#8 stack corruption when generating a java parser

v1.x
closed-fixed
code (8)
5
2014-08-13
2007-01-18
sfjim
No

It appears that something on the stack is getting corrupted during the course of the parse.
If recompiled using c, the type returned is correct with the same grammer.

When running the parser the following 2 prints should show the same class returned from function_header:

when $1 is displayed after function_header, function_header(1) show the correct java type returned from function_header: TFunctionHeader@

when $1 is displayed after parsing the rest of the production the result is:
TStatement@

Code snippet:

function_definition:
function_header
{
System.out.println( "function_header(1) = " + $1 );
}
param_declaration_list
{
}
compound_statement
{
// this generates a run-time ClassCastException error
TFunctionHeader fh = (TFunctionHeader)$1;
}
;

function_header:
processed_attributes
declarator
{
TFunctionHeader funh;
System.out.println( "function_header(2) = " + $1 );
funh = new TFunctionHeader( (TDeclarator)$2 );
$$ = funh;
}
| declarator
{
TFunctionHeader funh;
funh = new TFunctionHeader( (TDeclarator)$1 );
$$ = funh;
}
;

Discussion

  • Tomas Hurka

    Tomas Hurka - 2007-01-18

    Logged In: YES
    user_id=482413
    Originator: NO

    Can you please attach whole grammar together with some input to reproduce the problem. Thanks.

     
  • Tomas Hurka

    Tomas Hurka - 2007-01-18
    • milestone: --> v1.x
    • status: open --> pending
     
  • sfjim

    sfjim - 2007-01-19

    yacc grammer file

     
  • sfjim

    sfjim - 2007-01-19
    • status: pending --> open
     
  • sfjim

    sfjim - 2007-01-19

    Logged In: YES
    user_id=1693793
    Originator: YES

    For privacy reasons I have attached a pruned grammer file which still exhibits the problem outlined. The results below uses the following as input:

    main
    {
    }

    The results I see are:
    function_definition:function_header(1) = com.verisign.testtool.NodeManagement.TFunctionHeader@13f5d07
    function_header(2) = com.verisign.testtool.NodeManagement.TFunctionHeader@13f5d07
    function_header(3) = com.verisign.testtool.NodeManagement.TStatement@1a16869
    compound_statement = com.verisign.testtool.NodeManagement.TStatement@1a16869
    function_header = com.verisign.testtool.NodeManagement.TFunctionHeader@13f5d07

    After the following production, $1 and $5 are the same.
    $1 should be a TFunctionHeader
    $5 should be a TStatement

    function_definition:
    function_header
    {
    }
    param_declaration_list
    {
    }
    compound_statement
    {
    }
    ;

    File Added: byacc_parser.y

     
  • Tomas Hurka

    Tomas Hurka - 2007-02-03

    Logged In: YES
    user_id=482413
    Originator: NO

    Thanks for the grammar file.

     
  • Ashgan Fararooy

    Ashgan Fararooy - 2008-10-18

    I think I have faced the same bug while I was trying to parse a sample input
    file using my grammar; however, I was unable to reproduce the bug using
    "sfjim"'s grammar to make sure if it is the same one. I was wondering if the
    bug is fixed and a new patch has been released?

    I believe I have found both the reason of the problem and the solution to fix
    it (if it's not already fixed), but I don't know how to post (attach) my
    problematic grammar here along with everything that is needed for reproducing
    the problem. Please let me know how to do it.

    Thanks,
    A F

     
  • Tomas Hurka

    Tomas Hurka - 2008-11-11

    I was able to reproduce the problem - thanks for the grammar. The problem occurs only if you use byaccj-generated ParserVal as semantic value. yyval is incorrectly initialize to point to already existing yyval and as you already find out, its value for ival, dval, sval or obj subsequently rewritten by reduce operation. The problem is caused by the fast that C created new copy when you assign struct or union, while in Java the same union is represented by instance of ParserVal and assignment does not create new instance of ParserVal.

    yyval is currently initialized for reducing in the code bellow:
    -----
    yym = yylen[yyn]; //get count of terminals on rhs
    if (yydebug)
    debug("state "+yystate+", reducing "+yym+" by rule "+yyn+" ("+yyrule[yyn]+")");
    if (yym>0) //if count of rhs not 'nil'
    yyval = val_peek(yym-1);
    ------
    The line
    yyval = val_peek(yym-1);

    implements default user action $$ = $1;
    The fix will create copy of $1 assign it to $$ and if there is no right-hand-side, it will create new instance of ParserVal and assign it to yylval. This code should be there only if semanic value is ParserVal, other cases (with user defined semantic type and primitive semantic type) will use the current logic.

     
  • Tomas Hurka

    Tomas Hurka - 2008-11-14
    • status: open --> closed-fixed
     
  • Tomas Hurka

    Tomas Hurka - 2008-11-14

    Fixed in trunk.
    Checking in output.c;
    /cvsroot/byaccj/1.1/src/output.c,v <-- output.c
    new revision: 1.10; previous revision: 1.9
    done
    Checking in skeleton.c;
    /cvsroot/byaccj/1.1/src/skeleton.c,v <-- skeleton.c
    new revision: 1.11; previous revision: 1.10
    done

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks