<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Assertion `Parser->TemplateParams.size() >= OldNumTemplateParamLists' failed."
href="https://bugs.llvm.org/show_bug.cgi?id=46310">46310</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Assertion `Parser->TemplateParams.size() >= OldNumTemplateParamLists' failed.
</td>
</tr>
<tr>
<th>Product</th>
<td>libc++abi
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>All Bugs
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>natalierice@yeah.net
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org, mclow.lists@gmail.com
</td>
</tr></table>
<p>
<div>
<pre>cxa_demangle_fuzzer-asan: libcxxabi/src/demangle/ItaniumDemangle.h:2358:
{anonymous}::itanium_demangle::AbstractManglingParser<Derived,
Alloc>::ScopedTemplateParamList::~ScopedTemplateParamList() [with Derived =
{anonymous}::itanium_demangle::ManglingParser<{anonymous}::DefaultAllocator>;
Alloc = {anonymous}::DefaultAllocator]: Assertion
`Parser->TemplateParams.size() >= OldNumTemplateParamLists' failed.
Aborted (core dumped)
# Crashwalk report
---CRASH SUMMARY---
Filename: crash/id:000075,sig:06,src:003258+005715,op:splice,rep:2
SHA1: 8386def13fd91b317070f1e529f24a7d7035c843
Classification: UNKNOWN
Hash: 66807e4bd3b1950ef1fb154655b72dab.707324742d90def81626729c9230e899
Command: ./cxa_demangle_fuzzer
crash/id:000075,sig:06,src:003258+005715,op:splice,rep:2
Faulting Frame:
(anonymous namespace)::itanium_demangle::AbstractManglingParser<(anonymous
namespace)::itanium_demangle::ManglingParser<(anonymous
namespace)::DefaultAllocator>, (anonymous
namespace)::DefaultAllocator>::ScopedTemplateParamList::~ScopedTemplateParamList()
@ 0x0000000000423948: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
Disassembly:
0x00007ffff7bef3da: xor edx,edx
0x00007ffff7bef3dc: mov rsi,r9
0x00007ffff7bef3df: mov edi,0x2
0x00007ffff7bef3e4: mov eax,0xe
0x00007ffff7bef3e9: syscall
=> 0x00007ffff7bef3eb: mov rax,QWORD PTR [rsp+0x108]
0x00007ffff7bef3f3: xor rax,QWORD PTR fs:0x28
0x00007ffff7bef3fc: jne 0x7ffff7bef424 <__GI_raise+260>
0x00007ffff7bef3fe: mov eax,r8d
0x00007ffff7bef401: add rsp,0x118
Stack Head (32 entries):
__GI_raise @ 0x00007ffff7bef3eb: in (BL)
__GI_abort @ 0x00007ffff7bce899: in (BL)
__assert_fail_base @ 0x00007ffff7bce769: in (BL)
__GI___assert_fail @ 0x00007ffff7be0006: in (BL)
(anonymous @ 0x0000000000423948: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041e640: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041b991: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041539d: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000040f879: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041139e: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000040e0f1: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x0000000000423b64: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041e46b: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041b991: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000041539d: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
(anonymous @ 0x000000000040f879: in
/home/natalie/Desktop/research/Bug/llvm-libcxxabi-ce3db12/cxa_demangle_fuzzer
Registers:
rax=0x0000000000000000 rbx=0x00007ffff7a59100 rcx=0x00007ffff7bef3eb
rdx=0x0000000000000000
rsi=0x00007fffffffb990 rdi=0x0000000000000002 rbp=0x00007ffff7d62fb8
rsp=0x00007fffffffb990
r8=0x0000000000000000 r9=0x00007fffffffb990 r10=0x0000000000000008
r11=0x0000000000000246
r12=0x000000000042a988 r13=0x0000000000000936 r14=0x000000000042d7f8
r15=0x0000000000000000
rip=0x00007ffff7bef3eb efl=0x0000000000000246 cs=0x0000000000000033
ss=0x000000000000002b
ds=0x0000000000000000 es=0x0000000000000000 fs=0x0000000000000000
gs=0x0000000000000000
Extra Data:
Description: Abort signal
Short description: AbortSignal (20/22)
Explanation: The target is stopped on a SIGABRT. SIGABRTs are often
generated by libc and compiled check-code to indicate potentially exploitable
conditions. Unfortunately this command does not yet further analyze these
crashes.
---END SUMMARY---</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>