#26 segfault in actions.cc

closed-fixed
None
7
2007-04-26
2007-04-26
Jakob Hirsch
No

Happens in 0.10.8, 0.11.3 and trunk.

Example file is attached (auto-generated by sa-compile of SpamAssassin 3.2.0-rc3)

$ gdb /tmp/re2c
GNU gdb Red Hat Linux (6.5-15.fc6rh)
...
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run -i -b -o scanner1.c scanner1.re
Starting program: /tmp/re2c -i -b -o scanner1.c scanner1.re

Program received signal SIGSEGV, Segmentation fault.
0x08062a8d in re2c::MatchOp::split (this=0x833c5c0, s=@0xbfbc8388) at actions.cc:290
290 CharPtn *x = s.rep[c], *a = x->nxt;
(gdb) p c
$1 = 2807696
(gdb) p r->lb
$2 = 2807696
(gdb) bt full
#0 0x08062a8d in re2c::MatchOp::split (this=0x833c5c0, s=@0xbfbc8388) at actions.cc:290
x = (re2c::CharPtn *) 0x833c540
a = (re2c::CharPtn *) 0xbfbc8388
c = 2807696
r = (re2c::Range *) 0x833c598
#1 0x08062ee0 in re2c::CatOp::split (this=0x833c5e8, s=@0xbfbc8388) at actions.cc:445
No locals.
#2 0x08062ec1 in re2c::CatOp::split (this=0x833c668, s=@0xbfbc8388) at actions.cc:444
No locals.
...
#170 0x08062d47 in re2c::AltOp::split (this=0x83befc8, s=@0xbfbc8388) at actions.cc:412
No locals.
#171 0x08063808 in re2c::genCode (o=@0xbfbc86f8, ind=@0x8077240, re=0x83befc8, specMap=0x0, condName=@0xbfbc843c, isLastCond=false)
at actions.cc:1012
cs = {fix = 0x0, freeHead = 0x83bf664, freeTail = 0x83bfffc, rep = 0x83beff8, ptn = 0x83bf400}
j = 3009063
rep = (Char *) 0x806d00b
ins = (re2c::Ins *) 0x806d00b
eoi = (re2c::Ins *) 0xbfbc8443
dfa = (re2c::DFA *) 0xba5f0b
#172 0x08060922 in re2c::parse (i=@0xbfbc8788, o=@0xbfbc86f8, h=0x0) at parser.y:422
__PRETTY_FUNCTION__ = "void re2c::parse(re2c::Scanner&, std::ostream&, std::ostream*)"
#173 0x0805bab4 in main (argc=6, argv=0xbfbc88f4) at main.cc:374
null_source = {<re2c::basic_fstream_lc<char,std::basic_istream<char, std::char_traits<char> >,_S_in,std::char_traits<char> >> = {<> = {<No data fields>}, <re2c::line_number> = {_vptr.line_number = 0x806cb60}, mybuf = 0x8308448}, <No data fields>}
null_dev = {<> = {<No data fields>}, null_buf = 0x83085e8}
null_scanner = {<re2c::line_number> = {_vptr.line_number = 0x806e0a8}, in = @0xbfbc84a0, out = @0xbfbc86f8,
bot = 0x8368aa0 "\n\t\"auslaenderkriminalitaet\"", ' ' <repeats 12 times>, "{RET(\"__ZMIRASSISMUSBD_10\");}\n\t\"auslaendischer 'gesundheitstouristen'\"", ' ' <repeats 12 times>, "{RET(\"__DOS_BODY_SUN __ZMIRASSISMUSBD_9\");}\n\t\"ausweitung unseres marketings und"...,
tok = 0x836a505 "\n}\n", ptr = 0x836a4f3 " return NULL; }\n*/\n}\n", cur = 0x836a505 "\n}\n", pos = 0x836a503 "*/\n}\n",
lim = 0x836a508 "", top = 0x836aaa1 "", eof = 0x836a509 "", ctx = 0x0, tchar = 0, tline = 215, cline = 215, iscfg = 0}
c = -1
sourceFileName = 0xbfbca675 "scanner1.re"
outputFileName = 0xbfbca66a "scanner1.c"
headerFileName = 0x0
source = {<re2c::basic_fstream_lc<char,std::basic_istream<char, std::char_traits<char> >,_S_in,std::char_traits<char> >> = {<> = {<No data fields>}, <re2c::line_number> = {_vptr.line_number = 0x806cb60}, mybuf = 0x8308050}, <No data fields>}

Tried compiling without -O2, no change.

$ gcc -v
Using built-in specs.
Target: i386-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-libgcj-multifile --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --enable-plugin --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre --with-cpu=generic --host=i386-redhat-linux
Thread model: posix
gcc version 4.1.1 20070105 (Red Hat 4.1.1-51)

$ g++ -v
Using built-in specs.
Target: i386-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-libgcj-multifile --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --enable-plugin --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre --with-cpu=generic --host=i386-redhat-linux
Thread model: posix
gcc version 4.1.1 20070105 (Red Hat 4.1.1-51)

Discussion

  • Jakob Hirsch
    Jakob Hirsch
    2007-04-26

    crashing on this file

     
    Attachments
  • Marcus Börger
    Marcus Börger
    2007-04-26

    • priority: 5 --> 7
    • assigned_to: nobody --> helly
     
  • Marcus Börger
    Marcus Börger
    2007-04-26

    Logged In: YES
    user_id=271023
    Originator: NO

    For the moment you could try an older gcc. Version 4.0 appears to work for me.

     
  • Jakob Hirsch
    Jakob Hirsch
    2007-04-26

    Logged In: YES
    user_id=1779537
    Originator: YES

    Ok, I've tried gcc/g++ 3.4.6 (compat-gcc-34-c++ from FC6) and it works. The code re2c generates is the same (I think, at least :), so that's ok. Thanks for the hint.

     
  • Marcus Börger
    Marcus Börger
    2007-04-26

    Logged In: YES
    user_id=271023
    Originator: NO

    Actually i highly suggest you use cvs version of either 0.12.0 (unreleased) or even HEAD. It appears the generated code is wrong using the older re2c versions. I discoverd this while fixing the crash. So in 0.12.0 and HEAD both issues are resolved.

     
  • Marcus Börger
    Marcus Börger
    2007-04-26

    • status: open --> closed-fixed
     
  • Jakob Hirsch
    Jakob Hirsch
    2007-04-27

    Logged In: YES
    user_id=1779537
    Originator: YES

    Ok, I updated trunk to revision 710, and now it runs fine, even if compiled with gcc/g++ 4.1.1. Thanks for the quick fix.
    Would you recommend using trunk or tags/RELEASE_0_12_0?

     
  • Marcus Börger
    Marcus Börger
    2007-04-27

    Logged In: YES
    user_id=271023
    Originator: NO

    You should go with 0.12.0 which i will release around 1st may, testing it on different platforms meanwhile. Trunk version comes with a major non ready feature addition. That feature required a change in the generated code. For that no feedback is available yet. But you are of course always welcome to try trunk.