This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
c++/2179: Segmentation fault in find_overload_match
- From: zhegulev at klocwork dot com
- To: gdb-gnats at sources dot redhat dot com
- Date: 29 Sep 2006 20:37:06 -0000
- Subject: c++/2179: Segmentation fault in find_overload_match
- Reply-to: zhegulev at klocwork dot com
>Number: 2179
>Category: c++
>Synopsis: Segmentation fault in find_overload_match
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Sep 29 20:38:02 UTC 2006
>Closed-Date:
>Last-Modified:
>Originator: Kirill Zhegulev
>Release: unknown-1.0
>Organization:
>Environment:
redhat 9
gcc 3.4.5
gdb 6.5
>Description:
gdb-6.5/gdb/valops.c
1849 const char *qualified_name = SYMBOL_CPLUS_DEMANGLED_NAME (fsym);
1850 func_name = cp_func_name (qualified_name);
qualified_name gets NULL at line 1849 and it is passed to strlen through cp_func_name at line 1850.
I changed it so that func_name gets NULL if qualified_name is NULL and to me it works fine after fix
I run static analysis on that file and found one more potential problem:
obj gets NULL value if objp is NULL
1802 struct value *obj = (objp ? *objp : NULL);
...
1823 if (method)
1824 {
obj is dereferenced here through call to value_type()
1825 obj_type_name = TYPE_NAME (value_type (obj));
>How-To-Repeat:
$ g++ -g gdb.cc
$ gdb a.out
(gdb) start
(gdb) call foo()
Segmentation fault (core dumped)
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
----gnatsweb-attachment----
Content-Type: text/plain; name="gdb.cc"
Content-Disposition: inline; filename="gdb.cc"
extern "C" void foo(){
}
int main(){
return 0;
}