tinycc-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tinycc-devel] Crash report for [mob:3054a76]

From: Steffen Nurpmeso
Subject: Re: [Tinycc-devel] Crash report for [mob:3054a76]
Date: Fri, 11 Nov 2016 19:33:18 +0100
User-agent: s-nail v14.9.0-pre2-9-gebb59f7 
Hi.

grischka <address@hidden> wrote:
 |Steffen Nurpmeso wrote:
 |> Yes it is, there is a double free in conjunction with the
 |> preprocessor end_macro() (imagine a smile here).  end_macro()
 |> frees the macro and then that free_inline_functions or so tries to
 |> frees it again, which causes a crash.  
 |
 |I think this was possible when you get a compile error within
 |the inline function.
 |
 |In this case because of the longjmp in tcc_compile, the TokenString
 |was not removed from the macro_stack first, then it was freed in
 |free_inline_functions, and then again in tccpp_delete:end_macro.
 |
 |Fixed here:
 |http://repo.or.cz/tinycc.git/commitdiff/7c28c9b13f7c924c18920b51f42b1119c3b\
 |1e2ee

  tccgen.c: In function ‘free_inline_functions’:
  tccgen.c:6549:13: warning: implicit declaration of function ‘tal_free’ 
[-Wimplicit-function-declaration]
               tal_free(tokstr_alloc, fn->func_str);
               ^~~~~~~~
  tccgen.c:6549:22: error: ‘tokstr_alloc’ undeclared (first use in this 
function)
               tal_free(tokstr_alloc, fn->func_str);
                        ^~~~~~~~~~~~
  tccgen.c:6549:22: note: each undeclared identifier is reported only once for 
each function it appears in
  make: *** [Makefile:187: tccgen.o] Error 1

Ciao (for today).

--steffen
reply via email to
[Prev in Thread] Current Thread [Next in Thread]