Log::Print overloading ambiguity causes SIGSEGV

[simoncn]

The Log::Print overloaded signatures in Printer.cpp are ambiguous in some cases. The following stack trace illustrates the problem:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x4f6be470 (LWP 5591)]
0x4026878c in vfprintf () from /lib/arm-linux-gnueabi/libc.so.6
(gdb) bt
#0 0x4026878c in vfprintf () from /lib/arm-linux-gnueabi/libc.so.6
#1 0x40289cbc in vsnprintf () from /lib/arm-linux-gnueabi/libc.so.6
#2 0x4f0fefc8 in OpenHome::Log::Print (aOutput=...,
aFormat=0x4f1497fc "Socket::Accept Accepted Handle = %d\n", aArgs=0x0)
at OpenHome/Printer.cpp:103
#3 0x4f0ff0dc in OpenHome::Log::Print (
aFormat=0x4f1497fc "Socket::Accept Accepted Handle = %d\n", aArgs=0x0)
at OpenHome/Printer.cpp:53
#4 0x4f0f6bdc in OpenHome::Socket::Accept (this=0x209430, aClientEndpoint=...)
at OpenHome/Network.cpp:346
#5 0x4f0f6dec in OpenHome::SocketTcpServer::Accept (this=0x209430,
aClientEndpoint=...) at OpenHome/Network.cpp:552
#6 0x4f0fab28 in OpenHome::SocketTcpSession::Start (this=0x21c378)
at OpenHome/Network.cpp:606
#7 0x4f0fca7c in OpenHome::MemberTranslator<OpenHome::SocketTcpSession, void (OpenHome::SocketTcpSession::*)()>::Thunk (aFb=...)
at Build/Include/OpenHome/Functor.h:76
#8 0x4f02892c in OpenHome::Functor::operator() (this=0x22f058)
at Build/Include/OpenHome/Functor.h:34
#9 0x4f124518 in OpenHome::ThreadFunctor::Run (this=0x22f010)
at OpenHome/Thread.cpp:268
#10 0x4f124640 in OpenHome::Thread::EntryPoint (aArg=0x22f010)
at OpenHome/Thread.cpp:142
#11 0x4f13ba50 in threadEntrypoint (aArg=0x22eef8) at Os/Posix/Os.c:493
#12 0x4020eb04 in start_thread () from /lib/arm-linux-gnueabi/libpthread.so.0
#13 0x402f3b7c in ?? () from /lib/arm-linux-gnueabi/libc.so.6
#14 0x402f3b7c in ?? () from /lib/arm-linux-gnueabi/libc.so.6
Backtrace stopped: previous frame identical to this frame (corrupt stack?)

The call from line 346 of Network.cpp should have called

TInt Log::Print(const TChar* aFormat, ...)

in Printer.cpp, but it has called

TInt Log::Print(const TChar* aFormat, va_list aArgs)

instead. This is because the compiler I'm using (gcc 4.1.1 for ARM) defines va_list as void *, and the argument passed to LOGF is a THandle, which is also defined as void *. In this case, the value of the void * happens to be 0, which causes a SIGSEGV. For a void * that's a valid pointer, there wouldn't be a SIGSEGV, but the dereferenced value would be printed instead of the pointer value.

I could work around this by casting the THandle on the LOGF call, but this pattern occurs quite frequently and it would be tedious and error-prone to add this cast in all cases that might be ambiguous. Instead, I've fixed it by changing the name of the overloaded method with the va_list parameter from Log::Print to Log::PrintVA. It's only called from line 46 of Printer.cpp, so this is a simple change.

There's some similar code in TestFramework.cpp that has the same overloading ambiguity.

[simoncn]

I'm attaching a patch to fix the runtime problem. I haven't changed TestFramework because I'm not sure whether this overloading ambiguity is causing a problem there.

[simonc]

(20-01-2013 09:29 PM)simoncn Wrote:  I'm attaching a patch to fix the runtime problem. I haven't changed TestFramework because I'm not sure whether this overloading ambiguity is causing a problem there.

Thanks. This code should be available on github now.