This is the mail archive of the binutils@sourceware.cygnus.com mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

crash bug in the demangle part of liberty

To: binutils at sourceware dot cygnus dot com
Subject: crash bug in the demangle part of liberty
From: "Kipp E.B. Hickman" <kipp at netscape dot com>
Date: Fri, 08 Oct 1999 09:51:22 -0700

Here is the test case. On my redhat6.0 system with
binutils-2.9.1.0.23-1, it core dumps on me...

% cat dem.cpp
#include <stdio.h>

extern "C" {
  char *cplus_demangle (const char *mangled, int options);
}

int main(int argc, char** argv)
{
  char* s =
"__thunk_4_HandleUnknownContentType__15nsBrowserWindowP17nsIDocumentLoaderP10nsIChannelPCcT3";

  char* dm = cplus_demangle(s, 1);
  if (dm) {
    printf("in: '%s'\n", s);
    printf("out: '%s'\n", dm);
  }
  return 0;
}

% gdb dem
GNU gdb 4.17.0.11 with Linux support
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...
(gdb) run
Starting program: /home/kipp/src/dem

Program received signal SIGSEGV, Segmentation fault.
chunk_free (ar_ptr=0x850f003a, p=0x4015f588) at malloc.c:2958
malloc.c:2958: No such file or directory.
(gdb) bt
#0  chunk_free (ar_ptr=0x850f003a, p=0x4015f588) at malloc.c:2958
#1  0x400cf505 in __libc_free (mem=0x4015f590) at malloc.c:2932
#2  0x804c863 in string_delete (s=0x804ec10)
    at ../../../libiberty/cplus-dem.c:3577
#3  0x8049400 in mop_up (work=0xbffff850, declp=0xbffff82c, success=1)
    at ../../../libiberty/cplus-dem.c:749
#4  0x8049328 in internal_cplus_demangle (work=0xbffff850,
    mangled=0x804cc3b "") at ../../../libiberty/cplus-dem.c:690
#5  0x8049221 in cplus_demangle (
    mangled=0x804cbe0
"__thunk_4_HandleUnknownContentType__15nsBrowserWindowP17n
sIDocumentLoaderP10nsIChannelPCcT3", options=1)
    at ../../../libiberty/cplus-dem.c:625
#6  0x8048c18 in main ()
#7  0x4008ecb3 in __libc_start_main (main=0x8048c00 <main>, argc=1,
    argv=0xbffff904, init=0x80489a0 <_init>, fini=0x804cb8c <_fini>,
    rtld_fini=0x4000a350 <_dl_fini at dl-fini.c:25>,
stack_end=0xbffff8fc)
    at ../sysdeps/generic/libc-start.c:78

--
-----------------------------------------------------------------------
Kipp E.B. Hickman       <><
kipp@netscape.com       http://home.netscape.com/people/kipp/index.html

Follow-Ups:
- Re: crash bug in the demangle part of liberty
  - From: Ian Lance Taylor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]