cdfnor() crashes Scilab macOS/arm64 build
Bug Description
cdfnor() crashes Scilab macOS/arm64 build
Steps to reproduce
cdfnor("PQ",-1,0,1)
Error log
--> cdfnor("PQ",-1,0,1)
A fatal error has been detected by Scilab.
Please check your user-defined functions (or external module ones) should they appear in the stack trace.
Otherwise you can report a bug on https://gitlab.com/scilab/scilab/-/issues with:
* a sample code which reproduces the issue
* the result of [a, b] = getdebuginfo()
* the following information:
[portmottelet-cr-1:04033] Signal: Segmentation fault: 11 (11)
[portmottelet-cr-1:04033] Signal code: Invalid permissions (2)
[portmottelet-cr-1:04033] Failing at address: 0x2
Call stack:
1: 0x4348 <CdfBase> (/Users/mottelet/git/scilab.fork/scilab/modules/statistics/.libs/libscistatistics.2024.dylib)
2: 0x4348 <CdfBase> (/Users/mottelet/git/scilab.fork/scilab/modules/statistics/.libs/libscistatistics.2024.dylib)
3: 0x3aa8 <cdf_generic> (/Users/mottelet/git/scilab.fork/scilab/modules/statistics/.libs/libscistatistics.2024.dylib)
4: 0x2e58 <sci_cdfnor> (/Users/mottelet/git/scilab.fork/scilab/modules/statistics/.libs/libscistatistics.2024.dylib)
5: 0x2d7bc0 <_ZN5types12WrapFunction4callERNSt3__16vectorIPNS_12InternalTypeENS1_9allocatorIS4_EEEERNS1_13unordered_mapINS1_12basic_stringIwNS1_11char_traitsIwEENS5_IwEEEES4_NS1_4hashISE_EENS1_8equal_toISE_EENS5_INS1_4pairIKSE_S4_EEEEEEiS8_> (/Users/mottelet/git/scilab.fork/scilab/modules/ast/.libs/libsciast.2024.dylib)
6: 0x2d8f74 <_ZN5types15DynamicFunction4callERNSt3__16vectorIPNS_12InternalTypeENS1_9allocatorIS4_EEEERNS1_13unordered_mapINS1_12basic_stringIwNS1_11char_traitsIwEENS5_IwEEEES4_NS1_4hashISE_EENS1_8equal_toISE_EENS5_INS1_4pairIKSE_S4_EEEEEEiS8_> (/Users/mottelet/git/scilab.fork/scilab/modules/ast/.libs/libsciast.2024.dylib)
7: 0x2ce698 <_ZN5types8Callable6invokeERNSt3__16vectorIPNS_12InternalTypeENS1_9allocatorIS4_EEEERNS1_13unordered_mapINS1_12basic_stringIwNS1_11char_traitsIwEENS5_IwEEEES4_NS1_4hashISE_EENS1_8equal_toISE_EENS5_INS1_4pairIKSE_S4_EEEEEEiS8_RKN3ast3ExpE> (/Users/mottelet/git/scilab.fork/scilab/modules/ast/.libs/libsciast.2024.dylib)
8: 0x25cc4 <_ZN3ast11RunVisitorTINS_11ExecVisitorEE12visitprivateERKNS_7CallExpE> (/Users/mottelet/git/scilab.fork/scilab/modules/ast/.libs/libsciast.2024.dylib)
9: 0x1b9bc <_ZN3ast11RunVisitorTINS_11ExecVisitorEE12visitprivateERKNS_6SeqExpE> (/Users/mottelet/git/scilab.fork/scilab/modules/ast/.libs/libsciast.2024.dylib)
10: 0x1054c8 <_ZN12StaticRunner6launchEv> (/Users/mottelet/git/scilab.fork/scilab/modules/.libs/libscilab-cli.2024.dylib)
11: 0xfb42c <RunScilabEngine> (/Users/mottelet/git/scilab.fork/scilab/modules/.libs/libscilab-cli.2024.dylib)
12: 0x11364 <main> (/Users/mottelet/git/scilab.fork/scilab/.libs/scilab-cli-bin)
13: 0x18430 <start> (/usr/lib/system/libdyld.dylib)
End of stack
Running in debugger gives:
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x2)
frame #0: 0x0000000100f879c0 libscistatistics.2024.dylib`cdfnor_ at cdfnor.f:123:72
120 C
121 C Check arguments
122 C
-> 123 status = 0
124 IF (.NOT. ((which.LT.1).OR. (which.GT.4))) GO TO 30
125 IF (.NOT. (which.LT.1)) GO TO 10
126 bound = 1.0D0
There is also warnings during the link that may be related for many functions, of which cdfnor
et cdfbet
:
ld: warning: could not create compact unwind for _cdfnor_: registers 25 and 26 not saved contiguously in frame
ld: warning: could not create compact unwind for _cdfbet_: registers 27 and 28 not saved contiguously in frame
For cdfbet
I also have a crash but the bad access is occurring elsewhere:
--> [p,q]=cdfbet('PQ',x,y,A,B);
libscilab-cli.2024.dylib was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 25113 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x2)
frame #0: 0x000000010034b23c libscilab-cli.2024.dylib`isanan_ at isanan.c:34:17 [opt]
31 #ifdef _MSC_VER
32 return (_isnan(*x) == 1);
33 #else
-> 34 return ((!( *x <= 1.0 )) && (!( *x >= 1.0 )));
35 #endif
36 }
37
The function cdfbet
and cdfnor
are called in CdfBase()
by using their function pointer:
for (i = 0; i < rows[0] * cols[0]; ++i)
{
switch (inarg + oarg)
{
case 4: /* cdfchi, cdfpoi, cdft */
(*fun)(&which, &(data[callpos(0)][i]), &(data[callpos(1)][i]), &(data[callpos(2)][i]), &(data[callpos(3)][i]), &errlevel, &bound);
break;
case 5: /* cdfchn, cdff, cdfgam, cdfnor */
(*fun)(&which, &(data[callpos(0)][i]), &(data[callpos(1)][i]), &(data[callpos(2)][i]), &(data[callpos(3)][i]), &(data[callpos(4)][i]), &errlevel, &bound);
break;
case 6: /* cdfbet, cdfbin, cdffnc, cdfnbn, */
(*fun)(&which, &(data[callpos(0)][i]), &(data[callpos(1)][i]), &(data[callpos(2)][i]), &(data[callpos(3)][i]), &(data[callpos(4)][i]), &(data[callpos(5)][i]), &errlevel, &bound);
break;
}
if (errlevel != 0)
{
cdf_error(fname, errlevel, bound);
return 1;
}
}
with a very ugly C call using a function pointer and different numbers of arguments, which is allowed by the prototype
int CdfBase(char const * const fname, void* pvApiCtx, int inarg, int oarg, int shift, int which, int (*fun)(int *, ...));
I guess that the prototype int (*fun)(int *, ...)
is the stuff that causes the linker warnings.
Edited by Stéphane MOTTELET