Segfault in Renderer::isNatural

Here you can discuss and share functionality improvements and helper programs to make Context Free better.

Moderators: MtnViewJohn, chris, mtnviewmark

Post Reply
User avatar
pakin
Posts: 43
Joined: Sat Apr 21, 2007 8:59 pm
Location: United States
Contact:

Segfault in Renderer::isNatural

Post by pakin »

On 32-bit Debian Linux/x86, the following code segfaults:

Code: Select all

startshape begin

shape problem(natural thing) { SQUARE [ ] }

shape begin { problem(0) [ ] }
Here's what Valgrind reports:

Code: Select all

$ valgrind cfdg -s 512 badness.cfdg -o badness.png
==4104== Memcheck, a memory error detector
==4104== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==4104== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
==4104== Command: cfdg -s 512 badness.cfdg -o badness.png
==4104==
Reading rules file badness.cfdg
Restarting as a version 3 design
Compiling 2nd phase
==4104== Invalid read of size 8
==4104==    at 0x804C184: Renderer::isNatural(double) (cfdg.cpp:180)
==4104==    by 0x809DC04: EvalArgs(Renderer*, StackType const*, iterator&, AST::ASTexpression const*, bool) (stacktype.cpp:355)
==4104==    by 0x809DE0F: StackType::evalArgs(Renderer*, AST::ASTexpression const*, StackType const*) (stacktype.cpp:385)
==4104==    by 0x8089B1D: AST::ASTruleSpecifier::evalArgs(Renderer*, StackType const*) const (astexpression.cpp:560)
==4104==    by 0x808A57B: AST::ASTruleSpecifier::ASTruleSpecifier(int, std::string const&, std::auto_ptr<AST::ASTexpression>, yy::location const&, std::vector<AST::ASTparameter, std::allocator<AST::ASTparameter> > const*, std::vector<AST::ASTparameter, std::allocator<AST::ASTparameter> > const*) (astexpression.cpp:465)
==4104==    by 0x80636BB: Builder::MakeRuleSpec(std::string const&, std::auto_ptr<AST::ASTexpression>, yy::location const&) (builder.cpp:632)
==4104==    by 0x80638F7: Builder::MakeElement(std::string const&, std::auto_ptr<AST::ASTmodification>, std::auto_ptr<AST::ASTexpression>, yy::location const&, bool) (builder.cpp:747)
==4104==    by 0x80B4939: yy::CfdgParser::parse() (cfdg.ypp:735)
==4104==    by 0x804C7CB: CFDG::ParseFile(char const*, AbstractSystem*, int) (cfdg.cpp:137)
==4104==    by 0x80A6E23: main (main.cpp:370)
==4104==  Address 0x30 is not stack'd, malloc'd or (recently) free'd
==4104==
==4104==
==4104== Process terminating with default action of signal 11 (SIGSEGV)
==4104==  Access not within mapped region at address 0x30
==4104==    at 0x804C184: Renderer::isNatural(double) (cfdg.cpp:180)
==4104==    by 0x809DC04: EvalArgs(Renderer*, StackType const*, iterator&, AST::ASTexpression const*, bool) (stacktype.cpp:355)
==4104==    by 0x809DE0F: StackType::evalArgs(Renderer*, AST::ASTexpression const*, StackType const*) (stacktype.cpp:385)
==4104==    by 0x8089B1D: AST::ASTruleSpecifier::evalArgs(Renderer*, StackType const*) const (astexpression.cpp:560)
==4104==    by 0x808A57B: AST::ASTruleSpecifier::ASTruleSpecifier(int, std::string const&, std::auto_ptr<AST::ASTexpression>, yy::location const&, std::vector<AST::ASTparameter, std::allocator<AST::ASTparameter> > const*, std::vector<AST::ASTparameter, std::allocator<AST::ASTparameter> > const*) (astexpression.cpp:465)
==4104==    by 0x80636BB: Builder::MakeRuleSpec(std::string const&, std::auto_ptr<AST::ASTexpression>, yy::location const&) (builder.cpp:632)
==4104==    by 0x80638F7: Builder::MakeElement(std::string const&, std::auto_ptr<AST::ASTmodification>, std::auto_ptr<AST::ASTexpression>, yy::location const&, bool) (builder.cpp:747)
==4104==    by 0x80B4939: yy::CfdgParser::parse() (cfdg.ypp:735)
==4104==    by 0x804C7CB: CFDG::ParseFile(char const*, AbstractSystem*, int) (cfdg.cpp:137)
==4104==    by 0x80A6E23: main (main.cpp:370)
==4104==  If you believe this happened as a result of a stack
==4104==  overflow in your program's main thread (unlikely but
==4104==  possible), you can try to increase the size of the
==4104==  main thread stack using the --main-stacksize= flag.
==4104==  The main thread stack size used in this run was 8388608.
==4104==
==4104== HEAP SUMMARY:
==4104==     in use at exit: 130,404 bytes in 322 blocks
==4104==   total heap usage: 573 allocs, 251 frees, 223,542 bytes allocated
==4104==
==4104== LEAK SUMMARY:
==4104==    definitely lost: 0 bytes in 0 blocks
==4104==    indirectly lost: 0 bytes in 0 blocks
==4104==      possibly lost: 1,238 bytes in 58 blocks
==4104==    still reachable: 129,166 bytes in 264 blocks
==4104==         suppressed: 0 bytes in 0 blocks
==4104== Rerun with --leak-check=full to see details of leaked memory
==4104==
==4104== For counts of detected and suppressed errors, rerun with: -v
==4104== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 91 from 8)
Segmentation fault
Note that there are no problems if I replace natural with number.

— Scott

User avatar
MtnViewJohn
Site Admin
Posts: 882
Joined: Fri May 06, 2005 2:26 pm
Location: Mountain View, California
Contact:

Re: Segfault in Renderer::isNatural

Post by MtnViewJohn »

Good catch. I uploaded a fix to code.google.com.

User avatar
MtnViewJohn
Site Admin
Posts: 882
Joined: Fri May 06, 2005 2:26 pm
Location: Mountain View, California
Contact:

Re: Segfault in Renderer::isNatural

Post by MtnViewJohn »

I also just noticed seg faults if a shape or a functions takes a single vector as an argument. Pull from code.google.com if you are experiencing this issue. Version 3.0.1 should be out soon (signed for Mountain Lion users).

Post Reply