From 61d59b7323700b6649e6206952752a82dffe1206 Mon Sep 17 00:00:00 2001 From: Kevin Buettner Date: Wed, 9 Dec 2020 14:42:26 -0700 Subject: [PATCH] Fix off-by-one error in ada_fold_name. (RHBZ 1905996, Kevin Buettner) --- _gdb.spec.Patch.include | 9 +- _gdb.spec.patch.include | 2 +- _patch_order | 1 + ...ix-off-by-one-error-in-ada_fold_name.patch | 82 +++++++++++++++++++ gdb.spec | 5 +- 5 files changed, 91 insertions(+), 8 deletions(-) create mode 100644 gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch diff --git a/_gdb.spec.Patch.include b/_gdb.spec.Patch.include index 7060bcd..24ae5fd 100644 --- a/_gdb.spec.Patch.include +++ b/_gdb.spec.Patch.include @@ -131,10 +131,6 @@ Patch034: gdb-6.7-testsuite-stable-results.patch #=fedoratest Patch035: gdb-6.5-ia64-libunwind-leak-test.patch -# Test hiding unexpected breakpoints on intentional step commands. -#=fedoratest -Patch036: gdb-6.5-missed-trap-on-step-test.patch - # Test GCORE for shmid 0 shared memory mappings. #=fedoratest: But it is broken anyway, sometimes the case being tested is not reproducible. Patch038: gdb-6.3-mapping-zero-inode-test.patch @@ -382,3 +378,8 @@ Patch096: gdb-vla-intel-fix-print-char-array.patch # =fedoratest Patch097: gdb-rhbz1553104-s390x-arch12-test.patch +# Fix off-by-one error in ada_fold_name.patch (RH BZ 1905996) +# Upstream patch proposal: https://sourceware.org/pipermail/gdb-patches/2020-December/173935.html +# =fedoratest +Patch098: gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch + diff --git a/_gdb.spec.patch.include b/_gdb.spec.patch.include index 7880e19..a01109a 100644 --- a/_gdb.spec.patch.include +++ b/_gdb.spec.patch.include @@ -31,7 +31,6 @@ %patch033 -p1 %patch034 -p1 %patch035 -p1 -%patch036 -p1 %patch038 -p1 %patch039 -p1 %patch040 -p1 @@ -92,3 +91,4 @@ %patch095 -p1 %patch096 -p1 %patch097 -p1 +%patch098 -p1 diff --git a/_patch_order b/_patch_order index a45566e..ce0f896 100644 --- a/_patch_order +++ b/_patch_order @@ -95,3 +95,4 @@ gdb-rhbz1398387-tab-crash-test.patch gdb-archer.patch gdb-vla-intel-fix-print-char-array.patch gdb-rhbz1553104-s390x-arch12-test.patch +gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch diff --git a/gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch b/gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch new file mode 100644 index 0000000..5e1bc57 --- /dev/null +++ b/gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch @@ -0,0 +1,82 @@ +From FEDORA_PATCHES Mon Sep 17 00:00:00 2001 +From: Kevin Buettner +Date: Tue, 8 Dec 2020 14:07:45 -0700 +Subject: gdb-rhbz1905996-fix-off-by-one-error-in-ada_fold_name.patch + +;; Fix off-by-one error in ada_fold_name.patch (RH BZ 1905996) +;; Upstream patch proposal: https://sourceware.org/pipermail/gdb-patches/2020-December/173935.html +;; =fedoratest + +Fix off-by-one error in ada_fold_name + +I'm seeing a libstdc++ assertion failure when running GDB's "maint selftest" +command when GDB is configured with the following CFLAGS and CXXFLAGS as +part of the configure line: + + CFLAGS='-D_GLIBCXX_DEBUG -g3 -O0' CXXFLAGS='-D_GLIBCXX_DEBUG -g3 -O0' + +This is what I see when running the self tests: + +(gdb) maint selftest +Running selftest aarch64-analyze-prologue. +Running selftest aarch64-process-record. +Running selftest arm-record. +Running selftest arm_analyze_prologue. +Running selftest array_view. +Running selftest child_path. +Running selftest cli_utils. +Running selftest command_structure_invariants. +Running selftest copy_bitwise. +Running selftest copy_integer_to_size. +Running selftest cp_remove_params. +Running selftest cp_symbol_name_matches. +Running selftest dw2_expand_symtabs_matching. +/usr/include/c++/11/string_view:211: constexpr const value_type& std::basic_string_view<_CharT, _Traits>::operator[](std::basic_string_view<_CharT, _Traits>::size_type) const [with _CharT = char; _Traits = std::char_traits; std::basic_string_view<_CharT, _Traits>::const_reference = const char&; std::basic_string_view<_CharT, _Traits>::size_type = long unsigned int]: Assertion '__pos < this->_M_len' failed. +Aborted (core dumped) + +Here's a partial stack trace: + + #0 0x00007ffff6ef6262 in raise () from /lib64/libc.so.6 + #1 0x00007ffff6edf8a4 in abort () from /lib64/libc.so.6 + #2 0x00000000004249bf in std::__replacement_assert ( + __file=0xef7480 "/usr/include/c++/11/string_view", __line=211, + __function=0xef7328 "constexpr const value_type& std::basic_string_view<_CharT, _Traits>::operator[](std::basic_string_view<_CharT, _Traits>::size_type) const [with _CharT = char; _Traits = std::char_traits; std::ba"..., + __condition=0xef7311 "__pos < this->_M_len") + at /usr/include/c++/11/x86_64-redhat-linux/bits/c++config.h:2624 + #3 0x0000000000451737 in std::basic_string_view >::operator[] (this=0x7fffffffc200, __pos=8) + at /usr/include/c++/11/string_view:211 + #4 0x00000000004329f5 in ada_fold_name (name="function") + at /ironwood1/sourceware-git/rawhide-master/bld/../../worktree-master/gdb/ada-lang.c:988 + +And, looking at frame #4... + +(top-gdb) up 4 + at /ironwood1/sourceware-git/rawhide-master/bld/../../worktree-master/gdb/ada-lang.c:988 +988 fold_buffer[i] = tolower (name[i]); +(top-gdb) p i +$1 = 8 +(top-gdb) p name.size() +$2 = 8 + +My patch adjusts the comparison to only copy name.size() characters +from the string. I've added a separate statement for NUL character +termination of fold_buffer[]. + +gdb/ChangeLog: + + * ada-lang.c (ada_fold_name): Fix off-by-one error. + +diff --git a/gdb/ada-lang.c b/gdb/ada-lang.c +--- a/gdb/ada-lang.c ++++ b/gdb/ada-lang.c +@@ -1006,8 +1006,9 @@ ada_fold_name (gdb::string_view name) + { + int i; + +- for (i = 0; i <= len; i += 1) ++ for (i = 0; i < len; i += 1) + fold_buffer[i] = tolower (name[i]); ++ fold_buffer[i] = '\0'; + } + + return fold_buffer; diff --git a/gdb.spec b/gdb.spec index a8cc4f2..6f6fb2a 100644 --- a/gdb.spec +++ b/gdb.spec @@ -1184,9 +1184,8 @@ fi %endif %changelog -* Mon Dec 07 2020 Kevin Buettner - 10.1-2 -- Bump release number to avoid lower NVR (for rawhide) than that of F33. - (RHBZ 1894912) +* Wed Dec 09 2020 Kevin Buettner - 10.1-2 +- Fix off-by-one error in ada_fold_name. (RHBZ 1905996, Kevin Buettner) * Wed Nov 04 2020 Kevin Buettner - 10.1-1 - Rebase to FSF GDB 10.1.