[cocci] spatch 1.1.1 segmentation fault report

[cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

Hi,

I'm observing a weird crash with spatch 1.1.1

$ spatch --version
spatch version 1.1.1 compiled with OCaml version 4.11.2
Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
OCaml scripting support: yes
Python scripting support: yes
Syntax of regular expressions: PCRE

$ cat segfault.cocci
@err@
position p;
@@

amd_energy_is_visible(...)
{
*       return 0444;@p
}

@script:python@
p << err.p;
@@

coccilib.report.print_report(p[0], "found")

$ mkdir empty_dir # creating empty directory
$ spatch segfault.cocci empty_dir
init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
0 files match
[1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test


Best Regards,
Denis Efremov

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Sun, 6 Feb 2022, Denis Efremov wrote:

> Hi,
>
> I'm observing a weird crash with spatch 1.1.1
>
> $ spatch --version
> spatch version 1.1.1 compiled with OCaml version 4.11.2
> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
> OCaml scripting support: yes
> Python scripting support: yes
> Syntax of regular expressions: PCRE
>
> $ cat segfault.cocci
> @err@
> position p;
> @@
>
> amd_energy_is_visible(...)
> {
> *       return 0444;@p
> }
>
> @script:python@
> p << err.p;
> @@
>
> coccilib.report.print_report(p[0], "found")
>
> $ mkdir empty_dir # creating empty directory
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> 0 files match
> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test

Thanks for the report.  I will check on it.  I don't think I have often
tried running spatch on no files...

julia

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Sun, 6 Feb 2022, Denis Efremov wrote:

> Hi,
>
> I'm observing a weird crash with spatch 1.1.1
>
> $ spatch --version
> spatch version 1.1.1 compiled with OCaml version 4.11.2
> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
> OCaml scripting support: yes
> Python scripting support: yes
> Syntax of regular expressions: PCRE
>
> $ cat segfault.cocci
> @err@
> position p;
> @@
>
> amd_energy_is_visible(...)
> {
> *       return 0444;@p
> }
>
> @script:python@
> p << err.p;
> @@
>
> coccilib.report.print_report(p[0], "found")
>
> $ mkdir empty_dir # creating empty directory
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> 0 files match
> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test

I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
--enable-pcre-syntax --enable-pcre, but it seems to work find for me.
Does the problem go away if there is a file in the directory?  If you
remove the python code?

julia

>
>
> Best Regards,
> Denis Efremov
>

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/6/22 21:43, Julia Lawall wrote:
> 
> 
> On Sun, 6 Feb 2022, Denis Efremov wrote:
> 
>> Hi,
>>
>> I'm observing a weird crash with spatch 1.1.1
>>
>> $ spatch --version
>> spatch version 1.1.1 compiled with OCaml version 4.11.2
>> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
>> OCaml scripting support: yes
>> Python scripting support: yes
>> Syntax of regular expressions: PCRE
>>
>> $ cat segfault.cocci
>> @err@
>> position p;
>> @@
>>
>> amd_energy_is_visible(...)
>> {
>> *       return 0444;@p
>> }
>>
>> @script:python@
>> p << err.p;
>> @@
>>
>> coccilib.report.print_report(p[0], "found")
>>
>> $ mkdir empty_dir # creating empty directory
>> $ spatch segfault.cocci empty_dir
>> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
>> 0 files match
>> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test
> 
> I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
> --enable-pcre-syntax --enable-pcre, but it seems to work find for me.
> Does the problem go away if there is a file in the directory?  If you
> remove the python code?

It doesn't crash if I run it on the linux kernel sources on commits prior to
9049572fb145 hwmon: Remove amd_energy driver


$ git checkout 9049572fb145~
# there is amd_energy_is_visible in drivers/hwmon/amd_energy.c
# spatch doesn't crash on this commit

$ git checkout 9049572fb145
# no amd_energy_is_visible in kernel source
# spatch crashes

If I remove python code then spatch doesn't crash.

$ python --version
Python 3.10.2

Thanks,
Denis

Re: [cocci] spatch 1.1.1 segmentation fault report

[Markus Elfring]

> 0 files match
> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test


Can you share any debug symbols for such a questionable software behaviour
(besides omitting any code parts from your SmPL script eventually)?


Regards,
Markus

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Sun, 6 Feb 2022, Denis Efremov wrote:

>
>
> On 2/6/22 21:43, Julia Lawall wrote:
> >
> >
> > On Sun, 6 Feb 2022, Denis Efremov wrote:
> >
> >> Hi,
> >>
> >> I'm observing a weird crash with spatch 1.1.1
> >>
> >> $ spatch --version
> >> spatch version 1.1.1 compiled with OCaml version 4.11.2
> >> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
> >> OCaml scripting support: yes
> >> Python scripting support: yes
> >> Syntax of regular expressions: PCRE
> >>
> >> $ cat segfault.cocci
> >> @err@
> >> position p;
> >> @@
> >>
> >> amd_energy_is_visible(...)
> >> {
> >> *       return 0444;@p
> >> }
> >>
> >> @script:python@
> >> p << err.p;
> >> @@
> >>
> >> coccilib.report.print_report(p[0], "found")
> >>
> >> $ mkdir empty_dir # creating empty directory
> >> $ spatch segfault.cocci empty_dir
> >> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> >> 0 files match
> >> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test
> >
> > I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
> > --enable-pcre-syntax --enable-pcre, but it seems to work find for me.
> > Does the problem go away if there is a file in the directory?  If you
> > remove the python code?
>
> It doesn't crash if I run it on the linux kernel sources on commits prior to
> 9049572fb145 hwmon: Remove amd_energy driver
>
>
> $ git checkout 9049572fb145~
> # there is amd_energy_is_visible in drivers/hwmon/amd_energy.c
> # spatch doesn't crash on this commit
>
> $ git checkout 9049572fb145
> # no amd_energy_is_visible in kernel source
> # spatch crashes
>
> If I remove python code then spatch doesn't crash.

Maybe try with --debug.  Or try without the p[0] in the python code.

julia

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/6/22 22:48, Julia Lawall wrote:
> 
> 
> On Sun, 6 Feb 2022, Denis Efremov wrote:
> 
>>
>>
>> On 2/6/22 21:43, Julia Lawall wrote:
>>>
>>>
>>> On Sun, 6 Feb 2022, Denis Efremov wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm observing a weird crash with spatch 1.1.1
>>>>
>>>> $ spatch --version
>>>> spatch version 1.1.1 compiled with OCaml version 4.11.2
>>>> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
>>>> OCaml scripting support: yes
>>>> Python scripting support: yes
>>>> Syntax of regular expressions: PCRE
>>>>
>>>> $ cat segfault.cocci
>>>> @err@
>>>> position p;
>>>> @@
>>>>
>>>> amd_energy_is_visible(...)
>>>> {
>>>> *       return 0444;@p
>>>> }
>>>>
>>>> @script:python@
>>>> p << err.p;
>>>> @@
>>>>
>>>> coccilib.report.print_report(p[0], "found")
>>>>
>>>> $ mkdir empty_dir # creating empty directory
>>>> $ spatch segfault.cocci empty_dir
>>>> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
>>>> 0 files match
>>>> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test
>>>
>>> I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
>>> --enable-pcre-syntax --enable-pcre, but it seems to work find for me.
>>> Does the problem go away if there is a file in the directory?  If you
>>> remove the python code?
>>
>> It doesn't crash if I run it on the linux kernel sources on commits prior to
>> 9049572fb145 hwmon: Remove amd_energy driver
>>
>>
>> $ git checkout 9049572fb145~
>> # there is amd_energy_is_visible in drivers/hwmon/amd_energy.c
>> # spatch doesn't crash on this commit
>>
>> $ git checkout 9049572fb145
>> # no amd_energy_is_visible in kernel source
>> # spatch crashes
>>
>> If I remove python code then spatch doesn't crash.
> 
> Maybe try with --debug.  Or try without the p[0] in the python code.
I removed coccilib.report.print_report(p[0], "found")

$ spatch --debug segfault.cocci .
init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
-----------------------------------------------------------------------
processing semantic patch file: segfault.cocci
with isos from: /home/work/.opam/4.11.2/lib/coccinelle/standard.iso
-----------------------------------------------------------------------
@err@
position p;
@@

amd_energy_is_visible(...)
{
*       return 0444;@p
}

@script:python@
p << err.p;
@@


-----------------------------------------------------------------------
script  = 
-----------------------------------------------------------------------
dependencies for script satisfied:
binding in = []
Initializing python
%!
0 files match
Check duplication for 0 files
Finalizing python

[1]    174812 segmentation fault (core dumped)  spatch --debug segfault.cocci .

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Sun, 6 Feb 2022, Denis Efremov wrote:

>
>
> On 2/6/22 22:48, Julia Lawall wrote:
> >
> >
> > On Sun, 6 Feb 2022, Denis Efremov wrote:
> >
> >>
> >>
> >> On 2/6/22 21:43, Julia Lawall wrote:
> >>>
> >>>
> >>> On Sun, 6 Feb 2022, Denis Efremov wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> I'm observing a weird crash with spatch 1.1.1
> >>>>
> >>>> $ spatch --version
> >>>> spatch version 1.1.1 compiled with OCaml version 4.11.2
> >>>> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
> >>>> OCaml scripting support: yes
> >>>> Python scripting support: yes
> >>>> Syntax of regular expressions: PCRE
> >>>>
> >>>> $ cat segfault.cocci
> >>>> @err@
> >>>> position p;
> >>>> @@
> >>>>
> >>>> amd_energy_is_visible(...)
> >>>> {
> >>>> *       return 0444;@p
> >>>> }
> >>>>
> >>>> @script:python@
> >>>> p << err.p;
> >>>> @@
> >>>>
> >>>> coccilib.report.print_report(p[0], "found")
> >>>>
> >>>> $ mkdir empty_dir # creating empty directory
> >>>> $ spatch segfault.cocci empty_dir
> >>>> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> >>>> 0 files match
> >>>> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test
> >>>
> >>> I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
> >>> --enable-pcre-syntax --enable-pcre, but it seems to work find for me.
> >>> Does the problem go away if there is a file in the directory?  If you
> >>> remove the python code?
> >>
> >> It doesn't crash if I run it on the linux kernel sources on commits prior to
> >> 9049572fb145 hwmon: Remove amd_energy driver
> >>
> >>
> >> $ git checkout 9049572fb145~
> >> # there is amd_energy_is_visible in drivers/hwmon/amd_energy.c
> >> # spatch doesn't crash on this commit
> >>
> >> $ git checkout 9049572fb145
> >> # no amd_energy_is_visible in kernel source
> >> # spatch crashes
> >>
> >> If I remove python code then spatch doesn't crash.
> >
> > Maybe try with --debug.  Or try without the p[0] in the python code.
> I removed coccilib.report.print_report(p[0], "found")

Could you remove the python metavariable p and print something in the
python code?  Flush standard output to be sure to have a chance to see it
if it crashes after.  Maybe it would help to see where the crash occurs in
the core file?

julia

>
> $ spatch --debug segfault.cocci .
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> -----------------------------------------------------------------------
> processing semantic patch file: segfault.cocci
> with isos from: /home/work/.opam/4.11.2/lib/coccinelle/standard.iso
> -----------------------------------------------------------------------
> @err@
> position p;
> @@
>
> amd_energy_is_visible(...)
> {
> *       return 0444;@p
> }
>
> @script:python@
> p << err.p;
> @@
>
>
> -----------------------------------------------------------------------
> script  =
> -----------------------------------------------------------------------
> dependencies for script satisfied:
> binding in = []
> Initializing python
> %!
> 0 files match
> Check duplication for 0 files
> Finalizing python
>
> [1]    174812 segmentation fault (core dumped)  spatch --debug segfault.cocci .
>

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/7/22 00:00, Julia Lawall wrote:
> 
> 
> On Sun, 6 Feb 2022, Denis Efremov wrote:
> 
>>
>>
>> On 2/6/22 22:48, Julia Lawall wrote:
>>>
>>>
>>> On Sun, 6 Feb 2022, Denis Efremov wrote:
>>>
>>>>
>>>>
>>>> On 2/6/22 21:43, Julia Lawall wrote:
>>>>>
>>>>>
>>>>> On Sun, 6 Feb 2022, Denis Efremov wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm observing a weird crash with spatch 1.1.1
>>>>>>
>>>>>> $ spatch --version
>>>>>> spatch version 1.1.1 compiled with OCaml version 4.11.2
>>>>>> Flags passed to the configure script: --enable-opt --enable-ocaml --enable-python --enable-pcre-syntax --enable-pcre --prefix /home/work/.opam/4.11.2 --libdir /home/work/.opam/4.11.2/lib
>>>>>> OCaml scripting support: yes
>>>>>> Python scripting support: yes
>>>>>> Syntax of regular expressions: PCRE
>>>>>>
>>>>>> $ cat segfault.cocci
>>>>>> @err@
>>>>>> position p;
>>>>>> @@
>>>>>>
>>>>>> amd_energy_is_visible(...)
>>>>>> {
>>>>>> *       return 0444;@p
>>>>>> }
>>>>>>
>>>>>> @script:python@
>>>>>> p << err.p;
>>>>>> @@
>>>>>>
>>>>>> coccilib.report.print_report(p[0], "found")
>>>>>>
>>>>>> $ mkdir empty_dir # creating empty directory
>>>>>> $ spatch segfault.cocci empty_dir
>>>>>> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
>>>>>> 0 files match
>>>>>> [1]    152475 segmentation fault (core dumped)  spatch segfault.cocci test
>>>>>
>>>>> I tried 1.1.1 with the options --enable-opt --enable-ocaml --enable-python
>>>>> --enable-pcre-syntax --enable-pcre, but it seems to work find for me.
>>>>> Does the problem go away if there is a file in the directory?  If you
>>>>> remove the python code?
>>>>
>>>> It doesn't crash if I run it on the linux kernel sources on commits prior to
>>>> 9049572fb145 hwmon: Remove amd_energy driver
>>>>
>>>>
>>>> $ git checkout 9049572fb145~
>>>> # there is amd_energy_is_visible in drivers/hwmon/amd_energy.c
>>>> # spatch doesn't crash on this commit
>>>>
>>>> $ git checkout 9049572fb145
>>>> # no amd_energy_is_visible in kernel source
>>>> # spatch crashes
>>>>
>>>> If I remove python code then spatch doesn't crash.
>>>
>>> Maybe try with --debug.  Or try without the p[0] in the python code.
>> I removed coccilib.report.print_report(p[0], "found")
> 
> Could you remove the python metavariable p and print something in the
> python code?  Flush standard output to be sure to have a chance to see it
> if it crashes after.  Maybe it would help to see where the crash occurs in
> the core file?


I checked that the problem persist on latest commit
b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml

and bisected the crash to commit 
7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
Author: Corentin De Souza <corentin.de-souza@inria.fr>
Date:   Tue May 25 19:21:51 2021 +0200

    parsing_c: detect macro iterators from their bodies
    
    This uses the same strategy as macro statements (see
    https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
    The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
    
    The next commit will finally fix the assign_expr rule in the parser, removing
    the conflicts it introduced while not breaking test
    assign_deref_funcall_in_macro_it.

 parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
 parsing_c/parser_c.mly   |  3 ++-
 2 files changed, 32 insertions(+), 10 deletions(-)

I removed the @p variable and reduced the cocci file to
@err@
@@

amd_energy_is_visible(...)
{
*       return 0444;
}

@script:python@
@@

and it still crashes.
$ mkdir empty_dir
$ spatch segfault.cocci empty_dir
init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
no inferred keywords
[2]    240209 segmentation fault (core dumped)  spatch segfault.cocci empty_dir

$ touch empty_dir/file
$ spatch segfault.cocci empty_dir
init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
no inferred keywords
[2]    240269 segmentation fault (core dumped)  spatch segfault.cocci empty_dir

$ echo "void amd_energy_is_visible(void) { return 0444; }" > empty_dir/file
$ spatch segfault.cocci empty_dir
init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
no inferred keywords
[2]    240363 segmentation fault (core dumped)  spatch segfault.cocci empty_dir

Regards,
Denis

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

> I checked that the problem persist on latest commit
> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>
> and bisected the crash to commit
> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
> Author: Corentin De Souza <corentin.de-souza@inria.fr>
> Date:   Tue May 25 19:21:51 2021 +0200
>
>     parsing_c: detect macro iterators from their bodies
>
>     This uses the same strategy as macro statements (see
>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
>
>     The next commit will finally fix the assign_expr rule in the parser, removing
>     the conflicts it introduced while not breaking test
>     assign_deref_funcall_in_macro_it.
>
>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
>  parsing_c/parser_c.mly   |  3 ++-
>  2 files changed, 32 insertions(+), 10 deletions(-)

Thanks for all of the investigation.  I'll take a look at this commit, but
from the subject it seems hard to imagine how it would affect python...

Could you take a look at the core to see if indicates what function caused
the problem?

Do you have parmap installed on your machine or are you using the bundled
version?

Could use test with the bytecode version of Coccinelle?  I think that
would come without the --enable-opt option.

thanks,
julia

>
> I removed the @p variable and reduced the cocci file to
> @err@
> @@
>
> amd_energy_is_visible(...)
> {
> *       return 0444;
> }
>
> @script:python@
> @@
>
> and it still crashes.
> $ mkdir empty_dir
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240209 segmentation fault (core dumped)  spatch segfault.cocci empty_dir
>
> $ touch empty_dir/file
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240269 segmentation fault (core dumped)  spatch segfault.cocci empty_dir
>
> $ echo "void amd_energy_is_visible(void) { return 0444; }" > empty_dir/file
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240363 segmentation fault (core dumped)  spatch segfault.cocci empty_dir
>
> Regards,
> Denis
>

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/7/22 09:56, Julia Lawall wrote:
>> I checked that the problem persist on latest commit
>> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>>
>> and bisected the crash to commit
>> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
>> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
>> Author: Corentin De Souza <corentin.de-souza@inria.fr>
>> Date:   Tue May 25 19:21:51 2021 +0200
>>
>>     parsing_c: detect macro iterators from their bodies
>>
>>     This uses the same strategy as macro statements (see
>>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
>>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
>>
>>     The next commit will finally fix the assign_expr rule in the parser, removing
>>     the conflicts it introduced while not breaking test
>>     assign_deref_funcall_in_macro_it.
>>
>>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
>>  parsing_c/parser_c.mly   |  3 ++-
>>  2 files changed, 32 insertions(+), 10 deletions(-)
> 
> Thanks for all of the investigation.  I'll take a look at this commit, but
> from the subject it seems hard to imagine how it would affect python...
> 
> Could you take a look at the core to see if indicates what function caused
> the problem?

Core was generated by `spatch segfault.cocci empty_dir'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
247     pyml_stubs.c: Directory not empty.
(gdb) bt
#0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
#1  0x0000000000ac5cee in caml_empty_minor_heap () at minor_gc.c:409
#2  0x0000000000ac610c in caml_gc_dispatch () at minor_gc.c:475
#3  0x0000000000ac61fe in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
#4  0x0000000000ac6293 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1, 
    encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
#5  0x0000000000ac7831 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
#6  0x0000000000acd6ef in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
#7  0x0000000000a47005 in camlStdlib__flush_all_231 () at stdlib.ml:349
#8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
#9  0x00000000005f5199 in caml_program ()
#10 0x0000000000ae0860 in caml_start_program ()
#11 0x0000000000ae0be4 in caml_startup_common (argv=0x7ffcf50f98c8, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
#12 0x0000000000ae0c5b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
#13 caml_startup (argv=<optimized out>) at startup_nat.c:170
#14 caml_main (argv=<optimized out>) at startup_nat.c:177
#15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44


> 
> Do you have parmap installed on your machine or are you using the bundled
> version?

I guess it's in my system:

configure: configuring package parmap
checking for OCaml findlib package parmap... found
...
cp /home/work/.opam/4.11.2/lib/parmap/parmap.cmi ocaml/parmap.cmi
if test -f /home/work/.opam/4.11.2/lib/parmap/parmap.cmx; then \
        cp /home/work/.opam/4.11.2/lib/parmap/parmap.cmx ocaml/parmap.cmx; \
fi

> 
> Could use test with the bytecode version of Coccinelle?  I think that
> would come without the --enable-opt option.
>

When I build spatch with --disable-opt there is no crash.

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Mon, 7 Feb 2022, Denis Efremov wrote:

>
>
> On 2/7/22 09:56, Julia Lawall wrote:
> >> I checked that the problem persist on latest commit
> >> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
> >>
> >> and bisected the crash to commit
> >> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
> >> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
> >> Author: Corentin De Souza <corentin.de-souza@inria.fr>
> >> Date:   Tue May 25 19:21:51 2021 +0200
> >>
> >>     parsing_c: detect macro iterators from their bodies
> >>
> >>     This uses the same strategy as macro statements (see
> >>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
> >>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
> >>
> >>     The next commit will finally fix the assign_expr rule in the parser, removing
> >>     the conflicts it introduced while not breaking test
> >>     assign_deref_funcall_in_macro_it.
> >>
> >>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
> >>  parsing_c/parser_c.mly   |  3 ++-
> >>  2 files changed, 32 insertions(+), 10 deletions(-)
> >
> > Thanks for all of the investigation.  I'll take a look at this commit, but
> > from the subject it seems hard to imagine how it would affect python...
> >
> > Could you take a look at the core to see if indicates what function caused
> > the problem?
>
> Core was generated by `spatch segfault.cocci empty_dir'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
> 247     pyml_stubs.c: Directory not empty.
> (gdb) bt

Does your pyml come from the bundle in Coccinelle or from opam?

In my spatch 1.1.1 code, line 247 is just a variable declaration.

julia

> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
> #1  0x0000000000ac5cee in caml_empty_minor_heap () at minor_gc.c:409
> #2  0x0000000000ac610c in caml_gc_dispatch () at minor_gc.c:475
> #3  0x0000000000ac61fe in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
> #4  0x0000000000ac6293 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1,
>     encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
> #5  0x0000000000ac7831 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
> #6  0x0000000000acd6ef in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
> #7  0x0000000000a47005 in camlStdlib__flush_all_231 () at stdlib.ml:349
> #8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
> #9  0x00000000005f5199 in caml_program ()
> #10 0x0000000000ae0860 in caml_start_program ()
> #11 0x0000000000ae0be4 in caml_startup_common (argv=0x7ffcf50f98c8, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
> #12 0x0000000000ae0c5b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
> #13 caml_startup (argv=<optimized out>) at startup_nat.c:170
> #14 caml_main (argv=<optimized out>) at startup_nat.c:177
> #15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44
>
>
> >
> > Do you have parmap installed on your machine or are you using the bundled
> > version?
>
> I guess it's in my system:
>
> configure: configuring package parmap
> checking for OCaml findlib package parmap... found
> ...
> cp /home/work/.opam/4.11.2/lib/parmap/parmap.cmi ocaml/parmap.cmi
> if test -f /home/work/.opam/4.11.2/lib/parmap/parmap.cmx; then \
>         cp /home/work/.opam/4.11.2/lib/parmap/parmap.cmx ocaml/parmap.cmx; \
> fi
>
> >
> > Could use test with the bytecode version of Coccinelle?  I think that
> > would come without the --enable-opt option.
> >
>
> When I build spatch with --disable-opt there is no crash.
>
>

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

> I removed the @p variable and reduced the cocci file to
> @err@
> @@
>
> amd_energy_is_visible(...)
> {
> *       return 0444;
> }
>
> @script:python@
> @@
>
> and it still crashes.
> $ mkdir empty_dir
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240209 segmentation fault (core dumped)  spatch segfault.cocci empty_dir
>
> $ touch empty_dir/file
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240269 segmentation fault (core dumped)  spatch segfault.cocci empty_dir
>
> $ echo "void amd_energy_is_visible(void) { return 0444; }" > empty_dir/file
> $ spatch segfault.cocci empty_dir
> init_defs_builtins: /home/work/.opam/4.11.2/lib/coccinelle/standard.h
> no inferred keywords
> [2]    240363 segmentation fault (core dumped)  spatch segfault.cocci empty_dir

A strange thing is that you have the message "no inferred keywords" and in
another mssage you had a message about 0 files.  But I have nothing.

julia

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/7/22 12:54, Julia Lawall wrote:
> 
> 
> On Mon, 7 Feb 2022, Denis Efremov wrote:
> 
>>
>>
>> On 2/7/22 09:56, Julia Lawall wrote:
>>>> I checked that the problem persist on latest commit
>>>> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>>>>
>>>> and bisected the crash to commit
>>>> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
>>>> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
>>>> Author: Corentin De Souza <corentin.de-souza@inria.fr>
>>>> Date:   Tue May 25 19:21:51 2021 +0200
>>>>
>>>>     parsing_c: detect macro iterators from their bodies
>>>>
>>>>     This uses the same strategy as macro statements (see
>>>>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
>>>>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
>>>>
>>>>     The next commit will finally fix the assign_expr rule in the parser, removing
>>>>     the conflicts it introduced while not breaking test
>>>>     assign_deref_funcall_in_macro_it.
>>>>
>>>>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
>>>>  parsing_c/parser_c.mly   |  3 ++-
>>>>  2 files changed, 32 insertions(+), 10 deletions(-)
>>>
>>> Thanks for all of the investigation.  I'll take a look at this commit, but
>>> from the subject it seems hard to imagine how it would affect python...
>>>
>>> Could you take a look at the core to see if indicates what function caused
>>> the problem?
>>
>> Core was generated by `spatch segfault.cocci empty_dir'.
>> Program terminated with signal SIGSEGV, Segmentation fault.
>> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
>> 247     pyml_stubs.c: Directory not empty.
>> (gdb) bt
> 
> Does your pyml come from the bundle in Coccinelle or from opam?
> 
> In my spatch 1.1.1 code, line 247 is just a variable declaration.

Installed with opam pyml.20211015
Line 247:
244:static void pydecref( value v )                                                  
245:{                                                                                
246:    if (getcustom(v)) {                                                          
247:        Py_DECREF((PyObject *)getcustom(v));                                     
248:    }                                                                            
249:}

I uninstalled opam and rebuilded spatch with the bundled pyml on
latest commit: b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml

Result is the same.

#0  0x0000000000aa810e in pydecref ()
#1  0x0000000000ac512e in caml_empty_minor_heap () at minor_gc.c:409
#2  0x0000000000ac554c in caml_gc_dispatch () at minor_gc.c:475
#3  0x0000000000ac563e in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
#4  0x0000000000ac56d3 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1, 
    encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
#5  0x0000000000ac6c71 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
#6  0x0000000000accb2f in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
#7  0x0000000000a46645 in camlStdlib__flush_all_231 () at stdlib.ml:349
#8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
#9  0x00000000005f5199 in caml_program ()
#10 0x0000000000adfca0 in caml_start_program ()
#11 0x0000000000ae0024 in caml_startup_common (argv=0x7ffcaf256848, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
#12 0x0000000000ae009b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
#13 caml_startup (argv=<optimized out>) at startup_nat.c:170
#14 caml_main (argv=<optimized out>) at startup_nat.c:177
#15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

On Mon, 7 Feb 2022, Denis Efremov wrote:

>
>
> On 2/7/22 12:54, Julia Lawall wrote:
> >
> >
> > On Mon, 7 Feb 2022, Denis Efremov wrote:
> >
> >>
> >>
> >> On 2/7/22 09:56, Julia Lawall wrote:
> >>>> I checked that the problem persist on latest commit
> >>>> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
> >>>>
> >>>> and bisected the crash to commit
> >>>> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
> >>>> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
> >>>> Author: Corentin De Souza <corentin.de-souza@inria.fr>
> >>>> Date:   Tue May 25 19:21:51 2021 +0200
> >>>>
> >>>>     parsing_c: detect macro iterators from their bodies
> >>>>
> >>>>     This uses the same strategy as macro statements (see
> >>>>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
> >>>>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
> >>>>
> >>>>     The next commit will finally fix the assign_expr rule in the parser, removing
> >>>>     the conflicts it introduced while not breaking test
> >>>>     assign_deref_funcall_in_macro_it.
> >>>>
> >>>>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
> >>>>  parsing_c/parser_c.mly   |  3 ++-
> >>>>  2 files changed, 32 insertions(+), 10 deletions(-)
> >>>
> >>> Thanks for all of the investigation.  I'll take a look at this commit, but
> >>> from the subject it seems hard to imagine how it would affect python...
> >>>
> >>> Could you take a look at the core to see if indicates what function caused
> >>> the problem?
> >>
> >> Core was generated by `spatch segfault.cocci empty_dir'.
> >> Program terminated with signal SIGSEGV, Segmentation fault.
> >> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
> >> 247     pyml_stubs.c: Directory not empty.
> >> (gdb) bt
> >
> > Does your pyml come from the bundle in Coccinelle or from opam?
> >
> > In my spatch 1.1.1 code, line 247 is just a variable declaration.
>
> Installed with opam pyml.20211015
> Line 247:
> 244:static void pydecref( value v )
> 245:{
> 246:    if (getcustom(v)) {
> 247:        Py_DECREF((PyObject *)getcustom(v));
> 248:    }
> 249:}
>
> I uninstalled opam and rebuilded spatch with the bundled pyml on
> latest commit: b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>
> Result is the same.
>
> #0  0x0000000000aa810e in pydecref ()
> #1  0x0000000000ac512e in caml_empty_minor_heap () at minor_gc.c:409
> #2  0x0000000000ac554c in caml_gc_dispatch () at minor_gc.c:475
> #3  0x0000000000ac563e in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
> #4  0x0000000000ac56d3 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1,
>     encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
> #5  0x0000000000ac6c71 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
> #6  0x0000000000accb2f in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
> #7  0x0000000000a46645 in camlStdlib__flush_all_231 () at stdlib.ml:349
> #8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
> #9  0x00000000005f5199 in caml_program ()
> #10 0x0000000000adfca0 in caml_start_program ()
> #11 0x0000000000ae0024 in caml_startup_common (argv=0x7ffcaf256848, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
> #12 0x0000000000ae009b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
> #13 caml_startup (argv=<optimized out>) at startup_nat.c:170
> #14 caml_main (argv=<optimized out>) at startup_nat.c:177
> #15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44

Thierry has found the problem.  I will push the solution shortly to
github.  We can make a new release if you need that.

Thanks!

julia

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/7/22 15:56, Julia Lawall wrote:
> 
> 
> On Mon, 7 Feb 2022, Denis Efremov wrote:
> 
>>
>>
>> On 2/7/22 12:54, Julia Lawall wrote:
>>>
>>>
>>> On Mon, 7 Feb 2022, Denis Efremov wrote:
>>>
>>>>
>>>>
>>>> On 2/7/22 09:56, Julia Lawall wrote:
>>>>>> I checked that the problem persist on latest commit
>>>>>> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>>>>>>
>>>>>> and bisected the crash to commit
>>>>>> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
>>>>>> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
>>>>>> Author: Corentin De Souza <corentin.de-souza@inria.fr>
>>>>>> Date:   Tue May 25 19:21:51 2021 +0200
>>>>>>
>>>>>>     parsing_c: detect macro iterators from their bodies
>>>>>>
>>>>>>     This uses the same strategy as macro statements (see
>>>>>>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
>>>>>>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
>>>>>>
>>>>>>     The next commit will finally fix the assign_expr rule in the parser, removing
>>>>>>     the conflicts it introduced while not breaking test
>>>>>>     assign_deref_funcall_in_macro_it.
>>>>>>
>>>>>>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
>>>>>>  parsing_c/parser_c.mly   |  3 ++-
>>>>>>  2 files changed, 32 insertions(+), 10 deletions(-)
>>>>>
>>>>> Thanks for all of the investigation.  I'll take a look at this commit, but
>>>>> from the subject it seems hard to imagine how it would affect python...
>>>>>
>>>>> Could you take a look at the core to see if indicates what function caused
>>>>> the problem?
>>>>
>>>> Core was generated by `spatch segfault.cocci empty_dir'.
>>>> Program terminated with signal SIGSEGV, Segmentation fault.
>>>> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
>>>> 247     pyml_stubs.c: Directory not empty.
>>>> (gdb) bt
>>>
>>> Does your pyml come from the bundle in Coccinelle or from opam?
>>>
>>> In my spatch 1.1.1 code, line 247 is just a variable declaration.
>>
>> Installed with opam pyml.20211015
>> Line 247:
>> 244:static void pydecref( value v )
>> 245:{
>> 246:    if (getcustom(v)) {
>> 247:        Py_DECREF((PyObject *)getcustom(v));
>> 248:    }
>> 249:}
>>
>> I uninstalled opam and rebuilded spatch with the bundled pyml on
>> latest commit: b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
>>
>> Result is the same.
>>
>> #0  0x0000000000aa810e in pydecref ()
>> #1  0x0000000000ac512e in caml_empty_minor_heap () at minor_gc.c:409
>> #2  0x0000000000ac554c in caml_gc_dispatch () at minor_gc.c:475
>> #3  0x0000000000ac563e in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
>> #4  0x0000000000ac56d3 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1,
>>     encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
>> #5  0x0000000000ac6c71 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
>> #6  0x0000000000accb2f in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
>> #7  0x0000000000a46645 in camlStdlib__flush_all_231 () at stdlib.ml:349
>> #8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
>> #9  0x00000000005f5199 in caml_program ()
>> #10 0x0000000000adfca0 in caml_start_program ()
>> #11 0x0000000000ae0024 in caml_startup_common (argv=0x7ffcaf256848, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
>> #12 0x0000000000ae009b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
>> #13 caml_startup (argv=<optimized out>) at startup_nat.c:170
>> #14 caml_main (argv=<optimized out>) at startup_nat.c:177
>> #15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44
> 
> Thierry has found the problem.  I will push the solution shortly to
> github.  We can make a new release if you need that.
>

Thank you! I don't need a new release. But if there is a way to slightly change the pattern
to avoid the crash this will be useful to me.

Regards,
Denis

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

> Thank you! I don't need a new release. But if there is a way to slightly change the pattern
> to avoid the crash this will be useful to me.

I don't think so.  The log message on the commit is:

GC full major collection prevents dangling references on Python objects to
be collected after Python unloading, which led to segmentation fault.

So maybe in the future it will be possible to get the fix from a more
recent version of pyml from opam.

julia

Re: [cocci] spatch 1.1.1 segmentation fault report

[Julia Lawall]

The fix should be available now.

julia

On Mon, 7 Feb 2022, Denis Efremov wrote:

>
>
> On 2/7/22 15:56, Julia Lawall wrote:
> >
> >
> > On Mon, 7 Feb 2022, Denis Efremov wrote:
> >
> >>
> >>
> >> On 2/7/22 12:54, Julia Lawall wrote:
> >>>
> >>>
> >>> On Mon, 7 Feb 2022, Denis Efremov wrote:
> >>>
> >>>>
> >>>>
> >>>> On 2/7/22 09:56, Julia Lawall wrote:
> >>>>>> I checked that the problem persist on latest commit
> >>>>>> b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
> >>>>>>
> >>>>>> and bisected the crash to commit
> >>>>>> 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453 is the first bad commit
> >>>>>> commit 7b79a2415a8c6e8b1c39a8183bf732fdc6d00453
> >>>>>> Author: Corentin De Souza <corentin.de-souza@inria.fr>
> >>>>>> Date:   Tue May 25 19:21:51 2021 +0200
> >>>>>>
> >>>>>>     parsing_c: detect macro iterators from their bodies
> >>>>>>
> >>>>>>     This uses the same strategy as macro statements (see
> >>>>>>     https://gitlab.inria.fr/coccinelle/coccinelle/-/merge_requests/92).
> >>>>>>     The goal is to do fix https://gitlab.inria.fr/coccinelle/coccinelle/-/issues/24
> >>>>>>
> >>>>>>     The next commit will finally fix the assign_expr rule in the parser, removing
> >>>>>>     the conflicts it introduced while not breaking test
> >>>>>>     assign_deref_funcall_in_macro_it.
> >>>>>>
> >>>>>>  parsing_c/cpp_token_c.ml | 39 ++++++++++++++++++++++++++++++---------
> >>>>>>  parsing_c/parser_c.mly   |  3 ++-
> >>>>>>  2 files changed, 32 insertions(+), 10 deletions(-)
> >>>>>
> >>>>> Thanks for all of the investigation.  I'll take a look at this commit, but
> >>>>> from the subject it seems hard to imagine how it would affect python...
> >>>>>
> >>>>> Could you take a look at the core to see if indicates what function caused
> >>>>> the problem?
> >>>>
> >>>> Core was generated by `spatch segfault.cocci empty_dir'.
> >>>> Program terminated with signal SIGSEGV, Segmentation fault.
> >>>> #0  0x0000000000aa8b7e in pydecref (v=<optimized out>) at pyml_stubs.c:247
> >>>> 247     pyml_stubs.c: Directory not empty.
> >>>> (gdb) bt
> >>>
> >>> Does your pyml come from the bundle in Coccinelle or from opam?
> >>>
> >>> In my spatch 1.1.1 code, line 247 is just a variable declaration.
> >>
> >> Installed with opam pyml.20211015
> >> Line 247:
> >> 244:static void pydecref( value v )
> >> 245:{
> >> 246:    if (getcustom(v)) {
> >> 247:        Py_DECREF((PyObject *)getcustom(v));
> >> 248:    }
> >> 249:}
> >>
> >> I uninstalled opam and rebuilded spatch with the bundled pyml on
> >> latest commit: b2a4b9b77157 parsing_c: print correct attributes in pretty_print_c.ml
> >>
> >> Result is the same.
> >>
> >> #0  0x0000000000aa810e in pydecref ()
> >> #1  0x0000000000ac512e in caml_empty_minor_heap () at minor_gc.c:409
> >> #2  0x0000000000ac554c in caml_gc_dispatch () at minor_gc.c:475
> >> #3  0x0000000000ac563e in caml_check_urgent_gc (extra_root=<optimized out>, extra_root@entry=1) at minor_gc.c:572
> >> #4  0x0000000000ac56d3 in caml_alloc_small_dispatch (wosize=2, flags=flags@entry=1, nallocs=nallocs@entry=1,
> >>     encoded_alloc_lens=encoded_alloc_lens@entry=0x0) at minor_gc.c:516
> >> #5  0x0000000000ac6c71 in caml_alloc_small (wosize=wosize@entry=2, tag=tag@entry=0) at alloc.c:68
> >> #6  0x0000000000accb2f in caml_ml_out_channels_list (unit=<optimized out>) at io.c:512
> >> #7  0x0000000000a46645 in camlStdlib__flush_all_231 () at stdlib.ml:349
> >> #8  0x00000000005ffeaf in camlStd_exit__entry () at stdlib.ml:556
> >> #9  0x00000000005f5199 in caml_program ()
> >> #10 0x0000000000adfca0 in caml_start_program ()
> >> #11 0x0000000000ae0024 in caml_startup_common (argv=0x7ffcaf256848, pooling=<optimized out>, pooling@entry=0) at startup_nat.c:160
> >> #12 0x0000000000ae009b in caml_startup_exn (argv=<optimized out>) at startup_nat.c:165
> >> #13 caml_startup (argv=<optimized out>) at startup_nat.c:170
> >> #14 caml_main (argv=<optimized out>) at startup_nat.c:177
> >> #15 0x00000000005f3ddc in main (argc=<optimized out>, argv=<optimized out>) at main.c:44
> >
> > Thierry has found the problem.  I will push the solution shortly to
> > github.  We can make a new release if you need that.
> >
>
> Thank you! I don't need a new release. But if there is a way to slightly change the pattern
> to avoid the crash this will be useful to me.
>
> Regards,
> Denis
>

Re: [cocci] spatch 1.1.1 segmentation fault report

[Denis Efremov]

On 2/7/22 17:15, Julia Lawall wrote:
> The fix should be available now.
> 
Thanks! I confirm that the problem solved.