rpm/gdb
SHA256
1
0
Fork 0
forked from pool/gdb
Code Pull Requests Activity

- Maintenance script import-fedora.sh:

Browse Source 
* New script.  Move skipped patches list from gdb.spec to script.
- Update to fedora 38 @ 82cc8e0.
- Patch renamed:
  * pass-const-frame_info_ptr-reference-for-skip_-langua.patch ->
    gdb-rhbz2192105-ftbs-dangling-pointer
- Patches added:
  * gdb-bz2237392-dwarf-obstack-allocation.patch
  * gdb-bz2237515-debuginfod-double-free.patch
  * gdb-rhbz2160211-excessive-core-file-warnings.patch
  * gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch
  * gdb-rhbz2233961-CVE-2022-4806.patch
  * gdb-rhbz2233965-memory-leak.patch
- Maintenance script qa-local.sh:
  * Add openSUSE_Leap_15.5 and openSUSE_Factory_LegacyX86.
  * Add "List configs" item.
  * Skip i586 for SLE-11.
- Maintenance script qa.sh:
  * Make sure exit status is 0

OBS-URL: https://build.opensuse.org/package/show/devel:gcc/gdb?expand=0&rev=363
This commit is contained in:
Tom de Vries 2023-10-21 08:04:00 +00:00 committed by Git OBS Bridge
parent b8c338f1c4
commit 4d8ef504a2
12 changed files with 874 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
gdb-bz2237392-dwarf-obstack-allocation.patch Normal file
View File

@ -0,0 +1,68 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Andrew Burgess <aburgess@redhat.com>
Date: Thu, 14 Sep 2023 13:06:26 +0100
Subject: gdb-bz2237392-dwarf-obstack-allocation.patch
;; Backport upstream commit 54392c4df604f20 to fix an incorrect
;; obstack allocation that wold lead to memory corruption.
gdb: fix buffer overflow in DWARF reader
In this commit:
commit 48ac197b0c209ccf1f2de9704eb6cdf7c5c73a8e
Date: Fri Nov 19 10:12:44 2021 -0700
Handle multiple addresses in call_site_target
a buffer overflow bug was introduced when the following code was
added:
CORE_ADDR *saved = XOBNEWVAR (&objfile->objfile_obstack, CORE_ADDR,
addresses.size ());
std::copy (addresses.begin (), addresses.end (), saved);
The definition of XOBNEWVAR is (from libiberty.h):
#define XOBNEWVAR(O, T, S) ((T *) obstack_alloc ((O), (S)))
So 'saved' is going to point to addresses.size () bytes of memory,
however, the std::copy will write addresses.size () number of
CORE_ADDR sized entries to the address pointed to by 'saved', this is
going to result in memory corruption.
The mistake is that we should have used XOBNEWVEC, which allocates a
vector of entries, the definition of XOBNEWVEC is:
#define XOBNEWVEC(O, T, N) \
((T *) obstack_alloc ((O), sizeof (T) * (N)))
Which means we will have set aside enough space to create a copy of
the contents of the addresses vector.
I'm not sure how to create a test for this problem, this issue cropped
up when debugging a particular i686 built binary, which just happened
to trigger a glibc assertion (likely due to random memory corruption),
debugging the same binary built for x86-64 appeared to work just fine.
Using valgrind on the failing GDB binary pointed straight to the cause
of the problem, and with this patch in place there are no longer
valgrind errors in this area.
If anyone has ideas for a test I'm happy to work on something.
Co-Authored-By: Keith Seitz <keiths@redhat.com>
Approved-By: Tom Tromey <tom@tromey.com>
diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c
--- a/gdb/dwarf2/read.c
+++ b/gdb/dwarf2/read.c
@@ -12506,7 +12506,7 @@ read_call_site_scope (struct die_info *die, struct dwarf2_cu *cu)
std::vector<CORE_ADDR> addresses;
dwarf2_ranges_read_low_addrs (ranges_offset, target_cu,
target_die->tag, addresses);
- CORE_ADDR *saved = XOBNEWVAR (&objfile->objfile_obstack, CORE_ADDR,
+ CORE_ADDR *saved = XOBNEWVEC (&objfile->objfile_obstack, CORE_ADDR,
addresses.size ());
std::copy (addresses.begin (), addresses.end (), saved);
call_site->target.set_loc_array (addresses.size (), saved);

102
gdb-bz2237515-debuginfod-double-free.patch Normal file
View File

@ -0,0 +1,102 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Tom Tromey <tromey@adacore.com>
Date: Tue, 6 Dec 2022 12:07:12 -0700
Subject: gdb-bz2237515-debuginfod-double-free.patch
;; Backport upstream commit f96328accde1e63 to fix a potential double
;; free issue in the debuginfod code.
Avoid double-free with debuginfod
PR gdb/29257 points out a possible double free when debuginfod is in
use. Aside from some ugly warts in the symbol code (an ongoing
issue), the underlying issue in this particular case is that elfread.c
seems to assume that symfile_bfd_open will return NULL on error,
whereas in reality it throws an exception. As this code isn't
prepared for an exception, bad things result.
This patch fixes the problem by introducing a non-throwing variant of
symfile_bfd_open and using it in the affected places.
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=29257
diff --git a/gdb/elfread.c b/gdb/elfread.c
--- a/gdb/elfread.c
+++ b/gdb/elfread.c
@@ -1222,10 +1222,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
if (!debugfile.empty ())
{
- gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (debugfile.c_str ()));
+ gdb_bfd_ref_ptr debug_bfd
+ (symfile_bfd_open_no_error (debugfile.c_str ()));
- symbol_file_add_separate (debug_bfd, debugfile.c_str (),
- symfile_flags, objfile);
+ if (debug_bfd != nullptr)
+ symbol_file_add_separate (debug_bfd, debugfile.c_str (),
+ symfile_flags, objfile);
}
else
{
@@ -1245,13 +1247,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
if (fd.get () >= 0)
{
/* File successfully retrieved from server. */
- gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (symfile_path.get ()));
+ gdb_bfd_ref_ptr debug_bfd
+ (symfile_bfd_open_no_error (symfile_path.get ()));
- if (debug_bfd == nullptr)
- warning (_("File \"%s\" from debuginfod cannot be opened as bfd"),
- filename);
- else if (build_id_verify (debug_bfd.get (), build_id->size,
- build_id->data))
+ if (debug_bfd != nullptr
+ && build_id_verify (debug_bfd.get (), build_id->size,
+ build_id->data))
{
symbol_file_add_separate (debug_bfd, symfile_path.get (),
symfile_flags, objfile);
diff --git a/gdb/symfile.c b/gdb/symfile.c
--- a/gdb/symfile.c
+++ b/gdb/symfile.c
@@ -1744,6 +1744,23 @@ symfile_bfd_open (const char *name)
return sym_bfd;
}
+/* See symfile.h. */
+
+gdb_bfd_ref_ptr
+symfile_bfd_open_no_error (const char *name) noexcept
+{
+ try
+ {
+ return symfile_bfd_open (name);
+ }
+ catch (const gdb_exception_error &err)
+ {
+ warning ("%s", err.what ());
+ }
+
+ return nullptr;
+}
+
/* Return the section index for SECTION_NAME on OBJFILE. Return -1 if
the section was not found. */
diff --git a/gdb/symfile.h b/gdb/symfile.h
--- a/gdb/symfile.h
+++ b/gdb/symfile.h
@@ -269,6 +269,11 @@ extern void set_initial_language (void);
extern gdb_bfd_ref_ptr symfile_bfd_open (const char *);
+/* Like symfile_bfd_open, but will not throw an exception on error.
+ Instead, it issues a warning and returns nullptr. */
+
+extern gdb_bfd_ref_ptr symfile_bfd_open_no_error (const char *) noexcept;
+
extern int get_section_index (struct objfile *, const char *);
extern int print_symbol_loading_p (int from_tty, int mainline, int full);

108
gdb-rhbz2160211-excessive-core-file-warnings.patch Normal file
View File

@ -0,0 +1,108 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Kevin Buettner <kevinb@redhat.com>
Date: Thu, 29 Jun 2023 18:20:30 -0700
Subject: gdb-rhbz2160211-excessive-core-file-warnings.patch
;; Backport two commits, 0ad504dd464 and ea70f941f9b, from Lancelot SIX
;; which prevent repeated warnings from being printed while loading a
;; core file. (RH BZ 2160211)
gdb/corelow.c: avoid repeated warnings in build_file_mappings
When GDB opens a coredump it tries to locate and then open all files
which were mapped in the process.
If a file is found but cannot be opened with BFD (bfd_open /
bfd_check_format fails), then a warning is printed to the user. If the
same file was mapped multiple times in the process's address space, the
warning is printed once for each time the file was mapped. I find this
un-necessarily noisy.
This patch makes it so the warning message is printed only once per
file.
There was a comment in the code assuming that if the file was found on
the system, opening it (bfd_open + bfd_check_format) should always
succeed. A recent change in BFD (014a602b86f "Don't optimise bfd_seek
to same position") showed that this assumption is not valid. For
example, it is possible to have a core dump of a process which had
mmaped an IO page from a DRI render node (/dev/dri/runderD$NUM). In
such case the core dump does contain the information that portions of
this special file were mapped in the host process, but trying to seek to
position 0 will fail, making bfd_check_format fail. This patch removes
this comment.
Reviewed-By: John Baldwin <jhb@FreeBSD.org>
Approved-By: Andrew Burgess <aburgess@redhat.com>
gdb/corelow.c: do not try to reopen a file if open failed once
In the current implementation, core_target::build_file_mappings will try
to locate and open files which were mapped in the process for which the
core dump was produced. If the file cannot be found or cannot be
opened, GDB will re-try to open it once for each time it was mapped in
the process's address space.
This patch makes it so GDB recognizes that it has already failed to open
a given file once and does not re-try the process for each mapping.
Reviewed-By: John Baldwin <jhb@FreeBSD.org>
Approved-By: Andrew Burgess <aburgess@redhat.com>
diff --git a/gdb/corelow.c b/gdb/corelow.c
--- a/gdb/corelow.c
+++ b/gdb/corelow.c
@@ -237,6 +237,16 @@ core_target::build_file_mappings ()
weed out non-file-backed mappings. */
gdb_assert (filename != nullptr);
+ if (unavailable_paths.find (filename) != unavailable_paths.end ())
+ {
+ /* We have already seen some mapping for FILENAME but failed to
+ find/open the file. There is no point in trying the same
+ thing again so just record that the range [start, end) is
+ unavailable. */
+ m_core_unavailable_mappings.emplace_back (start, end - start);
+ return;
+ }
+
struct bfd *bfd = bfd_map[filename];
if (bfd == nullptr)
{
@@ -254,11 +264,10 @@ core_target::build_file_mappings ()
if (expanded_fname == nullptr)
{
m_core_unavailable_mappings.emplace_back (start, end - start);
- /* Print just one warning per path. */
- if (unavailable_paths.insert (filename).second)
- warning (_("Can't open file %s during file-backed mapping "
- "note processing"),
- filename);
+ unavailable_paths.insert (filename);
+ warning (_("Can't open file %s during file-backed mapping "
+ "note processing"),
+ filename);
return;
}
@@ -268,18 +277,11 @@ core_target::build_file_mappings ()
if (bfd == nullptr || !bfd_check_format (bfd, bfd_object))
{
m_core_unavailable_mappings.emplace_back (start, end - start);
- /* If we get here, there's a good chance that it's due to
- an internal error. We issue a warning instead of an
- internal error because of the possibility that the
- file was removed in between checking for its
- existence during the expansion in exec_file_find()
- and the calls to bfd_openr() / bfd_check_format().
- Output both the path from the core file note along
- with its expansion to make debugging this problem
- easier. */
+ unavailable_paths.insert (filename);
warning (_("Can't open file %s which was expanded to %s "
"during file-backed mapping note processing"),
filename, expanded_fname.get ());
+
if (bfd != nullptr)
bfd_close (bfd);
return;

29
pass-const-frame_info_ptr-reference-for-skip_-langua.patch → gdb-rhbz2192105-ftbs-dangling-pointer
View File

@ -1,12 +1,16 @@
From 406fd9f71067fce649343dfd609ca8e5e97b2164 Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Tue, 2 May 2023 20:23:32 +0200
Subject: [PATCH] Pass const frame_info_ptr reference for
skip_[language_]trampoline
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Kevin Buettner <kevinb@redhat.com>
Date: Wed, 3 May 2023 11:28:24 -0700
Subject: gdb-rhbz2192105-ftbs-dangling-pointer
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
;; Backport upstream patch fixing a "dangling pointer" build problem
;; first seen when building with GCC 13.1.1 20230426 (Red Hat ;; 13.1.1-1).
Pass const frame_info_ptr reference for skip_[language_]trampoline
g++ 13.1.1 produces a -Werror=dangling-pointer=
In file included from ../../binutils-gdb/gdb/frame.h:75,
@ -43,15 +47,8 @@ Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30413
Tested-by: Kevin Buettner <kevinb@redhat.com>
Reviewed-by: Kevin Buettner <kevinb@redhat.com>
Reviewed-by: Tom Tromey <tom@tromey.com>
---
gdb/c-lang.c | 2 +-
gdb/language.c | 2 +-
gdb/language.h | 4 ++--
gdb/objc-lang.c | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/gdb/c-lang.c b/gdb/c-lang.c
index 52010fa8cb1..a46343c837a 100644
--- a/gdb/c-lang.c
+++ b/gdb/c-lang.c
@@ -1003,7 +1003,7 @@ class cplus_language : public language_defn
@ -64,7 +61,6 @@ index 52010fa8cb1..a46343c837a 100644
{
return cplus_skip_trampoline (fi, pc);
diff --git a/gdb/language.c b/gdb/language.c
index 5037867b256..655d0794394 100644
--- a/gdb/language.c
+++ b/gdb/language.c
@@ -528,7 +528,7 @@ add_set_language_command ()
@ -77,7 +73,6 @@ index 5037867b256..655d0794394 100644
for (const auto &lang : language_defn::languages)
{
diff --git a/gdb/language.h b/gdb/language.h
index cf94923ecc1..88c3bc90efe 100644
--- a/gdb/language.h
+++ b/gdb/language.h
@@ -471,7 +471,7 @@ struct language_defn
@ -99,7 +94,6 @@ index cf94923ecc1..88c3bc90efe 100644
/* Return demangled language symbol, or NULL. */
extern gdb::unique_xmalloc_ptr<char> language_demangle
diff --git a/gdb/objc-lang.c b/gdb/objc-lang.c
index e17a4c406c0..5bcf1e4f3f0 100644
--- a/gdb/objc-lang.c
+++ b/gdb/objc-lang.c
@@ -282,7 +282,7 @@ class objc_language : public language_defn
@ -111,8 +105,3 @@ index e17a4c406c0..5bcf1e4f3f0 100644
CORE_ADDR stop_pc) const override
{
struct gdbarch *gdbarch = get_frame_arch (frame);
base-commit: 4b9342bc7f1d79b1453afd6c15e1a5cdefa92d9e
--
2.35.3

188
gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch Normal file
View File

@ -0,0 +1,188 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Andrew Burgess <aburgess@redhat.com>
Date: Tue, 20 Jun 2023 09:46:35 +0100
Subject: gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch
;; Backport upstream commit f3eee5861743d635 to fix a crash triggered
;; when debuginfod makes use of particular openssl settings.
gdb/debuginfod: cleanup debuginfod earlier
A GDB crash was discovered on Fedora GDB that was tracked back to an
issue with the way that debuginfod is cleaned up.
The bug was reported on Fedora 37, 38, and 39. Here are the steps to
reproduce:
1. The file /etc/ssl/openssl.cnf contains the following lines:
[provider_sect]
default = default_sect
##legacy = legacy_sect
##
[default_sect]
activate = 1
##[legacy_sect]
##activate = 1
The bug will occur when the '##' characters are removed so that the
lines in question look like this:
[provider_sect]
default = default_sect
legacy = legacy_sect
[default_sect]
activate = 1
[legacy_sect]
activate = 1
2. Clean up any existing debuginfod cache data:
> rm -rf $HOME/.cache/debuginfod_client
3. Run GDB:
> gdb -nx -q -iex 'set trace-commands on' \
-iex 'set debuginfod enabled on' \
-iex 'set confirm off' \
-ex 'start' -ex 'quit' /bin/ls
+set debuginfod enabled on
+set confirm off
Reading symbols from /bin/ls...
Downloading separate debug info for /usr/bin/ls
... snip ...
Temporary breakpoint 1, main (argc=1, argv=0x7fffffffde38) at ../src/ls.c:1646
1646 {
+quit
Fatal signal: Segmentation fault
----- Backtrace -----
... snip ...
So GDB ends up crashing during exit.
What's happening is that when debuginfod is initialised
debuginfod_begin is called (this is in the debuginfod library), this
in turn sets up libcurl, which makes use of openssl. Somewhere during
this setup process an at_exit function is registered to cleanup some
state.
Back in GDB the debuginfod_client object is managed using this code:
/* Deleter for a debuginfod_client. */
struct debuginfod_client_deleter
{
void operator() (debuginfod_client *c)
{
debuginfod_end (c);
}
};
using debuginfod_client_up
= std::unique_ptr<debuginfod_client, debuginfod_client_deleter>;
And then a global debuginfod_client_up is created to hold a pointer to
the debuginfod_client object. As a global this will be cleaned up
using the standard C++ global object destructor mechanism, which is
run after the at_exit handlers.
However, it is expected that when debuginfod_end is called the
debuginfod_client object will still be in a usable state, that is, we
don't expect the at_exit handlers to have run and started cleaning up
the library state.
To fix this issue we need to ensure that debuginfod_end is called
before the at_exit handlers have a chance to run.
This commit removes the debuginfod_client_up type, and instead has GDB
hold a raw pointer to the debuginfod_client object. We then make use
of GDB's make_final_cleanup to register a function that will call
debuginfod_end.
As GDB's final cleanups are called before exit is called, this means
that debuginfod_end will be called before the at_exit handlers are
called, and the crash identified above is resolved.
It's not obvious how this issue can easily be tested for. The bug does
not appear to manifest when using a local debuginfod server, so we'd
need to setup something more involved. For now I'm proposing this
patch without any associated tests.
diff --git a/gdb/debuginfod-support.c b/gdb/debuginfod-support.c
--- a/gdb/debuginfod-support.c
+++ b/gdb/debuginfod-support.c
@@ -96,20 +96,6 @@ struct user_data
ui_out::progress_update progress;
};
-/* Deleter for a debuginfod_client. */
-
-struct debuginfod_client_deleter
-{
- void operator() (debuginfod_client *c)
- {
- debuginfod_end (c);
- }
-};
-
-using debuginfod_client_up
- = std::unique_ptr<debuginfod_client, debuginfod_client_deleter>;
-
-
/* Convert SIZE into a unit suitable for use with progress updates.
SIZE should in given in bytes and will be converted into KB, MB, GB
or remain unchanged. UNIT will be set to "B", "KB", "MB" or "GB"
@@ -180,20 +166,45 @@ progressfn (debuginfod_client *c, long cur, long total)
return 0;
}
+/* Cleanup ARG, which is a debuginfod_client pointer. */
+
+static void
+cleanup_debuginfod_client (void *arg)
+{
+ debuginfod_client *client = static_cast<debuginfod_client *> (arg);
+ debuginfod_end (client);
+}
+
+/* Return a pointer to the single global debuginfod_client, initialising it
+ first if needed. */
+
static debuginfod_client *
get_debuginfod_client ()
{
- static debuginfod_client_up global_client;
+ static debuginfod_client *global_client = nullptr;
if (global_client == nullptr)
{
- global_client.reset (debuginfod_begin ());
+ global_client = debuginfod_begin ();
if (global_client != nullptr)
- debuginfod_set_progressfn (global_client.get (), progressfn);
+ {
+ /* It is important that we cleanup the debuginfod_client object
+ before calling exit. Some of the libraries used by debuginfod
+ make use of at_exit handlers to perform cleanup.
+
+ If we wrapped the debuginfod_client in a unique_ptr and relied
+ on its destructor to cleanup then this would be run as part of
+ the global C++ object destructors, which is after the at_exit
+ handlers, which is too late.
+
+ So instead, we make use of GDB's final cleanup mechanism. */
+ make_final_cleanup (cleanup_debuginfod_client, global_client);
+ debuginfod_set_progressfn (global_client, progressfn);
+ }
}
- return global_client.get ();
+ return global_client;
}
/* Check if debuginfod is enabled. If configured to do so, ask the user

50
gdb-rhbz2233961-CVE-2022-4806.patch Normal file
View File

@ -0,0 +1,50 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexandra=20H=C3=A1jkov=C3=A1?= <ahajkova@redhat.com>
Date: Thu, 21 Sep 2023 18:52:49 +0200
Subject: gdb-rhbz2233961-CVE-2022-4806.patch
;; Backport PR29922, SHT_NOBITS section
;; avoids section size sanity check.
PR29922, SHT_NOBITS section avoids section size sanity check
PR 29922
* dwarf2.c (find_debug_info): Ignore sections without
SEC_HAS_CONTENTS.
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
{
look = debug_sections[debug_info].uncompressed_name;
msec = bfd_get_section_by_name (abfd, look);
- if (msec != NULL)
+ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of
+ course debug sections always have contents. */
+ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
return msec;
look = debug_sections[debug_info].compressed_name;
msec = bfd_get_section_by_name (abfd, look);
- if (msec != NULL)
+ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
return msec;
for (msec = abfd->sections; msec != NULL; msec = msec->next)
- if (startswith (msec->name, GNU_LINKONCE_INFO))
+ if ((msec->flags & SEC_HAS_CONTENTS) != 0
+ && startswith (msec->name, GNU_LINKONCE_INFO))
return msec;
return NULL;
@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
for (msec = after_sec->next; msec != NULL; msec = msec->next)
{
+ if ((msec->flags & SEC_HAS_CONTENTS) == 0)
+ continue;
+
look = debug_sections[debug_info].uncompressed_name;
if (strcmp (msec->name, look) == 0)
return msec;

115
gdb-rhbz2233965-memory-leak.patch Normal file
View File

@ -0,0 +1,115 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexandra=20H=C3=A1jkov=C3=A1?= <ahajkova@redhat.com>
Date: Sat, 14 Oct 2023 12:37:50 +0200
Subject: gdb-rhbz2233965-memory-leak.patch
;; Backport PR29925, Memory leak in find_abstract_instance
PR29925, Memory leak in find_abstract_instance
The testcase in the PR had a variable with both DW_AT_decl_file and
DW_AT_specification, where the DW_AT_specification also specified
DW_AT_decl_file. This leads to a memory leak as the file name is
malloced and duplicates are not expected.
I've also changed find_abstract_instance to not use a temp for "name",
because that can result in a change in behaviour from the usual last
of duplicate attributes wins.
PR 29925
* dwarf2.c (find_abstract_instance): Delete "name" variable.
Free *filename_ptr before assigning new file name.
(scan_unit_for_symbols): Similarly free func->file and
var->file before assigning.
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -3441,7 +3441,6 @@ find_abstract_instance (struct comp_unit *unit,
struct abbrev_info *abbrev;
uint64_t die_ref = attr_ptr->u.val;
struct attribute attr;
- const char *name = NULL;
if (recur_count == 100)
{
@@ -3602,9 +3601,9 @@ find_abstract_instance (struct comp_unit *unit,
case DW_AT_name:
/* Prefer DW_AT_MIPS_linkage_name or DW_AT_linkage_name
over DW_AT_name. */
- if (name == NULL && is_str_form (&attr))
+ if (*pname == NULL && is_str_form (&attr))
{
- name = attr.u.str;
+ *pname = attr.u.str;
if (mangle_style (unit->lang) == 0)
*is_linkage = true;
}
@@ -3612,7 +3611,7 @@ find_abstract_instance (struct comp_unit *unit,
case DW_AT_specification:
if (is_int_form (&attr)
&& !find_abstract_instance (unit, &attr, recur_count + 1,
- &name, is_linkage,
+ pname, is_linkage,
filename_ptr, linenumber_ptr))
return false;
break;
@@ -3622,7 +3621,7 @@ find_abstract_instance (struct comp_unit *unit,
non-string forms into these attributes. */
if (is_str_form (&attr))
{
- name = attr.u.str;
+ *pname = attr.u.str;
*is_linkage = true;
}
break;
@@ -3630,8 +3629,11 @@ find_abstract_instance (struct comp_unit *unit,
if (!comp_unit_maybe_decode_line_info (unit))
return false;
if (is_int_form (&attr))
- *filename_ptr = concat_filename (unit->line_table,
- attr.u.val);
+ {
+ free (*filename_ptr);
+ *filename_ptr = concat_filename (unit->line_table,
+ attr.u.val);
+ }
break;
case DW_AT_decl_line:
if (is_int_form (&attr))
@@ -3643,7 +3645,6 @@ find_abstract_instance (struct comp_unit *unit,
}
}
}
- *pname = name;
return true;
}
@@ -4139,8 +4140,11 @@ scan_unit_for_symbols (struct comp_unit *unit)
case DW_AT_decl_file:
if (is_int_form (&attr))
- func->file = concat_filename (unit->line_table,
- attr.u.val);
+ {
+ free (func->file);
+ func->file = concat_filename (unit->line_table,
+ attr.u.val);
+ }
break;
case DW_AT_decl_line:
@@ -4182,8 +4186,11 @@ scan_unit_for_symbols (struct comp_unit *unit)
case DW_AT_decl_file:
if (is_int_form (&attr))
- var->file = concat_filename (unit->line_table,
- attr.u.val);
+ {
+ free (var->file);
+ var->file = concat_filename (unit->line_table,
+ attr.u.val);
+ }
break;
case DW_AT_decl_line:

23
gdb.changes
View File

@ -1,3 +1,26 @@
-------------------------------------------------------------------
Fri Oct 20 10:43:32 UTC 2023 - Tom de Vries <tdevries@suse.com>
- Maintenance script import-fedora.sh:
* New script. Move skipped patches list from gdb.spec to script.
- Update to fedora 38 @ 82cc8e0.
- Patch renamed:
* pass-const-frame_info_ptr-reference-for-skip_-langua.patch ->
gdb-rhbz2192105-ftbs-dangling-pointer
- Patches added:
* gdb-bz2237392-dwarf-obstack-allocation.patch
* gdb-bz2237515-debuginfod-double-free.patch
* gdb-rhbz2160211-excessive-core-file-warnings.patch
* gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch
* gdb-rhbz2233961-CVE-2022-4806.patch
* gdb-rhbz2233965-memory-leak.patch
- Maintenance script qa-local.sh:
* Add openSUSE_Leap_15.5 and openSUSE_Factory_LegacyX86.
* Add "List configs" item.
* Skip i586 for SLE-11.
- Maintenance script qa.sh:
* Make sure exit status is 0
-------------------------------------------------------------------
Wed Sep 27 09:22:47 UTC 2023 - Tom de Vries <tdevries@suse.com>

48
gdb.spec
View File

@ -165,7 +165,7 @@ NoSource: 18
NoSource: 19
%endif
# Fedora import from branch f38, commit fc4e284.
# Fedora import from branch f38, commit 82cc8e0.
#Fedora Packages begin
Patch2: gdb-6.3-gstack-20050411.patch
@ -214,37 +214,16 @@ Patch54: gdb-opcodes-clflushopt-test.patch
Patch55: gdb-rhbz1261564-aarch64-hw-watchpoint-test.patch
Patch57: gdb-linux_perf-bundle.patch
Patch59: gdb-rhbz1553104-s390x-arch12-test.patch
Patch62: gdb-binutils29988-read_indexed_address.patch
Patch60: gdb-binutils29988-read_indexed_address.patch
Patch61: gdb-rhbz2192105-ftbs-dangling-pointer
Patch62: gdb-rhbz2160211-excessive-core-file-warnings.patch
Patch63: gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch
Patch64: gdb-bz2237515-debuginfod-double-free.patch
Patch65: gdb-bz2237392-dwarf-obstack-allocation.patch
Patch66: gdb-rhbz2233961-CVE-2022-4806.patch
Patch67: gdb-rhbz2233965-memory-leak.patch
#Fedora Packages end
# Fedora Packages not copied:
#
# Not applicable for openSUSE:
# - gdb-libexec-add-index.patch
# - gdb-6.3-rh-testversion-20041202.patch
# - gdb-6.6-buildid-locate-misleading-warning-missing-debuginfo-rhbz981154.patch
# - gdb-6.8-bz466901-backtrace-full-prelinked.patch
# - gdb-container-rh-pkg.patch
#
# Broken:
# - gdb-6.5-BEA-testsuite.patch
# over-specific test-case in a shell script
# - gdb-6.5-readline-long-line-crash-test.patch
# Hangs for horizontal-scroll-mode on, times out after 10 minutes.
# - gdb-rhbz1156192-recursive-dlopen-test.patch
# Fragile test-case, requires glibc to fail in a certain way.
#
# Obsolete:
# - gdb-6.7-charsign-test.patch (dropped by fedora)
# - gdb-6.7-ppc-clobbered-registers-O2-test.patch
# - gdb-test-ivy-bridge.patch (dropped by fedora)
# - gdb-ppc-power7-test.patch (dropped by fedora)
# - gdb-6.3-bz140532-ppc-unwinding-test.patch (dropped by fedora)
#
# Dropped:
# - gdb-rhbz2177655-aarch64-pauth-valid-regcache.patch (included in 13.2)
# - gdb-rhbz2183595-rustc-inside_main.patch (included in 13.2)
# Fedora patches fixup
# These need a number with at least four digits, otherwise patchlist.pl removes
# them when upgrading.
@ -335,7 +314,6 @@ Patch2093: powerpc-fix-for-gdb.reverse-finish-precsave.exp-and-.patch
Patch2094: powerpc-regression-fix-for-reverse-finish-command.patch
Patch2095: gdb-testsuite-don-t-use-string-cat-in-gdb.dwarf2-dw2.patch
Patch2096: move-step_until-procedure.patch
Patch2097: pass-const-frame_info_ptr-reference-for-skip_-langua.patch
# Backports from master, not yet available in next release.
@ -696,7 +674,14 @@ find -name "*.info*"|xargs rm -f
%patch55 -p1
%patch57 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
%patch62 -p1
%patch63 -p1
%patch64 -p1
%patch65 -p1
%patch66 -p1
%patch67 -p1
#Fedora patching end
%patch1000 -p1
@ -754,7 +739,6 @@ find -name "*.info*"|xargs rm -f
%patch2094 -p1
%patch2095 -p1
%patch2096 -p1
%patch2097 -p1
%patch2100 -p1
%patch2101 -p1

155
import-fedora.sh Normal file
View File

@ -0,0 +1,155 @@
#!/bin/bash
# Fedora Packages not copied:
#
skip_patches=(
# Not applicable for openSUSE.
gdb-add-index.patch
gdb-6.3-rh-testversion-20041202.patch
gdb-6.6-buildid-locate-misleading-warning-missing-debuginfo-rhbz981154.patch
gdb-6.8-bz466901-backtrace-full-prelinked.patch
gdb-container-rh-pkg.patch
# Broken.
# Over-specific test-case in a shell script.
gdb-6.5-BEA-testsuite.patch
# Hangs for horizontal-scroll-mode on, times out after 10 minutes.
gdb-6.5-readline-long-line-crash-test.patch
# Fragile test-case, requires glibc to fail in a certain way.
gdb-rhbz1156192-recursive-dlopen-test.patch
# Obsolete (dropped by fedora).
gdb-6.7-charsign-test.patch
gdb-test-ivy-bridge.patch
gdb-ppc-power7-test.patch
gdb-6.3-bz140532-ppc-unwinding-test.patch
# Obsolete.
gdb-6.7-charsign-test.patch
gdb-6.7-ppc-clobbered-registers-O2-test.patch
)
usage ()
{
echo "usage: $(basename "$0") <fedora package dir> "
}
dir="$1"
if [ ! -f "$dir"/_patch_order ]; then
usage
exit 1
fi
mark1="^#Fedora Packages begin"
mark2="^#Fedora Packages end"
mark3="^#Fedora patching start"
mark4="^#Fedora patching end"
remove_current_patches ()
{
# shellcheck disable=SC2207
current_patches=($(awk "/$mark1/,/$mark2/{ print }" gdb.spec \
| grep Patch \
| awk '{print $2}'))
for current_patch in "${current_patches[@]}"; do
rm -f "$current_patch"
done
}
skip ()
{
local p
p="$1"
for skip_patch in "${skip_patches[@]}"; do
if [ "$p" = "$skip_patch" ]; then
return 0
fi
done
return 1
}
import_patches ()
{
# Get the parts of gdb.spec that we want to keep unchanged.
awk "NR==1,/$mark1/" gdb.spec \
> gdb.spec.1
awk "/$mark2/,/$mark3/" gdb.spec \
> gdb.spec.3
awk "/$mark4/,0" gdb.spec \
> gdb.spec.5
# Start generating the parts of gdb.spec that we want to change.
f1=gdb.spec.2
f2=gdb.spec.4
rm -f $f1 $f2
# Handle each fedora patch.
skipped_patches=()
n=1
# shellcheck disable=SC2013
for p in $(cat "$dir"/_patch_order); do
if skip "$p"; then
echo "Skipped: $p"
skipped_patches=("${skipped_patches[@]}" "$p")
# Keep numbers the same as in fedora package.
n=$((n + 1))
continue
fi
cp "$dir"/"$p" .
printf \
"%-16s%s\n" "Patch$n:" "$p" \
>> $f1
echo \
"%patch$n -p1" \
>> $f2
n=$((n + 1))
done
# Report which patches did not get skipped.
for skip_patch in "${skip_patches[@]}"; do
found=false
for skipped_patch in "${skipped_patches[@]}"; do
if [ "$skip_patch" = "$skipped_patch" ]; then
found=true
break
fi
done
if ! $found; then
echo "Not skipped: $skip_patch"
fi
done
# Assemble new gdb.spec.
rm -f gdb.spec.new
for n in $(seq 1 5); do
cat gdb.spec."$n" \
>> gdb.spec.new
done
# Cleanup.
for n in $(seq 1 5); do
rm -f gdb.spec."$n"
done
# Update gdb.spec.
mv gdb.spec.new gdb.spec
}
main ()
{
remove_current_patches
import_patches
}
main "$@"

48
qa-local.sh
View File

@ -9,23 +9,28 @@ logs=$root/logs
pkgs=$root/pkgs
configs="
openSUSE_Leap_15.5
openSUSE_Leap_15.4
openSUSE_Leap_15.3
openSUSE_Factory
openSUSE_Factory_LegacyX86
SLE-15
SLE-12
SLE-11
"
archs="x86_64 i586"
version=13.2
usage ()
{
echo "usage: $0 <1-4>"
echo "1: Cleanup"
echo "2: Do local builds without testsuite"
echo "3: Do local builds with testsuite"
echo "4: Verify local testsuite results"
echo "2: List configs"
echo "3: Do local builds without testsuite"
echo "4: Do local builds with testsuite"
echo "5: Verify local testsuite results"
}
if [ $# -eq 0 ]; then
@ -71,16 +76,28 @@ acquire_sudo_rights ()
done &
}
archs="x86_64 i586"
have_combo ()
{
arch="$1"
c="$2"
if [ "$arch" = "i586" ]; then
case $c in
SLE-12|SLE-15)
case " $c " in
" openSUSE_Factory ")
# Doesn't have i586.
return 1
;;
" SLE-11 "|" SLE-12 "|" SLE-15 ")
# SLE-12 and SLE-15 don't have i586. SLE-11 does, but
# we ignore that for now.
return 1
;;
esac
fi
if [ "$arch" = "x86_64" ]; then
case " $c " in
" openSUSE_Factory_LegacyX86 ")
# Doesn't have x86_64.
return 1
;;
esac
@ -94,6 +111,17 @@ case "$n" in
;;
2)
for arch in $archs; do
for c in $configs; do
if ! have_combo $arch $c; then
continue
fi
echo "$c $arch"
done
done
;;
3)
acquire_sudo_rights
rm -Rf $logs/$n
@ -127,7 +155,7 @@ case "$n" in
done
;;
3)
4)
acquire_sudo_rights
rm -Rf $logs/$n
@ -186,7 +214,7 @@ case "$n" in
done
;;
4)
5)
for arch in $archs; do
for c in $configs; do
if ! have_combo $arch $c; then
@ -194,7 +222,7 @@ case "$n" in
fi
echo "CONFIG: $c $arch"
case $c in
openSUSE_Factory)
openSUSE_Factory|openSUSE_Factory_LegacyX86)
bash qa.sh -local -$arch -factory $pkgs/gdb-testresults.$c.$arch
;;
SLE-12)

2
qa.sh
View File

@ -1040,3 +1040,5 @@ case $n in
exit 1
;;
esac
true