https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71760
Bug ID: 71760 Summary: libiberty - Segmentation fault when attempting to delete a non-existent element in a hash table Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: other Assignee: unassigned at gcc dot gnu.org Reporter: rocco at tecsiel dot it Target Milestone: --- Created attachment 38831 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=38831&action=edit C source file to reproduce the bug Hello people, the attached C-program can be used to reproduce a segmentation fault found in libliberty/hashtab.c I am using a libiberty tar-gzipped source version found in a recent Debian Archive File (libiberty_20160215.tar.xz) where the first entry in ChangeLog is: * 2016-01-27 Iain Buclaw <ibuc...@gdcproject.org> This is the output of the execution of my program before patching the library: ro...@nuc.carbo.net 1221> ./bug-remove Hello world! This program creates a hash table with htab_create(). Then: * inserts 2 objects with htab_find_slot(INSERT). * delete 1 existent with htab_remove_elt(). * attempt to delete 1 non existent with htab_remove_elt(). Boom !!! Inserting [Hello - 1] ... Ok Inserting [World! - 2] ... Ok Searching for [Hello] ... Ok Searching for [World!] ... Ok Deleting [Hello] ... Ok Segmentation fault And this was the patch I applied in libiberty/libiberty: ro...@nuc.carbo.net 1222> diff hashtab.c hashtab.c.ORG 729c729 < if (!slot || *slot == HTAB_EMPTY_ENTRY) --- > if (*slot == HTAB_EMPTY_ENTRY) the same error could be also in other different points for different API functions but I did not check. /rocco