Date: Sun, 01 Nov 2020 16:25:30 +0000 From: bugzilla-noreply@freebsd.org To: toolchain@FreeBSD.org Subject: [Bug 250702] c++filt crashes on a particular symbol Message-ID: <bug-250702-29464-SjJrt8DoWj@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-250702-29464@https.bugs.freebsd.org/bugzilla/> References: <bug-250702-29464@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250702 --- Comment #8 from Dimitry Andric <dim@FreeBSD.org> --- The simple case, e.g. '_ZZ5func1vENK3$_0clEv' has regressed with https://sourceforge.net/p/elftoolchain/code/3531/ ("libelftc: revamped demangler support for function return type"), aka https://github.com/elftoolchain/elftoolchain/commit/68c2224b7 . The https://sourceforge.net/p/elftoolchain/tickets/539/ has another example however, '_ZZN9libunwind17LocalAddressSpace18findUnwindSectionsEjRNS_18UnwindInfoSec= tionsEENUlP12dl_phdr_infojPvE_8__invokeES4_jS5_', which GNU c++filt unpacks to 'libunwind::LocalAddressSpace::findUnwindSections(unsigned int, libunwind::UnwindInfoSections&)::{lambda(dl_phdr_info*, unsigned int, void*)#1}::__invoke(dl_phdr_info*, unsigned int, void*)'. With the elftc demangler, before upstream r3531, it simply returns "not a v= alid mangled name", while after upstream r3531, it asserts "(ddata->output.size > 0)". What seems to happen is that r3531 added a cpp_demangle_data::cur_output member, and this is being used for any cpp_demangle_push_str() call. When cpp_demangle_read_sname() reads the '5func1' part of the original string, it calls cpp_demangle_push_str to push the 'func1' name that it decodes, but at that point cur_output is *not* pointing to ddata->output, which the assert expects. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250702-29464-SjJrt8DoWj>