008b000, 94208, PROT_READ|PROT_WRITE) = 0
mprotect(0x4008b000, 94208, PROT_READ|PROT_EXEC) = 0
munmap(0x4001a000, 59333)               = 0
getrlimit(0x3, 0xbffff86c)              = 0
setrlimit(RLIMIT_STACK, {rlim_cur=2044*1024, rlim_max=RLIM_INFINITY}) = 0
getpid()                                = 31995
uname({sys="Linux", node="baboon", ...}) = 0
rt_sigaction(SIGRTMIN, {0x405db1a8, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x405db238, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_2, {0x405db338, [], 0x4000000}, NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [RTMIN], NULL, 8) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xbffff674, 31, (nil), 0}) = 0
brk(0)                                  = 0x80d3e08
brk(0x80d3e38)                          = 0x80d3e38
brk(0x80d4000)                          = 0x80d4000
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++


Partial thread listing: