Plan 9 from Bell Labs’s /usr/web/sources/patch/applied/string-len/readme

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution. 


acme was in an infinite loop because frame called a string varient with a negative string length
since len is signed, the proposed fix is len > 0.  this fix is similar to something gerold has done.

the snapped process is here: /n/sources/contrib/quanstro/acme.snap.bz2

acid; stk()
cachechars(f=0x9de28,ss=0xef0a4,rr=0x0,subfontname=0xeef98,max=0xfffffffa,cp=0xeefa8,wp=0xef074)+0x44 /sys/src/libdraw/font.c:27
_string(len=0xfffffffa,f=0x9de28,.ret=0x680ec,s=0x40e60b,r=0x685ec,dst=0xa6708,op=0xb,bg=0xa67c8,src=0x9ae58,pt=0x1bf,clipr=0x4c,sp=0x0,bgp=0x0)+0x118 /sys/src/libdraw/string.c:85
stringnbg(src=0x9ae58,f=0x9de28,s=0x40e60b,len=0xfffffffa,bg=0xa67c8,dst=0xa6708,.ret=0x680ec,pt=0x1bf,sp=0x0,bgp=0x0)+0xd4 /sys/src/libdraw/stringbg.c:20
frdrawsel0(p0=0x3b,f=0x321398,.ret=0x680ec,p1=0x35,pt=0x1bf,back=0xa67c8,text=0x9ae58)+0x5a8 /sys/src/libframe/frdraw.c:105
frdrawsel(p0=0x3b,p1=0x35,issel=0x1,f=0xef178,pt=0x1bf)+0x110 /sys/src/libframe/frdraw.c:57
textsetselect(q0=0x3b,q1=0x35,t=0x321394)+0x198 /sys/src/cmd/acme/text.c:1093
texttype(r=0x1b,t=0x321394)+0x930 /sys/src/cmd/acme/text.c:744
wintype(t=0x321394,r=0x1b,w=0x321380)+0x20 /sys/src/cmd/acme/wind.c:308
rowtype(row=0x77c50,p=0x1bf,r=0x1b)+0x118 /sys/src/cmd/acme/rows.c:408
keyboardthread()+0x168 /sys/src/cmd/acme/acme.c:398
launchermips(arg=0x0,f=0x5344)+0x14 /sys/src/libthread/mips.c:10
launchermips(arg=0x0,f=0x5344)+0xfffffffffffffff8 /sys/src/libthread/xincmips.s:44
_string+0x118 /sys/src/libdraw/string.c:85
acid; stk()
cachechars(f=0x9de28,ss=0xef0a4,rr=0x0,subfontname=0xeef98,max=0xfffffffa,cp=0xeefa8,wp=0xef074)+0x4 /sys/src/libdraw/font.c:11
_string(len=0xfffffffa,f=0x9de28,.ret=0x680ec,s=0x40e60b,r=0x685ec,dst=0xa6708,op=0xb,bg=0xa67c8,src=0x9ae58,pt=0x1bf,clipr=0x4c,sp=0x0,bgp=0x0)+0x118 /sys/src/libdraw/string.c:85
stringnbg(src=0x9ae58,f=0x9de28,s=0x40e60b,len=0xfffffffa,bg=0xa67c8,dst=0xa6708,.ret=0x680ec,pt=0x1bf,sp=0x0,bgp=0x0)+0xd4 /sys/src/libdraw/stringbg.c:20
frdrawsel0(p0=0x3b,f=0x321398,.ret=0x680ec,p1=0x35,pt=0x1bf,back=0xa67c8,text=0x9ae58)+0x5a8 /sys/src/libframe/frdraw.c:105
frdrawsel(p0=0x3b,p1=0x35,issel=0x1,f=0xef178,pt=0x1bf)+0x110 /sys/src/libframe/frdraw.c:57
textsetselect(q0=0x3b,q1=0x35,t=0x321394)+0x198 /sys/src/cmd/acme/text.c:1093
texttype(r=0x1b,t=0x321394)+0x930 /sys/src/cmd/acme/text.c:744
wintype(t=0x321394,r=0x1b,w=0x321380)+0x20 /sys/src/cmd/acme/wind.c:308
rowtype(row=0x77c50,p=0x1bf,r=0x1b)+0x118 /sys/src/cmd/acme/rows.c:408
keyboardthread()+0x168 /sys/src/cmd/acme/acme.c:398
launchermips(arg=0x0,f=0x5344)+0x14 /sys/src/libthread/mips.c:10
launchermips(arg=0x0,f=0x5344)+0xfffffffffffffff8 /sys/src/libthread/xincmips.s:44
_string+0x118 /sys/src/libdraw/string.c:85
acid; lstk()
cachechars(f=0x9de28,ss=0xef0a4,rr=0x0,subfontname=0xeef98,max=0xfffffffa,cp=0xeefa8,wp=0xef074)+0x1c0 /sys/src/libdraw/font.c:98
	rp=0x68548
	wid=0x0
	i=0x0
	sp=0x4e9a0
	w=0x826cc
	vr=0xef028
	rw=0x0
	h=0x3a7a0
_string(len=0xfffffffa,f=0x9de28,.ret=0x680ec,s=0x40e60b,r=0x685ec,dst=0xa6708,op=0xb,bg=0xa67c8,src=0x9ae58,pt=0x1bf,clipr=0x4c,sp=0x0,bgp=0x0)+0x118 /sys/src/libdraw/string.c:85
	sptr=0xef0a4
	rptr=0x0
	sf=0x0
	cbuf=0x0
	wid=0x0
	subfontname=0x0
	n=0x0
stringnbg(src=0x9ae58,f=0x9de28,s=0x40e60b,len=0xfffffffa,bg=0xa67c8,dst=0xa6708,.ret=0x680ec,pt=0x1bf,sp=0x0,bgp=0x0)+0xd4 /sys/src/libdraw/stringbg.c:20
frdrawsel0(p0=0x3b,f=0x321398,.ret=0x680ec,p1=0x35,pt=0x1bf,back=0xa67c8,text=0x9ae58)+0x5a8 /sys/src/libframe/frdraw.c:105
	trim=0x1
	nb=0x0
	nr=0xfffffffa
	p=0x3b
	qt=0x40e60b
	b=0x391380
	ptr=0x40e60b
	w=0x0
frdrawsel(p0=0x3b,p1=0x35,issel=0x1,f=0xef178,pt=0x1bf)+0x110 /sys/src/libframe/frdraw.c:57
textsetselect(q0=0x3b,q1=0x35,t=0x321394)+0x198 /sys/src/cmd/acme/text.c:1093
	p1=0x35
	p0=0x3b
texttype(r=0x1b,t=0x321394)+0x930 /sys/src/cmd/acme/text.c:744
	nr=0x1
	rp=0xef1d4
	nnb=0x2ef14
	q0=0x23778
	q1=0x321380
	i=0x321380
	nb=0x237e4
	u=0x241
	n=0x2ee8c
wintype(t=0x321394,r=0x1b,w=0x321380)+0x20 /sys/src/cmd/acme/wind.c:308
	i=0x0
rowtype(row=0x77c50,p=0x1bf,r=0x1b)+0x118 /sys/src/cmd/acme/rows.c:408
	t=0x321394
	w=0x321380
keyboardthread()+0x168 /sys/src/cmd/acme/acme.c:398
	r=0x1b
	timer=0xe45a0
	t=0x321394
launchermips(arg=0x0,f=0x5344)+0x14 /sys/src/libthread/mips.c:10
launchermips(arg=0x0,f=0x5344)+0xfffffffffffffff8 /sys/src/libthread/xincmips.s:44
_string+0x118 /sys/src/libdraw/string.c:85
acid; *(0x391380\X+4)
<stdin>:7: (error) indir: can't translate address 0x22f
acid; *0x391380
0x0000022b
acid; *(0x391380\X+4)
0x0000005c

Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to [email protected].