| Message ID | 1401309510-10507-1-git-send-email-aburgess@broadcom.com |
|---|---|
| State | Not Applicable |
| Headers | show |
On 05/28/2014 09:38 PM, Andrew Burgess wrote: > In two places when a struct demangle_component is of type > DEMANGLE_COMPONENT_FIXED_TYPE we fall back to accessing the default > s_binary member of the union rather than the s_fixed member. This is > incorrect and can cause the demangler to crash. > > In d_dump I've changed the code to only access the s_fixed member of the > union, and also added printing of the remaining parts of the s_fixed > struct, this felt like the most useful thing to do. > > I've added a new test, this causes a SIGSEGV for me before the patch, and > is fine afterwords, however, this undefined, so might not cause a crash on > all platforms. Hi Andrew, As you know, I'm not a demangler maintainer, but in any case, I took a look and this looks good to me. > diff --git a/libiberty/testsuite/demangle-expected b/libiberty/testsuite/demangle-expected > index 453f9a3..0e2bb12 100644 > --- a/libiberty/testsuite/demangle-expected > +++ b/libiberty/testsuite/demangle-expected > @@ -4343,3 +4343,9 @@ cereal::detail::InputBindingMap<cereal::JSONInputArchive>::Serializers cereal::p > --format=gnu-v3 > _ZNSt9_Any_data9_M_accessIPZ4postISt8functionIFvvEEEvOT_EUlvE_EERS5_v > void post<std::function<void ()> >(std::function<void ()>&&)::{lambda()#1}*& std::_Any_data::_M_access<void post<std::function<void ()> >(void post<std::function<void ()> >(std::function<void ()>&&)::{lambda()#1}*&&)::{lambda()#1}*>() > +# The following input symbol was found during random, it caused a fault Could you add a single empty # above, to separate the tests? I find that that makes it much easier to follow the file. I have no idea why we can't have/handle real empty lines though. > +# The following input symbol was found during random, it caused a fault "during random testing?" > +# within the demangler, it's not a symbol we'd expect in the real world. Why not? > +--format=auto --no-params > +_Z3xxxDFyuVb > +xxx(unsigned long long _Fract, bool volatile) > +xxx
diff --git a/libiberty/cp-demangle.c b/libiberty/cp-demangle.c index 68d8ee1..a31dad4 100644 --- a/libiberty/cp-demangle.c +++ b/libiberty/cp-demangle.c @@ -710,7 +710,9 @@ d_dump (struct demangle_component *dc, int indent) printf ("pointer to member type\n"); break; case DEMANGLE_COMPONENT_FIXED_TYPE: - printf ("fixed-point type\n"); + printf ("fixed-point type, accum? %d, sat? %d\n", + dc->u.s_fixed.accum, dc->u.s_fixed.sat); + d_dump (dc->u.s_fixed.length, indent + 2) break; case DEMANGLE_COMPONENT_ARGLIST: printf ("argument list\n"); @@ -3869,7 +3871,13 @@ d_count_templates_scopes (int *num_templates, int *num_scopes, case DEMANGLE_COMPONENT_FUNCTION_TYPE: case DEMANGLE_COMPONENT_ARRAY_TYPE: case DEMANGLE_COMPONENT_PTRMEM_TYPE: + goto recurse_left_right; + case DEMANGLE_COMPONENT_FIXED_TYPE: + d_count_templates_scopes (num_templates, num_scopes, + dc->u.s_fixed.length); + break; + case DEMANGLE_COMPONENT_VECTOR_TYPE: case DEMANGLE_COMPONENT_ARGLIST: case DEMANGLE_COMPONENT_TEMPLATE_ARGLIST: diff --git a/libiberty/testsuite/demangle-expected b/libiberty/testsuite/demangle-expected index 453f9a3..0e2bb12 100644 --- a/libiberty/testsuite/demangle-expected +++ b/libiberty/testsuite/demangle-expected @@ -4343,3 +4343,9 @@ cereal::detail::InputBindingMap<cereal::JSONInputArchive>::Serializers cereal::p --format=gnu-v3 _ZNSt9_Any_data9_M_accessIPZ4postISt8functionIFvvEEEvOT_EUlvE_EERS5_v void post<std::function<void ()> >(std::function<void ()>&&)::{lambda()#1}*& std::_Any_data::_M_access<void post<std::function<void ()> >(void post<std::function<void ()> >(std::function<void ()>&&)::{lambda()#1}*&&)::{lambda()#1}*>() +# The following input symbol was found during random, it caused a fault +# within the demangler, it's not a symbol we'd expect in the real world. +--format=auto --no-params +_Z3xxxDFyuVb +xxx(unsigned long long _Fract, bool volatile) +xxx