[gdb/f20] Fix memory errors with demangled name hash (Tom Tromey).

Jan Kratochvil jankratochvil at fedoraproject.org
Mon Jun 30 22:14:57 UTC 2014 

commit 01d3c9fc039e11d1ca4bd0a29e4b1600abf5e9c8
Author: Jan Kratochvil <jan.kratochvil at redhat.com>
Date:   Tue Jul 1 00:15:01 2014 +0200

    Fix memory errors with demangled name hash (Tom Tromey).

 gdb-upstream.patch |  211 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 gdb.spec           |    5 +-
 2 files changed, 215 insertions(+), 1 deletions(-)
---
diff --git a/gdb-upstream.patch b/gdb-upstream.patch
index 6d82704..fcaf74c 100644
--- a/gdb-upstream.patch
+++ b/gdb-upstream.patch
@@ -102,3 +102,214 @@ Date:   Tue May 13 14:55:53 2014 +0200
  	    }
  	}
  
+
+
+
+http://sourceware.org/ml/gdb-patches/2014-06/msg00550.html
+Subject: Re: ASAN crash regression  [Re: [PATCH 2/2] move the demangled_names_hash into the per-BFD]
+
+Jan> ./configure ... -fsanitize=address
+Jan> echo 'void f(){}main(){}'|gcc -x c++ - -g;ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolizer ./gdb -batch a.out -ex 'file a.out'
+
+Readily seen with valgrind as well.
+
+Here's my proposed fix.
+
+Tom
+
+commit 3a93a67ad0ea3495f67c9708673345b73de2d806
+Author: Tom Tromey <tromey at redhat.com>
+Date:   Mon Jun 16 03:17:19 2014 -0600
+
+    fix memory errors with demangled name hash
+    
+    This fixes a regression that Jan pointed out.
+    
+    The bug is that some names were allocated by dwarf2read on the objfile
+    obstack, but then passed to SYMBOL_SET_NAMES with copy_name=0.  This
+    violates the invariant that the names must have a lifetime tied to the
+    lifetime of the BFD.
+    
+    The fix is to allocate names on the per-BFD obstack.
+    
+    I looked at all callers, direct or indirect, of SYMBOL_SET_NAMES that
+    pass copy_name=0.  Note that only the ELF and DWARF readers do this;
+    other symbol readers were never updated (and perhaps cannot be,
+    depending on the details of the formats).  This is why the patch is
+    relatively small.
+    
+    Built and regtested on x86-64 Fedora 20.
+    
+    2014-06-16  Tom Tromey  <tromey at redhat.com>
+    
+    	* dwarf2read.c (fixup_go_packaging, dwarf2_compute_name)
+    	(dwarf2_physname, read_partial_die)
+    	(guess_partial_die_structure_name, fixup_partial_die)
+    	(guess_full_die_structure_name, anonymous_struct_prefix)
+    	(dwarf2_name): Use per-BFD obstack.
+
+### a/gdb/ChangeLog
+### b/gdb/ChangeLog
+## -1,5 +1,13 @@
+ 2014-06-16  Tom Tromey  <tromey at redhat.com>
+ 
++	* dwarf2read.c (fixup_go_packaging, dwarf2_compute_name)
++	(dwarf2_physname, read_partial_die)
++	(guess_partial_die_structure_name, fixup_partial_die)
++	(guess_full_die_structure_name, anonymous_struct_prefix)
++	(dwarf2_name): Use per-BFD obstack.
++
++2014-06-16  Tom Tromey  <tromey at redhat.com>
++
+ 	* minsyms.h (prim_record_minimal_symbol)
+ 	(prim_record_minimal_symbol_and_info): Update comments.
+ 
+--- a/gdb/dwarf2read.c
++++ b/gdb/dwarf2read.c
+@@ -7745,9 +7745,10 @@ fixup_go_packaging (struct dwarf2_cu *cu)
+   if (package_name != NULL)
+     {
+       struct objfile *objfile = cu->objfile;
+-      const char *saved_package_name = obstack_copy0 (&objfile->objfile_obstack,
+-						      package_name,
+-						      strlen (package_name));
++      const char *saved_package_name
++	= obstack_copy0 (&objfile->per_bfd->storage_obstack,
++			 package_name,
++			 strlen (package_name));
+       struct type *type = init_type (TYPE_CODE_MODULE, 0, 0,
+ 				     saved_package_name, objfile);
+       struct symbol *sym;
+@@ -8365,6 +8366,8 @@ dwarf2_compute_name (const char *name,
+ 	  long length;
+ 	  const char *prefix;
+ 	  struct ui_file *buf;
++	  char *intermediate_name;
++	  const char *canonical_name = NULL;
+ 
+ 	  prefix = determine_prefix (die, cu);
+ 	  buf = mem_fileopen ();
+@@ -8541,19 +8544,25 @@ dwarf2_compute_name (const char *name,
+ 		}
+ 	    }
+ 
+-	  name = ui_file_obsavestring (buf, &objfile->objfile_obstack,
+-				       &length);
++	  intermediate_name = ui_file_xstrdup (buf, &length);
+ 	  ui_file_delete (buf);
+ 
+ 	  if (cu->language == language_cplus)
+-	    {
+-	      const char *cname
+-		= dwarf2_canonicalize_name (name, cu,
+-					    &objfile->objfile_obstack);
++	    canonical_name
++	      = dwarf2_canonicalize_name (intermediate_name, cu,
++					  &objfile->per_bfd->storage_obstack);
++
++	  /* If we only computed INTERMEDIATE_NAME, or if
++	     INTERMEDIATE_NAME is already canonical, then we need to
++	     copy it to the appropriate obstack.  */
++	  if (canonical_name == NULL || canonical_name == intermediate_name)
++	    name = obstack_copy0 (&objfile->per_bfd->storage_obstack,
++				  intermediate_name,
++				  strlen (intermediate_name));
++	  else
++	    name = canonical_name;
+ 
+-	      if (cname != NULL)
+-		name = cname;
+-	    }
++	  xfree (intermediate_name);
+ 	}
+     }
+ 
+@@ -8562,7 +8571,7 @@ dwarf2_compute_name (const char *name,
+ 
+ /* Return the fully qualified name of DIE, based on its DW_AT_name.
+    If scope qualifiers are appropriate they will be added.  The result
+-   will be allocated on the objfile_obstack, or NULL if the DIE does
++   will be allocated on the storage_obstack, or NULL if the DIE does
+    not have a name.  NAME may either be from a previous call to
+    dwarf2_name or NULL.
+ 
+@@ -8677,7 +8686,8 @@ dwarf2_physname (const char *name, struct die_info *die, struct dwarf2_cu *cu)
+     retval = canon;
+ 
+   if (need_copy)
+-    retval = obstack_copy0 (&objfile->objfile_obstack, retval, strlen (retval));
++    retval = obstack_copy0 (&objfile->per_bfd->storage_obstack,
++			    retval, strlen (retval));
+ 
+   do_cleanups (back_to);
+   return retval;
+@@ -15508,7 +15518,7 @@ read_partial_die (const struct die_reader_specs *reader,
+ 	    default:
+ 	      part_die->name
+ 		= dwarf2_canonicalize_name (DW_STRING (&attr), cu,
+-					    &objfile->objfile_obstack);
++					    &objfile->per_bfd->storage_obstack);
+ 	      break;
+ 	    }
+ 	  break;
+@@ -15793,7 +15803,7 @@ guess_partial_die_structure_name (struct partial_die_info *struct_pdi,
+ 	  if (actual_class_name != NULL)
+ 	    {
+ 	      struct_pdi->name
+-		= obstack_copy0 (&cu->objfile->objfile_obstack,
++		= obstack_copy0 (&cu->objfile->per_bfd->storage_obstack,
+ 				 actual_class_name,
+ 				 strlen (actual_class_name));
+ 	      xfree (actual_class_name);
+@@ -15879,8 +15889,9 @@ fixup_partial_die (struct partial_die_info *part_die,
+ 	  else
+ 	    base = demangled;
+ 
+-	  part_die->name = obstack_copy0 (&cu->objfile->objfile_obstack,
+-					  base, strlen (base));
++	  part_die->name
++	    = obstack_copy0 (&cu->objfile->per_bfd->storage_obstack,
++			     base, strlen (base));
+ 	  xfree (demangled);
+ 	}
+     }
+@@ -18557,7 +18568,7 @@ guess_full_die_structure_name (struct die_info *die, struct dwarf2_cu *cu)
+ 			  && actual_name[actual_name_len
+ 					 - die_name_len - 1] == ':')
+ 			name =
+-			  obstack_copy0 (&cu->objfile->objfile_obstack,
++			  obstack_copy0 (&cu->objfile->per_bfd->storage_obstack,
+ 					 actual_name,
+ 					 actual_name_len - die_name_len - 2);
+ 		    }
+@@ -18603,7 +18614,7 @@ anonymous_struct_prefix (struct die_info *die, struct dwarf2_cu *cu)
+   if (base == NULL || base == DW_STRING (attr) || base[-1] != ':')
+     return "";
+ 
+-  return obstack_copy0 (&cu->objfile->objfile_obstack,
++  return obstack_copy0 (&cu->objfile->per_bfd->storage_obstack,
+ 			DW_STRING (attr), &base[-1] - DW_STRING (attr));
+ }
+ 
+@@ -18943,8 +18954,9 @@ dwarf2_name (struct die_info *die, struct dwarf2_cu *cu)
+ 	      char *base;
+ 
+ 	      /* FIXME: we already did this for the partial symbol... */
+-	      DW_STRING (attr) = obstack_copy0 (&cu->objfile->objfile_obstack,
+-						demangled, strlen (demangled));
++	      DW_STRING (attr)
++		= obstack_copy0 (&cu->objfile->per_bfd->storage_obstack,
++				 demangled, strlen (demangled));
+ 	      DW_STRING_IS_CANONICAL (attr) = 1;
+ 	      xfree (demangled);
+ 
+@@ -18967,7 +18979,7 @@ dwarf2_name (struct die_info *die, struct dwarf2_cu *cu)
+     {
+       DW_STRING (attr)
+ 	= dwarf2_canonicalize_name (DW_STRING (attr), cu,
+-				    &cu->objfile->objfile_obstack);
++				    &cu->objfile->per_bfd->storage_obstack);
+       DW_STRING_IS_CANONICAL (attr) = 1;
+     }
+   return DW_STRING (attr);
+
diff --git a/gdb.spec b/gdb.spec
index 0d871b4..d66f3ed 100644
--- a/gdb.spec
+++ b/gdb.spec
@@ -39,7 +39,7 @@ Version: 7.7.1
 
 # The release always contains a leading reserved number, start it at 1.
 # `upstream' is not a part of `name' to stay fully rpm dependencies compatible for the testing.
-Release: 14%{?dist}
+Release: 15%{?dist}
 
 License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ and GPLv2+ with exceptions and GPL+ and LGPLv2+ and BSD and Public Domain and GFDL
 Group: Development/Debuggers
@@ -1408,6 +1408,9 @@ fi
 %endif # 0%{!?el5:1} || "%{_target_cpu}" == "noarch"
 
 %changelog
+* Tue Jul  1 2014 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.7.1-15.fc21
+- Fix memory errors with demangled name hash (Tom Tromey).
+
 * Mon Jun 30 2014 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.7.1-14.fc21
 - Fix crash on optimized-out entry data values (BZ 1111910).

More information about the scm-commits mailing list