[Bug other/99763] New: c++filt crashes when demangling

[bajinsheng at outlook dot com via Gcc-bugs]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99763

            Bug ID: 99763
           Summary: c++filt crashes when demangling
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: other
          Assignee: unassigned at gcc dot gnu.org
          Reporter: bajinsheng at outlook dot com
  Target Milestone: ---

the payload to trigger the crash

The bug is about segment fault, which may be caused by endless loop.

Source code repository:
git://sourceware.org/git/binutils-gdb.git

commit:
12af5ebd820425e8ad843a1dac687a2fffc4a2e3

Date:   
Tue Mar 23 00:00:07 2021 +0000

Compiler:
Clang-12

OS:
Ubuntu 16.04.7 LTS


The call stack of the bug:
#0  0x00000000004beff1 in demangle_path (rdm=rdm@entry=0x7ffe5ead2850,
in_value=in_value@entry=1)
    at ./rust-demangle.c:664
#1  0x00000000004bf4d8 in demangle_path (rdm=rdm@entry=0x7ffe5ead2850,
in_value=in_value@entry=1)
    at ./rust-demangle.c:774
………..
#52364 0x00000000004bf4d8 in demangle_path (rdm=rdm@entry=0x7ffe5ead2850,
in_value=in_value@entry=1)
    at ./rust-demangle.c:774
#52365 0x00000000004bf4d8 in demangle_path (rdm=rdm@entry=0x7ffe5ead2850,
in_value=in_value@entry=1)
    at ./rust-demangle.c:774
#52366 0x00000000004be5f0 in rust_demangle_callback (mangled=<optimized out>,
options=267, 
    callback=<optimized out>, opaque=0x7ffe5ead28d0) at ./rust-demangle.c:1400
#52367 0x00000000004bf8d2 in rust_demangle (mangled=0x7ffe5ead2850 "\302sq",
options=1)
    at ./rust-demangle.c:1511
#52368 0x00000000004a4a0d in cplus_demangle (mangled=0x7173c0 <main.mbuffer>
"_RB_R", options=267)
    at ./cplus-dem.c:166


I upload the payload to reproduce the bug:
cat payload | ./c++filt