subject:"Bug#667443\: cxref dumps core with function def with function pointer"

Bug#667443: cxref dumps core with function def with function pointer

2012-04-07 Thread Camm Maguire

forwarded 667443 a...@gedanken.demon.co.uk
thanks

Greetings!  Here is the other issue, a segfault on input function
pointer definitions.

Any thoughts most appreciated!

Take care,
=
Subject: Bug#667443: cxref dumps core with function def with function pointer
Reply-To: John Vogel jvog...@stny.rr.com, 667...@bugs.debian.org
Resent-From: John Vogel jvog...@stny.rr.com
Resent-To: debian-bugs-dist@lists.debian.org
Resent-CC: jvog...@stny.rr.com, Camm Maguire c...@debian.org
Resent-Sender: ow...@bugs.debian.org
X-Spam-Status: No, score=-8.2 required=4.0 tests=BAYES_00,FOURLA,
FVGT_m_MULTI_ODD,HAS_PACKAGE,HELO_LH_HOME,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,
RDNS_DYNAMIC,SPF_SOFTFAIL,XMAILER_REPORTBUG,X_DEBBUGS_CC autolearn=ham
version=3.3.1-bugs.debian.org_2005_01_02
Content-Type: multipart/mixed; boundary2027944269885848456==
From: John Vogel jvog...@stny.rr.com
To: Debian Bug Tracking System sub...@bugs.debian.org
Date: Wed, 04 Apr 2012 02:09:25 -0400

[1:text/plain Hide]
Package: cxref
Version: 1.6c-3
Severity: normal

Greetings,

When cxref encounters a function definition that contains a pointer to function
in the arguments, it segfaults. I have included a smal test file that
demonstrates what I'm seeing. The command line I'm using to reproduce this is:

cxref -xref -CPP -E -CC -dD -dI cxref-bomb.c

Trying to use cxref-cpp prevents the segfault, but output is empty except for
the default header from cxref. Switching the comment from the int (*f)(int,int)
to the int f is enough to get cxref through without segfaulting.

I've spent some time trying to get a handle on the fault, but I seems to lead
to the lexer or more likely the parser. If I get some time I'll try to dig
deeper on this. Maybe later this month.

Thanks for your time and efforts

-John



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (800, 'testing'), (500, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cxref depends on:
ii  debconf [debconf-2.0]  1.5.42
ii  gcc4:4.6.3-4
ii  libc6  2.13-27

cxref recommends no packages.

Versions of packages cxref suggests:
ii  cxref-doc1.6c-3
ii  iceweasel [www-browser]  10.0.3esr-3
ii  lynx-cur [www-browser]   2.8.8dev.12-2
ii  texlive-binaries 2011.20120328-1

-- Configuration Files:
/etc/cxref/config changed [not included]
/etc/cxref/cxref-cpp.defines changed [not included]
[2:text/x-c Show Save:cxref-bomb.c (537B)]
=

-- 
Camm Maguirec...@maguirefamily.org
==
The earth is but one country, and mankind its citizens.  --  Baha'u'llah



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#667443: cxref dumps core with function def with function pointer

2012-04-07 Thread Andrew M. Bishop

Camm Maguire c...@maguirefamily.org writes:

 =
 Subject: Bug#667443: cxref dumps core with function def with function pointer
 Reply-To: John Vogel jvog...@stny.rr.com, 667...@bugs.debian.org

...

 When cxref encounters a function definition that contains a pointer to 
 function
 in the arguments, it segfaults. I have included a smal test file that
 demonstrates what I'm seeing. The command line I'm using to reproduce this is:

 cxref -xref -CPP -E -CC -dD -dI cxref-bomb.c

 Trying to use cxref-cpp prevents the segfault, but output is empty except for
 the default header from cxref. Switching the comment from the int 
 (*f)(int,int)
 to the int f is enough to get cxref through without segfaulting.

 I've spent some time trying to get a handle on the fault, but I seems to lead
 to the lexer or more likely the parser. If I get some time I'll try to dig
 deeper on this. Maybe later this month.

The code causing the problem is:

 cxref-bomb.c 
int
f3 (a, b, f)
int a, b;
int (*f)(int, int);
/*int f;*/
{
return f(a, b);
}
 cxref-bomb.c 

This is a known bug in cxref (since about 6 months ago) and not one
that I plan to fix.

The bug reporter is correct, this is a bug and part of the valid C
language syntax that is not handled correctly.  The code that needs to
be fixed is in the parser (not the lexer) but it is in the middle of
the code for handling function definitions that gets confused by
seeing a second function definition.  I tried looking for a fix when
the bug was originally reported to me, but it was difficult because
this part of the code is quite fragile.

The reason that I don't plan to fix the problem is that this old style
code has been deprecated for about 20 years, the bug has been reported
only recently, the code is fragile in this area (hence a fix could
break something else) and the change needed in the code is simple.

If the code is changed to that shown below then it works.

int
f3(int a, int b, int (*f)(int, int))
{
return f(a, b);
}

If the segfault is not a desired outcome then I could probably detect
the problem and assert an error instead of just crashing.

-- 
Andrew.
--
Andrew M. Bishop a...@gedanken.demon.co.uk
  http://www.gedanken.demon.co.uk/

Cxref homepage: http://www.gedanken.demon.co.uk/cxref/



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#667443: cxref dumps core with function def with function pointer

2012-04-04 Thread John Vogel

Package: cxref
Version: 1.6c-3
Severity: normal

Greetings,

When cxref encounters a function definition that contains a pointer to function
in the arguments, it segfaults. I have included a smal test file that
demonstrates what I'm seeing. The command line I'm using to reproduce this is:

cxref -xref -CPP -E -CC -dD -dI cxref-bomb.c

Trying to use cxref-cpp prevents the segfault, but output is empty except for
the default header from cxref. Switching the comment from the int (*f)(int,int)
to the int f is enough to get cxref through without segfaulting.

I've spent some time trying to get a handle on the fault, but I seems to lead
to the lexer or more likely the parser. If I get some time I'll try to dig
deeper on this. Maybe later this month.

Thanks for your time and efforts

-John



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (800, 'testing'), (500, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cxref depends on:
ii  debconf [debconf-2.0]  1.5.42
ii  gcc4:4.6.3-4
ii  libc6  2.13-27

cxref recommends no packages.

Versions of packages cxref suggests:
ii  cxref-doc1.6c-3
ii  iceweasel [www-browser]  10.0.3esr-3
ii  lynx-cur [www-browser]   2.8.8dev.12-2
ii  texlive-binaries 2011.20120328-1

-- Configuration Files:
/etc/cxref/config changed [not included]
/etc/cxref/cxref-cpp.defines changed [not included]
/* cxref-bomb.c */
#include stdio.h

int
f1 (a, b)
int a, b;
{
return a + b;
}

int
f2 (a, b)
int a, b;
{
return a * b;
}

int
f3 (a, b, f)
int a, b;
int (*f)(int, int);
/*int f;*/
{
return f(a, b);
}

int
main (argc, argv)
int argc;
char *argv[];
{
int d = 1, e =2;
int g, h;
int (*fp)(int,int);

/*  g = f3(d, e, f1);
h = f3(d, e, f2);*/


fp = f1;
g = fp(d, e);
fp = f2;
h = fp(d, e);

printf (d=%d e=%d d+e=g=%d d*e=h=%d\n, d, e, g, h);
return 0;
}

Bug#667443: cxref dumps core with function def with function pointer

Bug#667443: cxref dumps core with function def with function pointer

Bug#667443: cxref dumps core with function def with function pointer

3 matches

Site Navigation

Mail list logo

Footer information