search

ianfhunter / GNOLL

GNOLL is an efficient dice notation parser for multiple programming languages that supports a wide set of dice notation
https://www.ianhunter.ie/GNOLL/
GNU General Public License v3.0
40 stars 24 forks source link

Segfault when keeping more dice than you roll #465

Closed K900 closed 6 months ago

K900 commented 6 months ago 
❄️ ❯ lldb ./build/dice                                                                               (lldb) target create "./build/dice"
Current executable set to '/home/k900/gh/ianfhunter/GNOLL/build/dice' (x86_64).
(lldb) run 1d6kh2
Process 183315 launched: '/home/k900/gh/ianfhunter/GNOLL/build/dice' (x86_64)
Process 183315 stopped
* thread #1, name = 'dice', stop reason = signal SIGSEGV: address not mapped to object (fault address: 0x447)
    frame #0: 0x00007ffff7d8e5b7 libc.so.6`unlink_chunk.isra.0 + 39
libc.so.6`unlink_chunk.isra.0:
->  0x7ffff7d8e5b7 <+39>: cmpq   0x18(%rax), %rdi
    0x7ffff7d8e5bb <+43>: jne    0x7ffff7d8e638            ; <+168>
    0x7ffff7d8e5bd <+45>: cmpq   0x10(%rdx), %rdi
    0x7ffff7d8e5c1 <+49>: jne    0x7ffff7d8e638            ; <+168>
(lldb) bt
* thread #1, name = 'dice', stop reason = signal SIGSEGV: address not mapped to object (fault address: 0x447)
  * frame #0: 0x00007ffff7d8e5b7 libc.so.6`unlink_chunk.isra.0 + 39
    frame #1: 0x00007ffff7d8e8b5 libc.so.6`_int_free_create_chunk + 149
    frame #2: 0x00007ffff7d8fc18 libc.so.6`_int_free_merge_chunk + 152
    frame #3: 0x00007ffff7d92753 libc.so.6`free + 115
    frame #4: 0x0000000000402f7e dice`free_2d_array + 46
    frame #5: 0x000000000040419c dice`delete_all_macros + 268
    frame #6: 0x000000000040cb48 dice`roll_full_options + 136
    frame #7: 0x00000000004023ae dice`main + 238
    frame #8: 0x00007ffff7d1f0ce libc.so.6`__libc_start_call_main + 126
    frame #9: 0x00007ffff7d1f189 libc.so.6`__libc_start_main@@GLIBC_2.34 + 137
    frame #10: 0x0000000000402465 dice`_start + 37

Tested on 1fb23ba7b096483d0aa384cd6542699afd6926cf

github-actions[bot] commented 6 months ago

Thanks for filing an issue! We'll get back to you as soon as we can with a response.

ianfhunter commented 6 months ago

Thanks, I can replicate the issue, but I wont be able to look at it for a few days. I've added a test and I'll update here when it passes

K900 commented 6 months ago

Don't worry about it. I'm mostly exploring the options for now, so any time you can fix it is nice.