-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Long command line "Out of Memory"; Set /E, SET /P bug #105
Comments
I decided to do a little more testing under FreeCOM 0.85b Changing the line While I do not claim that either VSTR or VMATH are bug free. Both those tools are used extensively by the FreeDOS installer to iterate through large lists and files. Any issue with those basic operations of those programs would have been encountered years ago. However to eliminate the possibility of some sort of bizarre interaction between VSTR/VMATH and FreeCOM, I created a simple text file containing 231 characters (+ CRLF, 233 bytes) called chars.txt and changed the batch to simply:
This produces similar results. The batch exited with an "Out of memory error." and returned to the command line. I typed "dir" and hit enter. It output something like the last image in my initial post and froze. I should mention that for all these tests of FreeCOM, the shell is started in non-permanent mode with a 2k environment. Only 431 bytes of the environment are in use and about 1.5K of the environment table is still free. |
@shidel the last example you mentioned, shouldn't the type | set line be included in the loop? I changed it accordingly but could not reproduce the error with set /p str= with either the 0.85a release and a Watcom build of 0.85b. However, deducing from the source there is a memory corruption occuring at Line 102 in 9ec4779
under the condition that the data has NO trailing CR and/or NL. The data is read here: Line 95 in 9ec4779
This reads up to promptBuffer=256 bytes into a 256 byte buffer. So value[1] becomes the 257th byte of the buffer. |
"Commandline longer than 125 characters" actually comes from the |
Update: Can reproduce it. It only took longer... |
This smells like a memory leak and is probably the cause of the trouble: Lines 688 to 693 in 9ec4779
If the command is too long, then evar is not freed.
|
On Jul 5, 2024, at 4:59 PM, Bernd Böckmann ***@***.***> wrote:
@shidel the last example you mentioned, shouldn't the type | set line be included in the loop?It did not need to be. Which made it even more interesting. I changed it accordingly but could not reproduce the error with set /p str= with either the 0.85a release and a Watcom build of 0.85b.Interesting you could not reproduce the issue.Initially was under 85Aa. And then I switched to 85b which I think ECM said was compiled with IA. When you used set /p did you feed it a file that had a single line over 230 characters?However it is possible that the bug only appears under the DOSBox kernel and not “pure” FreeDOS.
However, deducing from the source there is a memory corruption occuring at
https://github.com/FDOS/freecom/blob/9ec47792953100eea6c9a18b0bed34a4471a9a6a/cmd/set.c#L102
under the condition that the data has NO trailing CR and/or NL.
The data is read here:
https://github.com/FDOS/freecom/blob/9ec47792953100eea6c9a18b0bed34a4471a9a6a/cmd/set.c#L95
This reads up to promptBuffer=256 bytes into a 256 byte buffer. So value[1] becomes the 257th byte of the buffer.That could do it.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>
|
On Jul 5, 2024, at 5:37 PM, Bernd Böckmann ***@***.***> wrote:
Update: Can reproduce it. It only took longer...Ah, ok. :-)
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>
|
Regarding the placement of the lopping... Nope the It probably would do this without the (Side note: Basically VVIEW would reset to the start of the file after paging down a few dozen times. After some time I narrowed the problem down to the file buffering system. But after staring at that section for a long time, I just was not seeing the issue. However while looking at it, I realized that I was using a completely wrong process. I was thinking too much along the lines of programing in a HLL and not in ASM. It was far more efficient to change that piece entirely. So, I just rewrote that little section and the problem was solved.) |
@shidel can you confirm that the following binary does not run out of memory anymore? |
@boeckmann in part, yes. But, not completely and some other severe problems now exist... I dropped that build into DOSBox in the two places COMMAND.COM exist. The default FDAUTO.BAT used by the FreeDOS installer uses for hybrid mode froze during startup and did not return from the So, I renamed FDAUTO.BAT to avoid it starting when DOSBox launched. I then ran the new build as Crash test file contents:
So, I then I went and tried another test. Not running the default FDAUTO.BAT, I relaunched DOSBox and manually loaded the command and set the path. (Screen shot below) I ran |
Interesting. I can reproduce it. This only occurs when spawning an external process. So perhaps the history buffer gets corrupted when spawning a process or something similar is going on. I will try to find out what is going on... |
Also, I should have said that "Yes, SET /P seems to be working correctly" but "SET /E is now causing it to freeze immediately." with the build you sent me. :-) |
I think this was a bad binary. I rebuilt it and now this error does not occur anymore. I can spawn external processes and use the history. Strangely a single byte changed between the files, from 0x00 to 0x18?!? Can you try the newly uploaded one? I currently do not have the powertools installed in DosBox... |
Same URL? |
Looks good now. :-) It once again can start the default FDAUTO.BAT for the hybrid install inside DOSBox. Now, CRASH2 and CRASH3 still work and do not crash. CRASH1 using V8Power Tools, ran through the 50 iterations without issue. I increased it to 1000. No problem detected. Ran The Long command line "Out of Memory" SET /E and SET /P issue appears to be fixed now. :-) |
Great. But I wonder what caused the changed byte. Perhaps some .OBJs of different build modes or languages got mixed up. I aborted some builds by CTRL+C. Will do a clean build to see if it still outputs a working version. |
Yes, clean build still works. So I will prepare a merge request for this. |
There is also testing the build when compiled with IA32. |
You mean GCC-IA16? |
Yeah, that one. Don't know why I said 32. at least I didn't say IA256. :-) |
I added this to my 0.85_fixes branch there is a merge request open which fixes also the quotation of the exe name. |
This test was performed on FreeCOM running inside DOSBox using the DOSBox kernel.
I'm sorry, I wasn't thinking and did something dumb in a batch file which caused FreeCOM to break... Again.
My intent was to create a simple crazy big text file for some testing. I was doing this using a couple V8Power Tools programs using this batch:
The
vstr /r 235 /c 0xfe
is repeat the next option 235 times, the next option being output ASCII 0xfe to StdOut.The
vmath %line% + 1
is add 1 to %line%The
vmath %line% /h
is output result as hexadecimal.The obviously dumb thing I did was repeating the character 235 times. This exceeds the maximum line length of 125 characters in batch files. Running this batch resulted in this output:
All of those errors about the length exceeding the maximum should be expected. However, the "out of memory error." was a surprise. Even more of a surprise is that the error is non-recoverable and required closing DOSBox.
By reducing the number of repeated output characters to a sane number like 40, the batch will happily iterate through the requested lines until the max value is reached without any issues.
If I
REM
out theecho %hex% %str%
and keep the 235 character output, the issue still occurs.So, I ran a bunch of tests using different repeat counts. Everything worked fine until I used 231 characters for the repeat count. Then the Out of Memory Error occurs.
Interestingly, at 230 characters the batch generates no errors and creates output like this:
I just realized I should perform this test under the latest FreeCOM build created by ECM. It is actually worse. When run it looks like this:
However, after pressing a key. It sometimes causes DOSBox to close. It sometimes generates things like this and freezes:
Like the older version of FreeCOM, the latest build is fine if the repeated character length is 230 or less.
The text was updated successfully, but these errors were encountered: