In `rhs[name]: "a" | "b"', do not free "name" twice.
Reported by Tys Lefering.
<http://lists.gnu.org/archive/html/bug-bison/2010-06/msg00002.html>
* src/named-ref.h, src/named-ref.c (named_ref_copy): New.
* src/parse-gram.y (current_lhs): Rename as...
(current_lhs_symbol): this.
(current_lhs): New function. Use it to free the current lhs
named reference.
* src/reader.c: Bind lhs to a copy of the current named reference.
* src/symlist.c: Rely on free (0) being valid.
* tests/named-refs.at: Test this.
(cherry picked from commit
8f462efe923947cc4e72deea5b0fa93a5f88000d)
Conflicts:
src/parse-gram.y
+2011-03-09 Akim Demaille <akim@lrde.epita.fr>
+
+ named references: fix double free.
+ In `rhs[name]: "a" | "b"', do not free "name" twice.
+ Reported by Tys Lefering.
+ <http://lists.gnu.org/archive/html/bug-bison/2010-06/msg00002.html>
+ * src/named-ref.h, src/named-ref.c (named_ref_copy): New.
+ * src/parse-gram.y (current_lhs): Rename as...
+ (current_lhs_symbol): this.
+ (current_lhs): New function. Use it to free the current lhs
+ named reference.
+ * src/reader.c: Bind lhs to a copy of the current named reference.
+ * src/symlist.c: Rely on free (0) being valid.
+ * tests/named-refs.at: Test this.
+
2011-03-09 Akim Demaille <akim@lrde.epita.fr>
tests: style changes.
2011-03-09 Akim Demaille <akim@lrde.epita.fr>
tests: style changes.
Tom Tromey tromey@cygnus.com
Tommy Nordgren tommy.nordgren@chello.se
Troy A. Johnson troyj@ecn.purdue.edu
Tom Tromey tromey@cygnus.com
Tommy Nordgren tommy.nordgren@chello.se
Troy A. Johnson troyj@ecn.purdue.edu
-Tys Lefering twlevo@xs4all.nl
+Tys Lefering twlevo@gmail.com
Vin Shelton acs@alumni.princeton.edu
Wayne Green wayne@infosavvy.com
Wolfram Wagner ww@mpi-sb.mpg.de
Vin Shelton acs@alumni.princeton.edu
Wayne Green wayne@infosavvy.com
Wolfram Wagner ww@mpi-sb.mpg.de
+named_ref *
+named_ref_copy (const named_ref *r)
+{
+ return named_ref_new (r->id, r->loc);
+}
+
void
named_ref_free (named_ref *r)
{
void
named_ref_free (named_ref *r)
{
/* Allocate a named reference object. */
named_ref *named_ref_new (uniqstr id, location loc);
/* Allocate a named reference object. */
named_ref *named_ref_new (uniqstr id, location loc);
+/* Allocate and return a copy. */
+named_ref *named_ref_copy (const named_ref *r);
+
/* Free a named reference object. */
void named_ref_free (named_ref *r);
/* Free a named reference object. */
void named_ref_free (named_ref *r);
static int current_prec = 0;
static location current_lhs_location;
static named_ref *current_lhs_named_ref;
static int current_prec = 0;
static location current_lhs_location;
static named_ref *current_lhs_named_ref;
- static symbol *current_lhs;
+ static symbol *current_lhs_symbol;
static symbol_class current_class = unknown_sym;
static uniqstr current_type = NULL;
static symbol_class current_class = unknown_sym;
static uniqstr current_type = NULL;
+ /** Set the new current left-hand side symbol, possibly common
+ * to several right-hand side parts of rule.
+ */
+ static
+ void
+ current_lhs(symbol *sym, location loc, named_ref *ref)
+ {
+ current_lhs_symbol = sym;
+ current_lhs_location = loc;
+ /* In order to simplify memory management, named references for lhs
+ are always assigned by deep copy into the current symbol_list
+ node. This is because a single named-ref in the grammar may
+ result in several uses when the user factors lhs between several
+ rules using "|". Therefore free the parser's original copy. */
+ free (current_lhs_named_ref);
+ current_lhs_named_ref = ref;
+ }
+
#define YYTYPE_INT16 int_fast16_t
#define YYTYPE_INT8 int_fast8_t
#define YYTYPE_UINT16 uint_fast16_t
#define YYTYPE_INT16 int_fast16_t
#define YYTYPE_INT8 int_fast8_t
#define YYTYPE_UINT16 uint_fast16_t
- id_colon named_ref.opt { current_lhs = $1; current_lhs_location = @1;
- current_lhs_named_ref = $2; } rhses.1
+ id_colon named_ref.opt { current_lhs ($1, @1, $2); } rhses.1
+ {
+ /* Free the current lhs. */
+ current_lhs (0, @1, 0);
+ }
- { grammar_current_rule_begin (current_lhs, current_lhs_location,
+ { grammar_current_rule_begin (current_lhs_symbol, current_lhs_location,
current_lhs_named_ref); }
| rhs symbol named_ref.opt
{ grammar_current_rule_symbol_append ($2, @2, $3); }
current_lhs_named_ref); }
| rhs symbol named_ref.opt
{ grammar_current_rule_symbol_append ($2, @2, $3); }
p = grammar_symbol_append (lhs, loc);
if (lhs_name)
p = grammar_symbol_append (lhs, loc);
if (lhs_name)
- assign_named_ref(p, lhs_name);
+ assign_named_ref (p, named_ref_copy (lhs_name));
current_rule = grammar_end;
current_rule = grammar_end;
for (node = list; node; node = next)
{
next = node->next;
for (node = list; node; node = next)
{
next = node->next;
- if (node->named_ref)
- named_ref_free (node->named_ref);
+ named_ref_free (node->named_ref);
#######################################################################
#######################################################################
+# Bison used to free twice the named ref for "a", since a single copy
+# was used in two rules.
+AT_SETUP([Factored LHS])
+AT_DATA_GRAMMAR([test.y],
+[[
+%%
+start[a]: "foo" | "bar";
+]])
+AT_BISON_CHECK([-o test.c test.y])
+AT_CLEANUP
+
+#######################################################################
+
AT_SETUP([Unresolved references])
AT_DATA_GRAMMAR([test.y],
[[
AT_SETUP([Unresolved references])
AT_DATA_GRAMMAR([test.y],
[[
projects / bison.git / commitdiff
