This is the mail archive of the gdb-prs@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug gdb/9885] field for register names too narrow

From: "larue at cadence dot com" <sourceware-bugzilla at sourceware dot org>
To: gdb-prs at sourceware dot org
Date: Mon, 01 Dec 2014 21:07:04 +0000
Subject: [Bug gdb/9885] field for register names too narrow
Auto-submitted: auto-generated
References: <bug-9885-4717 at http dot sourceware dot org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=9885

--- Comment #1 from larue at cadence dot com ---
I have recently encountered this problem, and found it is much more severe than
indicated in this bug report.  If a register name is > 15 characters then a
negative value is passed to n_spaces().  This causes garbage to be printed, and
occasional crashes of gdb.

This problem still exists in gdb-7.8.1.

The function default_print_one_register_info() calls:
print_spaces_filtered (15 - strlen (name), file);

if the register length is greater than 15, then print_spaces_filtered is called
with a negative value.

The following is a snippet of code from gdb/utils.c.  Notice that if n < 0,
then n_spaces returns pointer to potentially unallocated data in the heap.
This sometimes causes a crash in gdb, and garbage is printed in other cases.

char *
n_spaces (int n)
{
  char *t;
  static char *spaces = 0;
  static int max_spaces = -1;

  if (n > max_spaces)
    {
      if (spaces)
        xfree (spaces);
      spaces = (char *) xmalloc (n + 1);
      for (t = spaces + n; t != spaces;)
        *--t = ' ';
      spaces[n] = '\0';
      max_spaces = n;
    }

  return spaces + max_spaces - n;
}

void
print_spaces_filtered (int n, struct ui_file *stream)
{
  fputs_filtered (n_spaces (n), stream);
}


Ideally, gdb should be able to nicely print with arbitrary length register
names, but at a minimum the crash and garbage output should be fixed. A simple
way to do this is to put this check in n_spaces()

char *
n_spaces (int n)
{
  char *t;
  static char *spaces = 0;
  static int max_spaces = -1;

  if (n > max_spaces)
    {
      if (spaces)
        xfree (spaces);
      spaces = (char *) xmalloc (n + 1);
      for (t = spaces + n; t != spaces;)
        *--t = ' ';
      spaces[n] = '\0';
      max_spaces = n;
    }

  return spaces + max_spaces - n;
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]