[Debian-astro-maintainers] Bug#883237: scamp: segfault in load_field() at field.c:343

Fri Dec 1 06:52:07 UTC 2017

Package: scamp
Version: 2.0.4-4
Severity: normal

Dear Maintainer,

1. Reproduce

$ scamp test-scamp-segfault.cat

> WARNING: scamp.conf not found, using internal defaults


> WARNING: This executable has been compiled using a version of the
> ATLAS library without support for multithreading. Performance will be
> degraded.

----- SCAMP 2.0.4 started on 2017-12-01 at 13:34:33 with 2 threads

----- 1 inputs:
> Examining Catalog test-scamp-segfault.cat
Segmentation fault


Though any .cat accepted by scamp should works, I have attached the test 
sample "test-scamp-segfault.cat" in this Email.

The attachment "scamp-backtrace.txt" is a gdb backtrace obtained by
running following command:

$ gdb --batch -ex "r test-scamp-segfault.cat" -ex "bt" -ex "bt full" -ex "thread apply all bt full" -ex "quit" /usr/bin/scamp &> scamp-backtrace.txt 

2. Possible cause

This problem may be caused by that the questioned line is undefined
behaviour.

When building the package with gcc option -Wsequence-point enabled(add
"export DEB_CFLAGS_MAINT_APPEND = -Wsequence-point" to debian/rules),
there is the following warning:

gcc -DHAVE_CONFIG_H -I. -I..  -I/usr/include/plplot -Wdate-time -D_FORTIFY_SOURCE=2 -D_REENTRANT -g -O2 -fdebug-prefix-map=/home/kralcyor/tmp/packaging/scamp/scamp-2.0.4=. -fstack-protector-strong -Wformat -Werror=format-security -Wsequence-point -c -o field.o field.c
field.c: In function ‘load_field’:
field.c:343:27: warning: operation on ‘n’ may be undefined [-Wsequence-point]
       set[n]->setindex = n++;
                          ~^~

3. Walk around

Apply the patch:

--- a/src/field.c
+++ b/src/field.c
@@ -340,7 +340,8 @@
       nsample += set[n]->nsample;
       free_tab(set[n]->imatab);
       set[n]->imatab = NULL;
-      set[n]->setindex = n++;
+      set[n]->setindex = n;
+      n++;
       }
 
   field->nsample = nsample;

Regards,
Jun MO

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages scamp depends on:
ii  curl              7.57.0-1
ii  libatlas3-base    3.10.3-5
ii  libc6             2.25-2
ii  libfftw3-single3  3.3.6p2-2
ii  libplplot15       5.13.0+dfsg-7

scamp recommends no packages.

scamp suggests no packages.

-- debconf-show failed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test-scamp-segfault.cat
Type: application/octet-stream
Size: 25920 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/debian-astro-maintainers/attachments/20171201/161496b5/attachment-0001.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: scamp-backtrace.txt
URL: <http://lists.alioth.debian.org/pipermail/debian-astro-maintainers/attachments/20171201/161496b5/attachment-0001.txt>
