This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: [PATCH!]g++ Internal error with large IDENTIFIER length.

To: iko at bert2 dot crec dot mipt dot ru
Subject: Re: [PATCH!]g++ Internal error with large IDENTIFIER length.
From: scott snyder <snyder at d0sgif dot fnal dot gov>
Date: Sun, 08 Feb 1998 16:02:27 CST
cc: egcs-bugs at cygnus dot com


Yes - i reported this a couple months ago, but it hasn't made it into
the cvs tree yet.

Appended is a copy of that report.

sss



hi -

egcs 971207 snapshot of egcs on a i586-pc-linux-gnu platform
gives a fatal error on the following source:


-- long-template.cpp ----------------------------------------------------------
class ACE_Null_Mutex {};
class ACE_Null_Condition {};
class ACE_Event_Handler {};




template<class T> class Static_Log_Message_Receiver {};





class  ACE_SOCK_Stream {};
class  ACE_SOCK_Acceptor {};





class  ACE_Shared_Object
{
public:
  virtual ~ACE_Shared_Object (void);
};




class  ACE_Service_Object
 : public ACE_Event_Handler, public ACE_Shared_Object
{
};







template <class SVC_HANDLER>
class ACE_Schedule_All_Reactive_Strategy
{
};








template <class _ACE_SYNCH_MUTEX_T, class _ACE_SYNCH_CONDITION_T>
class ACE_Task
{
public:
  ACE_Task ();
};






template <class _ACE_PEER_STREAM, class _ACE_PEER_ADDR, class _ACE_SYNCH_MUTEX_T, class _ACE_SYNCH_CONDITION_T>
class ACE_Svc_Handler : public ACE_Task<_ACE_SYNCH_MUTEX_T, _ACE_SYNCH_CONDITION_T>
{
};



template <class SVC_HANDLER, class _ACE_PEER_ACCEPTOR, class _ACE_PEER_ADDR>
class ACE_Acceptor : public ACE_Service_Object
{
};


template <class SVC_HANDLER, class _ACE_PEER_ACCEPTOR, class _ACE_PEER_ADDR>
class ACE_Strategy_Acceptor
  : public ACE_Acceptor <SVC_HANDLER, _ACE_PEER_ACCEPTOR, _ACE_PEER_ADDR>
{
};






template <class _ACE_PEER_STREAM, class _ACE_PEER_ADDR,
          class COUNTER,
          class _ACE_SYNCH_MUTEX_T, class _ACE_SYNCH_CONDITION_T,
          class LOG_MESSAGE_RECEIVER>
class ACE_Server_Logging_Handler_T
  : public ACE_Svc_Handler<_ACE_PEER_STREAM, _ACE_PEER_ADDR, _ACE_SYNCH_MUTEX_T, _ACE_SYNCH_CONDITION_T>
{
};




template<class SERVER_LOGGING_HANDLER,
         class LOG_MESSAGE_RECEIVER,
         class SCHEDULE_STRATEGY>
class ACE_Server_Logging_Acceptor_T
  : public ACE_Strategy_Acceptor<SERVER_LOGGING_HANDLER, ACE_SOCK_Acceptor, int>
{
};



template<class LOG_MESSAGE_RECEIVER> 
class ACE_Server_Logging_Handler
 : public ACE_Server_Logging_Handler_T
    <ACE_SOCK_Stream, int,
     unsigned long,
     ACE_Null_Mutex, ACE_Null_Condition,
     LOG_MESSAGE_RECEIVER> 
{
};




typedef ACE_Server_Logging_Acceptor_T
  <ACE_Server_Logging_Handler<Static_Log_Message_Receiver<int> >,
  Static_Log_Message_Receiver<int>, 
  ACE_Schedule_All_Reactive_Strategy
    <ACE_Server_Logging_Handler<Static_Log_Message_Receiver<ACE_Null_Mutex> > > > 
Null_Synch_Logging_Handler_Static_Receiver_Acceptor;                  





extern "C" ACE_Service_Object *_make_Null_Synch_Logging_Handler_Static_Receiver_Acceptor (void);

extern "C" ACE_Service_Object *_make_Null_Synch_Logging_Handler_Static_Receiver_Acceptor () {  return new Null_Synch_Logging_Handler_Static_Receiver_Acceptor; }

-------------------------------------------------------------------------------

$ cc1plus long-template.cpp 
<internal>:0: Internal compiler error.
<internal>:0: Please submit a full bug report to `egcs-bugs@cygnus.com'.

This gives a suspcious looking, though not very useful, backtrace:

(gdb) where
#0  0x4d5f6c6c in ?? ()
#1  0x78657475 in ?? ()
Cannot access memory at address 0x754e5f45.


Walking through the code, i find that's it's crashing in make_thunk()
in method.c, where, indeed, it is writing a name into a fixed-length
array on the stack without checking bounds.


I made the appended patch, which seems to fix the problem.

thanks.
sss


1997-12-10  scott snyder  <sss@d0linux01.fnal.gov>

	* method.c (make_thunk): Avoid name buffer overflow.


Index: gcc/cp/method.c
===================================================================
RCS file: /d0sgi0/usr0/snyder/CVSROOT/egcs/gcc/cp/method.c,v
retrieving revision 1.1.1.5
diff -c -r1.1.1.5 method.c
*** method.c    1997/12/08 21:06:03     1.1.1.5
--- method.c    1997/12/11 05:40:37
***************
*** 1811,1817 ****
       tree function;
       int delta;
  {
!   char buffer[250];
    tree thunk_id;
    tree thunk;
    char *func_name;
--- 1811,1817 ----
       tree function;
       int delta;
  {
!   char *buffer;
    tree thunk_id;
    tree thunk;
    char *func_name;
***************
*** 1822,1827 ****
--- 1822,1828 ----
    if (TREE_CODE (func_decl) != FUNCTION_DECL)
      abort ();
    func_name = IDENTIFIER_POINTER (DECL_ASSEMBLER_NAME (func_decl));
+   buffer = (char *)alloca (strlen (func_name) + 32);
    if (delta<=0)
      sprintf (buffer, "__thunk_%d_%s", -delta, func_name);
    else

Follow-Ups:
- Re: [PATCH!]g++ Internal error with large IDENTIFIER length.
  - From: Jeffrey A Law
- Re: [PATCH!]g++ Internal error with large IDENTIFIER length.
  - From: Jeffrey A Law

References:
- [PATCH!]g++ Internal error with large IDENTIFIER length.
  - From: iko

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]