search

riolet / rix

Rix language combines the power of C language and the convenience of a high level language
GNU General Public License v3.0
729 stars 27 forks source link

Segmentation fault #56

Open rwhitworth opened 7 years ago

rwhitworth commented 7 years ago

Is there any interest in having inputs reported that cause rixc to seg fault and dump core?

Based on some quick fuzz testing I found quite a few inputs of interest. Below is a sample input plus gdb backtrace. I also noticed rixc isn't very consistent in that sometimes it crashes with this input, sometimes it compiles no problem, and sometimes it reports an error about parsing the file.

Examples of inconsistent behavior:

# ./rixc input.dat
Segmentation fault (core dumped)

# ./rixc input.dat
        Line 65: Column:0 - Error while parsing file.
        syntax error, unexpected ENDOFLINE

# ./rixc input.dat
=============  Compilation Complete!  ==============
Wrote source file out.c, header file out.h, build file out.sh and compilation log file out.log

input file:

?

gdb backtrace:

#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x00007f2ffe61537e in __GI___strdup (s=0x0) at strdup.c:41
#2  0x00000000004025f9 in addCode (tree=0x20fab40, line=0x0) at ObjectTree.c:211
#3  0x000000000042608f in objectPrev () at rixc.c:1632
#4  0x000000000041370b in yyuserAction (yyn=<optimized out>, yyrhslen=<optimized out>, yyvsp=<optimized out>, yystackp=<optimized out>, yyvalp=<optimized out>,
    yylocp=<optimized out>) at rix.y:227
#5  0x000000000040d204 in yydoAction (yystackp=<optimized out>, yyk=<optimized out>, yyrule=<optimized out>, yyvalp=<optimized out>, yylocp=<optimized out>)
    at rix.tab.c:2154
#6  yyglrReduce (yystackp=<optimized out>, yyk=<optimized out>, yyrule=<optimized out>, yyforceEval=<optimized out>) at rix.tab.c:2181
#7  0x000000000040a48e in yyparse () at rix.tab.c:3132
#8  0x0000000000426fc2 in main (argc=<optimized out>, argv=<optimized out>) at rixc.c:1883