On 05/16/2012 03:02 PM, Charles Chance wrote:

Currently testing devel version and experiencing the following when using pua_dialoginfo:

-------------------------------------

Program terminated with signal 11, Segmentation fault.

#0 core_hash (t=0xb3d7e330, type=1024, ps=0xbfcc31c8) at ../../hashes.h:279

279 v=(*p<<24)+(p[1]<<16)+(p[2]<<8)+p[3];

Hello,
Don't know if this is related, but the statement above hides a nasty bug: p[1] is a char (as for the description), so is signed, shifting to the left 16 bits is ok, as an integral promotion takes place. The problem is that if p[1] is negative (-1 is 0xff), then the integral promotion is signed as well and is complementary of 2 (or whatever the implementation considers), and the shift will return another value as expected.

For example :
#include <stdio.h>

int main(){
    char b = 0xff;
    unsigned h = (b<<16);
    printf("%x\n", h);
    return 0;
}

will print ffff0000 instead of ff0000 as expected. Haven't calculated the implication of this related to the bug. An fix would be to cast p[1] to (unsigned char)

Cheers,
Marius

-- 
Zbihlei Marius

Head of
Linux Development Services Romania

1&1 Internet Development srl    Tel KA: 754-9152
Str Mircea Eliade 18            Tel RO: +40-31-223-9152
Sect 1, Bucuresti               mailto: marius.zbihlei@1and1.ro
71295, Romania