judy64nb.c crashes with some sequences of judy_cell (works fine when same (string) keys are entered in different sequence)

Crashes with Program received signal SIGSEGV, Segmentation fault. __memmove_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:2814

(gdb) bt

0 __memmove_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:2814

1 0x00000000004058c5 in memmove (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:57

2 judy_cell (judy=0x61a180, buff=0x62aff8 "", buff@entry=0x7fffffffd960 "andr0id", max=4294897880) at src/judy64nb.c:1298

3 0x0000000000402389 in main (argc=<optimized out>, argv=<optimized out>) at src/shallot.c:276

With some additional printf debugging: printf ("%p %d %d\n", base, keysize, slot); 0x61a150 8 -1

slot is -1 which never happens on successful runs.

1297 memmove(base, base + keysize, slot * keysize);

I'm not sure if the loop at 1297 is supposed to make slot negative in case it doesn't reach "break". 1268 while( slot-- ) { ... 1277 }

This small testcase already exhibits the behavior on my system:

include <stdio.h>

include "judy64nb.h"

int main (int argc, char *argv[]) { void * judy; JudySlot *res; JudySlot i = 0;

judy = judy_open (2, 0); res = judy_cell (judy, "android", 7); res = i++; res = judy_cell (judy, "andr0id", 7); / crashes here */ *res = i++;

judy_close (judy); return 0; }

Changing the insertion order of the strings (first "andr0id", then "android") does NOT crash.

Running on x86_64, ubuntu 14.10