Skip to content

Instantly share code, notes, and snippets.

@Mithrandir0x

Mithrandir0x/Console

Created November 23, 2012 17:37
Show Gist options
  • Save Mithrandir0x/4136598 to your computer and use it in GitHub Desktop.
Save Mithrandir0x/4136598 to your computer and use it in GitHub Desktop.
Download ZIP
Segmentation Fault with nested function in C
Raw
Console
$ gcc -c -g nested_function_segfault.c -ansi -pedantic -O -Wall -Wno-unused-result
nested_function_segfault.c: In function ‘polinomi_d’:
nested_function_segfault.c:18:5: warning: ISO C forbids nested functions [-pedantic]
nested_function_segfault.c: In function ‘main’:
nested_function_segfault.c:33:1: warning: control reaches end of non-void function [-Wreturn-type]
$ gcc nested_function_segfault.o -o nested_function_segfault.exe -lm
$ ./nested_function_segfault.exe
Segmentation fault (core dumped)
Raw
nested_function_segfault.c
typedef double (*M_F_PTR_D)(double);
double horner_d(int g, double x, double *P)
{
int i = g - 1;
double r = P[g];
for ( ; i >= 0 ; i-- )
{
r = ( r * x ) + P[i];
}
return r;
}
M_F_PTR_D polinomi_d(int g, double *P)
{
double p(double x)
{
return horner_d(g, x, P);
}
return &p;
}
int main()
{
double coeficients[3] = { -1, 0, 1 };
M_F_PTR_D P = polinomi_d(2, coeficients);
P(0);
P(1); /* SEGFAULT! */
return 0;
}
Raw
nested_function_segfault.o.dump
nested_function_segfault.o: file format elf32-i386
Disassembly of section .text:
00000000 <horner_d>:
0: 83 ec 0c sub $0xc,%esp
3: 8b 44 24 10 mov 0x10(%esp),%eax
7: dd 44 24 14 fldl 0x14(%esp)
b: 8b 54 24 1c mov 0x1c(%esp),%edx
f: dd 04 c2 fldl (%edx,%eax,8)
12: 83 e8 01 sub $0x1,%eax
15: 78 17 js 2e <horner_d+0x2e>
17: d8 c9 fmul %st(1),%st
19: dc 04 c2 faddl (%edx,%eax,8)
1c: dd 1c 24 fstpl (%esp)
1f: dd 04 24 fldl (%esp)
22: 83 e8 01 sub $0x1,%eax
25: 83 f8 ff cmp $0xffffffff,%eax
28: 75 ed jne 17 <horner_d+0x17>
2a: dd d9 fstp %st(1)
2c: eb 02 jmp 30 <horner_d+0x30>
2e: dd d9 fstp %st(1)
30: 83 c4 0c add $0xc,%esp
33: c3 ret
00000034 <p.876>:
34: 83 ec 14 sub $0x14,%esp
37: 8b 01 mov (%ecx),%eax
39: 89 44 24 0c mov %eax,0xc(%esp)
3d: dd 44 24 18 fldl 0x18(%esp)
41: dd 5c 24 04 fstpl 0x4(%esp)
45: 8b 41 04 mov 0x4(%ecx),%eax
48: 89 04 24 mov %eax,(%esp)
4b: e8 fc ff ff ff call 4c <p.876+0x18>
50: 83 c4 14 add $0x14,%esp
53: c3 ret
00000054 <polinomi_d>:
54: 83 ec 2c sub $0x2c,%esp
57: 65 a1 14 00 00 00 mov %gs:0x14,%eax
5d: 89 44 24 1c mov %eax,0x1c(%esp)
61: 31 c0 xor %eax,%eax
63: 8b 44 24 30 mov 0x30(%esp),%eax
67: 89 44 24 0c mov %eax,0xc(%esp)
6b: 8b 44 24 34 mov 0x34(%esp),%eax
6f: 89 44 24 08 mov %eax,0x8(%esp)
73: 8d 44 24 08 lea 0x8(%esp),%eax
77: c6 44 24 10 b9 movb $0xb9,0x10(%esp)
7c: 89 44 24 11 mov %eax,0x11(%esp)
80: b8 3a 00 00 00 mov $0x3a,%eax
85: 8d 54 24 20 lea 0x20(%esp),%edx
89: 29 d0 sub %edx,%eax
8b: c6 44 24 15 e9 movb $0xe9,0x15(%esp)
90: 89 44 24 16 mov %eax,0x16(%esp)
94: 8d 44 24 10 lea 0x10(%esp),%eax
98: 8b 54 24 1c mov 0x1c(%esp),%edx
9c: 65 33 15 14 00 00 00 xor %gs:0x14,%edx
a3: 74 05 je aa <polinomi_d+0x56>
a5: e8 fc ff ff ff call a6 <polinomi_d+0x52>
aa: 83 c4 2c add $0x2c,%esp
ad: c3 ret
000000ae <main>:
ae: 55 push %ebp
af: 89 e5 mov %esp,%ebp
b1: 53 push %ebx
b2: 83 e4 f0 and $0xfffffff0,%esp
b5: 83 ec 30 sub $0x30,%esp
b8: d9 e8 fld1
ba: d9 e0 fchs
bc: dd 5c 24 18 fstpl 0x18(%esp)
c0: d9 ee fldz
c2: dd 5c 24 20 fstpl 0x20(%esp)
c6: d9 e8 fld1
c8: dd 5c 24 28 fstpl 0x28(%esp)
cc: 8d 44 24 18 lea 0x18(%esp),%eax
d0: 89 44 24 04 mov %eax,0x4(%esp)
d4: c7 04 24 02 00 00 00 movl $0x2,(%esp)
db: e8 fc ff ff ff call dc <main+0x2e>
e0: 89 c3 mov %eax,%ebx
e2: d9 ee fldz
e4: dd 1c 24 fstpl (%esp)
e7: ff d0 call *%eax
e9: dd d8 fstp %st(0)
eb: d9 e8 fld1
ed: dd 1c 24 fstpl (%esp)
f0: ff d3 call *%ebx
f2: dd d8 fstp %st(0)
f4: b8 00 00 00 00 mov $0x0,%eax
f9: 8b 5d fc mov -0x4(%ebp),%ebx
fc: c9 leave
fd: c3 ret
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment