Opened 9 years ago
Last modified 9 years ago
#9260 new Bugs
Phoenix switch_ statements accessing wrong memory and cause segfault
| Reported by: | Owned by: | Thomas Heller | |
|---|---|---|---|
| Milestone: | To Be Determined | Component: | phoenix |
| Version: | Boost 1.54.0 | Severity: | Problem |
| Keywords: | phoenix spirit qi | Cc: |
Description
Seth Heeren and I tracked down a problem in phoenix 3's switch_ statements that causes a crash in the attached example.
Judging from valgrind outputs, it appears as if the switch_ accesses memory outside it's stack. In the attached case that causes a crash when accessing local variables in the enclosing rule.
To reproduce:
With this rule: qi::rule<It, bool(), qi::locals<bool, unsigned int, double, std::string>, Skipper> enclosing;
defined as: enclosing %= condition[_a = _1] >> double_[_val = _a];
it works.
If it is defined as: enclosing %= condition[_a = _1] >> double_[_c = _1, _val = _a];
it crashes.
When not using local variables there is no crash but still undefined behavior caused by the switch_. Phoenix 2 does not have this problem.
Attachments (1)
Change History (3)
by , 9 years ago
| Attachment: | phx_3_crash_reproducer.cpp added |
|---|
comment:1 by , 9 years ago
| Component: | None → phoenix |
|---|---|
| Owner: | set to |
comment:2 by , 9 years ago
The example submitted is not a minimal example of the failure in phoenix let_ structure.
I have been correcting some bugs (5715 and 5824) which relate to the operation of the comma operator in phoenix and those fixes may well be relevant.
The 5715 fix is currently in master and 5824 in develop and I will move it to master after 24 hours of tests on develop. You can follow this by looking at bug5715 and bug5824 in the testing reports.
I expect these fixes will be in 1.56.0 when it comes out.
Please if you read this could you check your problem and see if it is fixed against those fixes?
If not could you supply a smaller example of the problem in phoenix.
Thanks
John Fletcher
reproducer