Grzegorz Majka created XERCESC-2154:
---------------------------------------

             Summary: "terminate called after throwing an instance of 
'xercesc_3_2::XMLErrs::Codes'" crash on Solaris x86 with invalid xml input xml
                 Key: XERCESC-2154
                 URL: https://issues.apache.org/jira/browse/XERCESC-2154
             Project: Xerces-C++
          Issue Type: Bug
          Components: DOM
    Affects Versions: 3.2.2, 3.2.1
         Environment: Oracle compiler version (supports c++11):
[hostname]/: /opt/developerstudio12.6/bin/CC -V
CC: Studio 12.6 Sun C++ 5.15 SunOS_i386 2017/05/30

OS version:
[hostname]/: uname -a
SunOS hostname 5.10 Generic_150401-61 i86pc i386 i86pc

            Reporter: Grzegorz Majka
         Attachments: xml_broken.xml, xml_ok.xml

Hi,

I have a problem running xerces on Solaris x86 platform compiled with 
'-std=c++11' flag using Oracle developer studio 12.6. The compilation is fine 
and the library works fine in all positive scenarios, but it fails with Abort 
signal (core dumped) when an XML content to process is broken ending with the 
error message:
"terminate called after throwing an instance of 'xercesc_3_2::XMLErrs::Codes'"

I was able to isolate the problem by using DOMPrint example run with a file 
with an invalid xml content.

The positive scenario:
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: 
export 
LD_LIBRARY_PATH=/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/src/.libs:/opt/developerstudio12.6/lib/compilers/CC-gcc/lib
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 ./.libs/DOMPrint xml_ok.xml
<?xml version="1.0" encoding="UTF-8" standalone="no" ?><IBM>
        <CIT>
                <Hardware version="1.0">
                        <Group Name="Lpar"/>
                </Hardware>
        </CIT>
</IBM>

The negative scenario:
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 ./.libs/DOMPrint xml_broken.xml
Fatal Error at file 
"/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples/xml_broken.xml",
 line 5, column 1
   Message: input ended before all started tags were ended; last tag started is 
'Hardware'
terminate called after throwing an instance of 'xercesc_3_2::XMLErrs::Codes'
Abort (core dumped)

I attach both xml_ok.xml and xml_broken.xml files for your reference.



Details:

1)
Xerces version 3.2.1 (I also tried with 3.2.2 with the same behavior)

2)
Oracle compiler version (supports c++11):
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: 
/opt/developerstudio12.6/bin/CC -V
CC: Studio 12.6 Sun C++ 5.15 SunOS_i386 2017/05/30

OS version:
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: uname 
-a
SunOS hostname 5.10 Generic_150401-61 i86pc i386 i86pc


3)
Configure options:
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: chmod 
+x ./configure.solaris; chmod +x config/install-sh; ./configure.solaris 
CXX="/opt/developerstudio12.6/bin/CC" CC="/opt/developerstudio12.6/bin/cc" 
LD="/opt/developerstudio12.6/bin/CC" LDFLAGS="-std=c++11 
-L/opt/developerstudio12.6/lib/compilers/CC-gcc/lib -lstdc++ -lgcc_s -lCrunG3 
-s" CFLAGS="-xO2 -D_XOPEN_SOURCE_EXTENDED=1 -D__EXTENSIONS__ -Kpic -mt" 
CXXFLAGS="-xO2 -D_XOPEN_SOURCE_EXTENDED=1 -D__EXTENSIONS__ -Kpic -mt 
-std=c++11" --disable-static --enable-xmlch-uint16_t 
AR="/opt/developerstudio12.6/bin/CC -xar" ARFLAGS=-o --enable-transcoder-iconv
...
...
configure.solaris: Report:
configure.solaris:   File Manager: POSIX
configure.solaris:   Mutex Manager: standard
configure.solaris:   Transcoder: iconv
configure.solaris:   NetAccessor: socket
configure.solaris:   Message Loader: inmemory
configure.solaris:   XMLCh Type: uint16_t

4)
"ldd" outputs:
Initially I had issues with "terminate called after throwing an instance ..." 
because I mistakenly linked to both 
- c++11 libraries: stdc++ gcc_s CrunG3
- and standard libraries: Cstd stlport4 stdcxx4 Crun iostream libraries
which is not allowed.

Xerces compiled, but failed in almost all scenarios with similar "terminate 
called..." crashes. After fixing the issue (getting rid of linking to standard 
(Cstd and Crun) libraries) all test cases passed except the negative ones.

Here is the list of "ldd" outputs:

[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 file ./.libs/DOMPrint
./.libs/DOMPrint:       ELF 32-bit LSB executable 80386 Version 1 [SSE2 SSE], 
dynamically linked, stripped
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 ldd ./.libs/DOMPrint
        libxerces-c-3.2.so =>    
/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/src/.libs/libxerces-c-3.2.so
        libstdc++.so.6 =>        
/opt/developerstudio12.6/lib/compilers/CC-gcc/lib/libstdc++.so.6
        libgcc_s.so.1 =>         
/opt/developerstudio12.6/lib/compilers/CC-gcc/lib/libgcc_s.so.1
        libCrunG3.so.1 =>        /usr/lib/libCrunG3.so.1
        libnsl.so.1 =>   /lib/libnsl.so.1
        libsocket.so.1 =>        /lib/libsocket.so.1
        libstatomic.so.1 =>      
/opt/developerstudio12.6/lib/compilers/atomic/libstatomic.so.1
        librt.so.1 =>    /lib/librt.so.1
        libm.so.2 =>     /lib/libm.so.2
        libc.so.1 =>     /lib/libc.so.1
        libmp.so.2 =>    /lib/libmp.so.2
        libmd.so.1 =>    /lib/libmd.so.1
        libscf.so.1 =>   /lib/libscf.so.1
        libaio.so.1 =>   /lib/libaio.so.1
        libdoor.so.1 =>  /lib/libdoor.so.1
        libuutil.so.1 =>         /lib/libuutil.so.1
        libgen.so.1 =>   /lib/libgen.so.1
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 cd ..
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: file 
src/.libs/libxerces-c-3.2.so
src/.libs/libxerces-c-3.2.so:   ELF 32-bit LSB dynamic lib 80386 Version 1 
[SSE2 SSE], dynamically linked, not stripped
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2: ldd 
src/.libs/libxerces-c-3.2.so
        libstdc++.so.6 =>        
/opt/developerstudio12.6/lib/compilers/CC-gcc/lib/libstdc++.so.6
        libgcc_s.so.1 =>         
/opt/developerstudio12.6/lib/compilers/CC-gcc/lib/libgcc_s.so.1
        libCrunG3.so.1 =>        /usr/lib/libCrunG3.so.1
        libnsl.so.1 =>   /lib/libnsl.so.1
        libsocket.so.1 =>        /lib/libsocket.so.1
        libc.so.1 =>     /lib/libc.so.1
        libm.so.2 =>     /lib/libm.so.2
        librt.so.1 =>    /lib/librt.so.1
        libmp.so.2 =>    /lib/libmp.so.2
        libmd.so.1 =>    /lib/libmd.so.1
        libscf.so.1 =>   /lib/libscf.so.1
        libaio.so.1 =>   /lib/libaio.so.1
        libdoor.so.1 =>  /lib/libdoor.so.1
        libuutil.so.1 =>         /lib/libuutil.so.1
        libgen.so.1 =>   /lib/libgen.so.1
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2:

5)
"dbx" output:
[hostname]/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples:
 dbx -a ./.libs/DOMPrint xml_broken.xml
For information about new features see `help changes'
To remove this message, put `dbxenv suppress_startup_message 8.2' in your .dbxrc
Reading DOMPrint
Reading ld.so.1
Reading libxerces-c-3.2.so
Reading libstdc++.so.6.0.21
Reading libgcc_s.so.1
Reading libCrunG3.so.1
Reading libnsl.so.1
Reading libsocket.so.1
Reading libstatomic.so.1
Reading librt.so.1
Reading libm.so.2
Reading libc.so.1
Reading libaio.so.1
Reading libmd.so.1
(dbx) run
Running: DOMPrint xml_broken.xml
(process id 11188)
Fatal Error at file 
"/rome/homes/cit/gmajka/xerces_tests/solaris_322/xerces-c-3.2.2/samples/xml_broken.xml",
 line 5, column 1
   Message: input ended before all started tags were ended; last tag started is 
'Hardware'
terminate called after throwing an instance of 'xercesc_3_2::XMLErrs::Codes'
signal ABRT (Abort) in __lwp_kill at 0xfe66c9b5
0xfe66c9b5: __lwp_kill+0x0015:  jae      __lwp_kill+0x23        [ 0xfe66c9c3, 
.+0xe ]
(dbx) where
=>[1] __lwp_kill(0x1, 0x6), at 0xfe66c9b5
  [2] _thr_kill(0x1, 0x6), at 0xfe66782c
  [3] raise(0x6), at 0xfe6137db
  [4] abort(0xfe8725cc, 0x107, 0x80b6110, 0xfe6d3cd8, 0xfef90c00, 0xfe8725cc), 
at 0xfe5f29f5
  [5] __gnu_cxx::__verbose_terminate_handler(0x1, 0x0, 0xfe96c64b, 0xfe9b1008, 
0x80f0fd8, 0xf6), at 0xfe96f9e5
  [6] 0xfe96c657(0xfe96f870, 0x0, 0xfe96c6b5, 0xfe96c6e7, 0xfe96c6d9, 
0xfe9b1008), at 0xfe96c657
  [7] std::terminate(0x80f0fd8, 0xfef90c00, 0xfe96c6b5, 0xfe96c94f, 0xfee4dfa8, 
0x0), at 0xfe96c6f0
  [8] __gnu_cxx::__verbose_terminate_handler(0x1, 0x6, 0xfe6d0000, 0x804557c, 
0xfe6137db, 0x1), at 0xfe96f870
(dbx)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

Reply via email to