On Sat, Apr 25, 2009 at 4:03 AM, Martin Nagy <mnagy@xxxxxxxxxx> wrote:
>
> We weren't checking if the initializer isn't NULL, which caused sparse
> to segfault later on when performing lazy evaluation in classify_type().
>
> Signed-off-by: Martin Nagy <nagy.martin@xxxxxxxxx>
> ---
> parse.c | 17 +++++++++++------
> 1 files changed, 11 insertions(+), 6 deletions(-)
>
> diff --git a/parse.c b/parse.c
> index 9662122..18cfaef 100644
> --- a/parse.c
> +++ b/parse.c
> @@ -924,12 +924,17 @@ static struct token *typeof_specifier(struct token *token, struct decl_state *ct
> ctx->ctype.base_type = sym->ctype.base_type;
> apply_ctype(token->pos, &sym->ctype, &ctx->ctype);
> } else {
> - struct symbol *typeof_sym = alloc_symbol(token->pos, SYM_TYPEOF);
> - token = parse_expression(token->next, &typeof_sym->initializer);
> -
> - typeof_sym->endpos = token->pos;
> - ctx->ctype.base_type = typeof_sym;
> - }
> + struct expression *expr;
I think you want expr = NULL here. Otherwise if(expr) will pick up crap.
I would just add two lines after "token =
parse_expression(token->next, &typeof_sym->initializer);"
if (!type->initializer)
sparse_error(token->pos, "expected expression after the '(' token");
If there is compile error, the sparse should not continue the later
stage any way.
BTW, can you add a validation test case which will trigger the bug?
Thanks
Chris
--
To unsubscribe from this list: send the line "unsubscribe linux-sparse" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
