[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[palves at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=9907

Pedro Alves <palves at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
                 CC|                            |palves at redhat dot com
         Resolution|---                         |FIXED
   Target Milestone|6.8                         |7.0

--- Comment #8 from Pedro Alves <palves at redhat dot com> ---
I tried that on current mainline, and saw no crash.  The current gdb code has
been made to match libiberty a few years ago, between 6.8/7.0:

commit 71c25deab3d61e4cfbaffc7006704a27d1bc0737
Author: Tom Tromey <tromey@redhat.com>
Date:   Tue Mar 31 20:21:08 2009 +0000

    2009-03-31  Daniel Jacobowitz  <dan@codesourcery.com>
            Keith Seitz  <keiths@redhat.com>
            Jan Kratochvil  <jan.kratochvil@redhat.com>

        PR gdb/6817
...
        * cp-name-parser.y: operator() requires two parameters,
        according to libiberty.
...

Closing.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

------- Additional Comments From francois dot rigault at amadeus dot com  2009-03-17 08:27 -------
to reproduce, put this in your gdb.c :
int
main (int argc, char **argv)
{
  cp_remove_params("A()");
  cp_remove_params("M::operator()() const");
  return -1;
}



-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

------- Additional Comments From francois dot rigault at amadeus dot com  2009-03-16 16:52 -------
The problem reoccured (I did a fresh check out a few hours ago ...)
Here's the problem I get - this time not with the code from my comment above, 
but from a cppunit test.

After some investigation, here's what is happening :
cp-name-parser.y:2016 
cp_demangled_name_to_comp("CppUnit::TestCaseMethodFunctor::operator()() const")

is called. 


it seems the problem is coming from here :
gdb/cp-name-parser.y:504
   make_operator ("()", 0);  // define the operator with argument 0
then
libiberty/cp-demangle.c:1439
   { "cl", NL ("()"),        2 },  // define the operator with argument 2

The matching between those 2 is done in libiberty/cp-demint.c:166
if (len == cplus_demangle_operators[i].len 
    && args == cplus_demangle_operators[i].args // oups - won't match
    && strcmp (opname, cplus_demangle_operators[i].name) == 0)

Not sure how it is related, but anyway it seems hard that those 2 could ever 
match. Putting both argument values to 0 or both to 2 fix the problem anyway.




-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[tromey at redhat dot com]

------- Additional Comments From tromey at redhat dot com  2009-03-12 21:09 -------
FWIW, I tried this with CVS head gdb today, on x86 Fedora 9,
using the system gcc (4.3.0).
I could not reproduce the crash.

-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[ich at az2000 dot de]

------- Additional Comments From ich at az2000 dot de  2009-03-12 15:14 -------
I randomly hit this crash, not sure if I can reproduce that. But I have some
similar functor classes in my code, so it's probable that we hit both the same
problem.


-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

------- Additional Comments From francois dot rigault at amadeus dot com  2009-03-12 15:09 -------
My issue is in fact a libiberty problem.
Replacing the libiberty directory by the one included in gdb-6.8 solved my 
problem

Albert, does this solves yours ?

-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |francois dot rigault at
                   |                            |amadeus dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|critical                    |normal


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Bug gdb/9907] gdb 6.8.50.20090225-cvs segfault in g++ demangler

[francois dot rigault at amadeus dot com]

------- Additional Comments From francois dot rigault at amadeus dot com  2009-03-11 16:34 -------
I have the same bug here
GDB 6.8.50.20090311 tarball
GCC 3.4.2

I'm reproducing it with the cpp file below.
--------
class MyClass
{
public:
  bool
  operator()() const
  {
    return true; // put a breakpoint here and run
  }
};

int
main()
{
  MyClass a;
  a();
  return 10;
}
--------
The core shows :
#0  0x00000000006e6929 in d_append_buffer ()
#1  0x00000000006e5463 in d_print_comp ()
#2  0x00000000006e54d8 in d_print_comp ()
#3  0x00000000006e4f81 in cplus_demangle_print_callback ()
#4  0x00000000006e506b in cplus_demangle_print ()
#5  0x00000000005e8f1b in cp_comp_to_string ()
#6  0x00000000005cfbe4 in cp_remove_params ()
#7  0x000000000051eab6 in print_frame ()
#8  0x000000000051e81b in print_frame_info ()
#9  0x000000000051de3f in print_stack_frame_stub ()
#10 0x000000000052454d in catch_errors ()
#11 0x000000000051debf in print_stack_frame ()
#12 0x000000000051b82d in normal_stop ()
#13 0x000000000051695d in proceed ()





-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |critical
          Component|corefiles                   |gdb
            Summary|gdb 6.8.50.20090225-cvs     |gdb 6.8.50.20090225-cvs
                   |crashed while reading       |segfault in g++ demangler
                   |coredump                    |


http://sourceware.org/bugzilla/show_bug.cgi?id=9907

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.