Serguey Parkhomovsky wrote:
> On Thu, Nov 26, 2015 at 01:03:22PM -0500, Michael McConville wrote:
> > This nondeterministically underflows _sf_top_ix, causing a segfault:
> >
> > http://www.sccs.swarthmore.edu/users/16/mmcconv1/dump/crash.l
> >
>
> Looks like _sf_top_ix always underflows whenever there are extra closing
> parentheses in the rules section. The nondeterministic behavior is
> probably heap layout related.
>
> I've taken your suggestion and updated scan.l to give a syntax error
> when there is an unbalanced parenthesis, which fixes the issue:
Forwarding to upstream.
> Index: scan.l
> ===================================================================
> RCS file: /cvs/src/usr.bin/lex/scan.l,v
> retrieving revision 1.12
> diff -u -p -r1.12 scan.l
> --- scan.l 19 Nov 2015 23:34:56 -0000 1.12
> +++ scan.l 30 Nov 2015 21:19:44 -0000
> @@ -741,7 +741,13 @@ nmstr[yyleng - 2 - end_is_ws] = '\0'; /
> return '(';
> }
> "(" sf_push(); return '(';
> - ")" sf_pop(); return ')';
> + ")" {
> + if (_sf_top_ix > 0) {
> + sf_pop();
> + return ')';
> + } else
> + synerr(_("unbalanced parenthesis"));
> + }
>
> [/|*+?.(){}] return (unsigned char) yytext[0];
> . RETURNCHAR;
