search

lcn2 / calc

C-style arbitrary precision calculator
http://www.isthe.com/chongo/tech/comp/calc/index.html
Other
358 stars 51 forks source link

Seg fault caused by dereferencing null pointer when calculating tan(x) or cot(x) #1

Closed uxhg closed 6 years ago

uxhg commented 6 years ago

While sin(x) and cos(x) prompted a "too large argument" error, calculating tan(x) and cot(x) with x being a big complex number led to a crash.

C-style arbitrary precision calculator (version 2.12.6.7)
Calc is open software. For license details type:  help copyright
[Type "exit" to exit, or "help" for help.]

; a=sin(2E9i)
; strerror(a)
    "Too-large im(argument) for sin"
; b=cos(2E9i)
; strerror(b)
    "Too-large im(argument) for cos"
; tan(2E9i)
[1]    24579 segmentation fault  ../calc/calc

; cot(2E9i)
[1]    24771 segmentation fault  ../calc/calc

Re-run with ASAN shows it was a member access within null pointer of type 'struct COMPLEX'

value.c:2343:11: runtime error: member access within null pointer of type 'struct COMPLEX'
ASAN:DEADLYSIGNAL
=================================================================
==25345==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x560dbd2c6fbe bp
 0x7ffd4b8373a0 sp 0x7ffd4b837300 T0)
    #0 0x560dbd2c6fbd in testvalue /home/user/Projects/calc/value.c:2343
    #1 0x560dbd2c3041 in divvalue /home/user/Projects/calc/value.c:2109
    #2 0x560dbd18cb4e in f_cot /home/user/Projects/calc/func.c:2319
    #3 0x560dbd1d7bb1 in builtinfunc /home/user/Projects/calc/func.c:9195
    #4 0x560dbd226722 in o_call /home/user/Projects/calc/opcodes.c:2726
    #5 0x560dbd22e7da in calculate /home/user/Projects/calc/opcodes.c:3918
    #6 0x560dbd1622aa in evaluate /home/user/Projects/calc/codegen.c:293
    #7 0x560dbd161f2a in getcommands /home/user/Projects/calc/codegen.c:223
    #8 0x560dbd1600ad in main /home/user/Projects/calc/calc.c:619
    #9 0x7fe1bb87d2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
    #10 0x560dbd15c809 in _start (/home/user/Projects/calc/calc+0x2ae809)
lcn2 commented 6 years ago

Hello,

Thank you for the bug report. We have reproduced the error:

C-style arbitrary precision calculator (version 2.12.6.8) Calc is open software. For license details type: help copyright [Type "exit" to exit, or "help" for help.]

; a=sin(2E9i) ; strerror(a) "Too-large im(argument) for sin" ; b=cos(2E9i) ; strerror(b) "Too-large im(argument) for cos" ; tan(2E9i) Segmentation fault: 11

with the most recent pre-release (2.12.6.8) and are working on a fix.

lcn2 commented 6 years ago

Hello,

We have a potential fix for this class of bug that we are testing for calc version 2.12.6.9.

lcn2 commented 6 years ago

The following are the changes from calc version 2.12.6.9 to date:

Fixed a number of core dump bugs related to the calculation of
tan(), cot(), sec(), csc(), tanh(), coth(), sech(), and csch(),
asin(), acos(), asinh(), acosh(), where when a call to an
underlying function produced an invalid value.  Thanks goes to
github user wuxiuheng for reporting this problem.

A number of trigonometric and hyperbolic functions that incorrectly
returned E_LOGINF, now return a new error code that is more
specific to the trigonometric or hyperbolic function.  The
following is a list of these new error codes: E_TAN3 E_TAN4
E_COT3 E_COT4 E_SEC3 E_CSC3 E_TANH3 E_TANH4 E_COTH3 E_COTH4
E_SECH3 E_CSCH3 E_ASIN3 E_ACOS3 E_ASINH3 E_ACOSH3 E_ATAN3 E_ACOT3
E_ASEC3 E_ACSC3 E_ATANH3 E_ACOTH3 E_ASECH3 E_ACSCH3.

When calc version 2.12.6.9 is released, this issue will be fixed.

lcn2 commented 6 years ago

FYI: Pushed the above mentioned fix to the master branch, along with some regression tests.