This is the mail archive of the mailing list for the GDB project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

gdb 4.18 / libiberty bugfix


gdb segfaulted when demangling a (rather complex) c++ name while reading a
symbol table.

In the remember_type function (gdb-4.18/libiberty/cplus-dem.c) the typevec
array of the work structure was zero, but work -> typevec_size was 3, so the
function didn't allocate memory for typevec. When typevec was accessed gdb
went down.
The reason for this seems to be that when work -> typevec is freed in the mop_up
function (same file; line 882) work -> typevec_size is not set zero.

setting work -> typevec_size to zero after freeing work -> typevec should do
the trick. After I have done this everything worked fine.

I hope this bug wasn't already known.

diff -ru gdb-4.18/libiberty/cplus-dem.c gdb-4.18-new/libiberty/cplus-dem.c
--- gdb-4.18/libiberty/cplus-dem.c	Thu Apr  1 22:37:06 1999
+++ gdb-4.18-new/libiberty/cplus-dem.c	Tue Jan 18 00:52:28 2000
@@ -880,6 +880,7 @@
       free ((char *) work -> typevec);
       work -> typevec = NULL;
+      work -> typevec_size = 0;
   if (work->tmpl_argvec)

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]