On 04/01/2016 03:39 PM, Marcel Böhme wrote:
Hi Bernd,
Thanks for the feedback!
Patches need to be bootstrapped and regression tested, and patch
submissions should include which target this was done on.
Ideally you'd also want to include testcases along with your
patches, although I'm not entirely sure how we can arrange for this
type of problem to be tested.
Regression tested on x86_64-pc-linux-gnu (make check). Test cases
added to libiberty/testsuite/demangler-expected and checked PR70498
is resolved. Not sure how to bootstrap the patch.
You configure gcc normally and build it - that should automatically
bootstrap, unless you're cross-compiling. You'll have stage1-* and
stage2-* directories at the end if that worked. You should then run the
testsuite on the bootstrapped compiler.
Lastly, for this specific patch, I have trouble seeing how it fixes
anything. I'd need a more detailed explanation of how the problem
happens in the first place.
In the patched version, the values wrap around when they are parsed
in d_number. Since the mangled string may contain negative numbers,
there is usually proper handling of negative numbers in the clients
of d_number. Without the patch a value can become negative when cast
from long to int *after* these checks.
For instance, in d_source_name the length of the identifier is parsed
as long from the mangled string and checked whether it is negative.
Since d_identifier takes an int as length, d_identifier is called
with a negative length after the implicit cast:
Ok, I think I see it. Guess I'll queue this up and commit it for you in
the next few days.
Bernd
