(At least ) in gcc/java/jfc-io.c,
the memoized_dirlists hash is created by the call
htab_create (37, htab_hash_string <-- NOTE THIS, memoized_dirlist_lookup_eq,
NULL);
Actually, htab contains the structures (memoized_dirlist_entry), not the
strings.
All went ok until hashtab.c decides it need to expand hash. Then,
libiberty/hashtab.c, htab_expand function tries to calculate hashes of hash
entries
itself, calling htab_hash_string on elements of hash, that are not the strings,
but the structures.
When this happens, under right conditions jc1 crashes with SIGSEGV.
I found this on FreeBSD 6-CURRENT with debug malloc that fills uninitialized
storage with 0xd0. The problem is platform independent.
It seems that such code is present at least in 3.4.4, 4.0.2 and HEAD.
--
Summary: jc1 incorrectly uses libiberty hashes
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: java
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: kostikbel at ukr dot net
CC: gcc-bugs at gcc dot gnu dot org,java-prs at gcc dot gnu
dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24120
