Fix undefined behavior in evaluate_result caused by read of uninitialized symbol value #18
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ized symbol value
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ui coi lei bangu pendo .i zu'e mi pu co'u samrkompli le'i vi proga ri'a le du'u la'e la'oi dfasyn na genturfa'i la'e la'o dac. morf_nfa.in .dac lu'u voi samdacru ku'o co'i le nu la'e la'oi dfasyn cusku zoi gy. No output written, there were ambiguous exit values for accepting states .gy .i mi na pu djuno le su'u na'ebo mi snada le mu'e samrkompli kei be lo tadji .i ba bo mi pu facki ri'a le zu'o mi lanli loi samselpla kei le du'u la'e la'oi evaluate_result cu pilno pa da poi namcu vefi'e lei to'e selsmudu'a selkanji skami bo morji ku'o le zu'o kanji le jei da zmadu li no sebai le nu co'u genturfa'i ku kei goi ko'a .i le jei ko'a pu du li pa va'o le pe mi skami .i mi pu setca pa lo midvla ku poi smudu'a le ba seljetlai sinxa ku poi se finti la'e la'oi find_symbol_or_create ku'o li no ku'o gi'e ru ca tolpo'u .i mi pacna dei poi ka du'enai zu'i valsi .i mi jidge ru'a le li'i rapcreze'a le zu'u tavla fo la .lojban.
(loose translation, I wrote the first part first lol) Hi language friends :3 . I could not compile these programs because "dfasyn" would not parse the file "morf_nfa.in" and would print "No output written, there were ambiguous exit values for accepting states". I didn't know why it worked for everyone else so I looked around the code and discovered that the function "evaluate_result" reads from uninitialized memory to determine if parsing should cease. On my machine, it determines that it should. I added an instruction to initialize the value of future symbols created by the function "find_symbol_or_create" to 0 and everything works now. I hope this is not too wordy. I thought this would be a good opportunity to practice speaking Lojban. (translation ends)
Just to be clear, the call stack at where the symbol with the uninitialized value is created looks something like: [other stuff]->add_dfa->evaluate_result->eval->find_symbol_or_create, then the bad symbol value propagates back up to
evaluate_result, becauseevalreturns the value of the symbol without checking if it is a new, uninitialized-value-having symbol (the "create" part offind_symbol_or_create), where it is read as the condition ofif (eval(x, x->results[i].e)). There is definitely much more undefined behavior going on in this very dusty program, but fixing that did make it work for me on amd64 OpenBSD, which has a tendency to reveal before-unseen bugs in programs :3It's a one line diff but....... I'm sure you have enough details now lol
co'o