Message ID | 7B48D309-445E-4141-A87A-1F3D5FA70EFD@comcast.net |
---|---|
State | New, archived |
Headers |
Received: (qmail 75074 invoked by alias); 9 Oct 2018 17:19:52 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: <gdb-patches.sourceware.org> List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org> List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org> List-Archive: <http://sourceware.org/ml/gdb-patches/> List-Post: <mailto:gdb-patches@sourceware.org> List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs> Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 74965 invoked by uid 89); 9 Oct 2018 17:19:51 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-25.3 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.2 spammy= X-HELO: resqmta-po-07v.sys.comcast.net Received: from resqmta-po-07v.sys.comcast.net (HELO resqmta-po-07v.sys.comcast.net) (96.114.154.166) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 09 Oct 2018 17:19:50 +0000 Received: from resomta-po-09v.sys.comcast.net ([96.114.154.233]) by resqmta-po-07v.sys.comcast.net with ESMTP id 9uqugQXIfuIH39vfggsdO4; Tue, 09 Oct 2018 17:19:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20161114; t=1539105588; bh=pTKt2zOLy5+wiLZpsH/EH5OiFe0e06UXqLOj89lXh+c=; h=Received:Received:From:Content-Type:Mime-Version:Subject: Message-Id:Date:To; b=oqmplTS64XPqwbM+0GPtZTv7wULJ2moOdxw9h5cLssoegrtKh30kmTSEs5ZPn8h7Q 5LtEc+srpDbWrbCXcKqb7oR6AbQrMdWwNIFdO7jjGWCNLxMdobp3aRiUHaFX7VQug5 dH2wQVA6dY850OIqGCGDeGVhG8wnHvA2lYwc7jN3lb26SzSutjEiHnWmTXR0b7iXye SqcDJQS3LOIn0W/j9XIgKJ+37JQCFwYC6mXYlBRsSR7aKdCdnEZy7BMdyGQC5XcRnO m8EgW7cb97MFtv4ch7qlUUywaKLYV/U5LXbNsMdWRtL7iXgO39En0JbxnF0o2OHCVc haRyeviASjvkA== Received: from [192.168.10.125] ([73.60.223.101]) by resomta-po-09v.sys.comcast.net with ESMTPSA id 9vffg6Q3i1Xid9vfggPB2i; Tue, 09 Oct 2018 17:19:48 +0000 From: Paul Koning <paulkoning@comcast.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: [PATCH][gdb] fix unsigned overflow in charset.c Message-Id: <7B48D309-445E-4141-A87A-1F3D5FA70EFD@comcast.net> Date: Tue, 9 Oct 2018 13:19:46 -0400 To: gdb-patches@sourceware.org |
Commit Message
Paul Koning
Oct. 9, 2018, 5:19 p.m. UTC
This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. Ok for trunk? paul gdb/ChangeLog: 2018-10-09 Paul Koning <paul_koning@dell.com> * charset.c (convert_between_encodings): Fix unsigned overflow.
Comments
On 10/09/2018 06:19 PM, Paul Koning wrote: > This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. _unsigned_ overflow? That isn't undefined. Do we really want to trap those? I don't think GCC's version does that. From: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#silencing-unsigned-integer-overflow seems like there's a way to disable it. Thanks, Pedro Alves > > Ok for trunk? > > paul > > gdb/ChangeLog: > > 2018-10-09 Paul Koning <paul_koning@dell.com> > > * charset.c (convert_between_encodings): Fix unsigned overflow. > > diff --git a/gdb/charset.c b/gdb/charset.c > index 8bb2b4d669..64757ab279 100644 > --- a/gdb/charset.c > +++ b/gdb/charset.c > @@ -548,7 +548,7 @@ convert_between_encodings (const char *from, const char *to, > > /* Now make sure that the object on the obstack only includes > bytes we have converted. */ > - obstack_blank_fast (output, -outleft); > + obstack_blank_fast (output, -(ssize_t) outleft); > > if (r == (size_t) -1) > { >
> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: > > On 10/09/2018 06:19 PM, Paul Koning wrote: >> This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. > > _unsigned_ overflow? That isn't undefined. Do we really want to trap > those? I don't think GCC's version does that. > > From: > https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#silencing-unsigned-integer-overflow > seems like there's a way to disable it. > > Thanks, > Pedro Alves You're right, it was an LLVM build. I know unsigned overflow is well defined with integers; is that true for pointers? Given that GDB triggers this issue, should the GDB build do that LLVM workaround if LLVM is used to build it? But it seems simpler to use the proposed patch; clearly the intent is to back up a pointer by -(space_left) and doing that operation on a signed type seems like a logical thing to do, it makes the intended meaning clear. paul
On 10/9/18 10:40 AM, Paul Koning wrote: > > >> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >> >> On 10/09/2018 06:19 PM, Paul Koning wrote: >>> This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. >> >> _unsigned_ overflow? That isn't undefined. Do we really want to trap >> those? I don't think GCC's version does that. >> >> From: >> https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#silencing-unsigned-integer-overflow >> seems like there's a way to disable it. >> >> Thanks, >> Pedro Alves > > You're right, it was an LLVM build. I know unsigned overflow is well defined with integers; is that true for pointers? > > Given that GDB triggers this issue, should the GDB build do that LLVM workaround if LLVM is used to build it? > > But it seems simpler to use the proposed patch; clearly the intent is to back up a pointer by -(space_left) and doing that operation on a signed type seems like a logical thing to do, it makes the intended meaning clear. I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) rather than fixing various consumers of the API. That would be a change to libiberty though, not just gdb.
> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: > > On 10/9/18 10:40 AM, Paul Koning wrote: >> >> >>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>> >>> On 10/09/2018 06:19 PM, Paul Koning wrote: >>>> This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. >>> >>> _unsigned_ overflow? That isn't undefined. Do we really want to trap >>> those? I don't think GCC's version does that. >>> >>> From: >>> https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#silencing-unsigned-integer-overflow >>> seems like there's a way to disable it. >>> >>> Thanks, >>> Pedro Alves >> >> You're right, it was an LLVM build. I know unsigned overflow is well defined with integers; is that true for pointers? >> >> Given that GDB triggers this issue, should the GDB build do that LLVM workaround if LLVM is used to build it? >> >> But it seems simpler to use the proposed patch; clearly the intent is to back up a pointer by -(space_left) and doing that operation on a signed type seems like a logical thing to do, it makes the intended meaning clear. > > I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different > use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead > want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) > rather than fixing various consumers of the API. That would be a change to > libiberty though, not just gdb. I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? paul
On 10/9/18 11:10 AM, Paul Koning wrote: > > >> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: >> >> On 10/9/18 10:40 AM, Paul Koning wrote: >>> >>> >>>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>>> >>>> On 10/09/2018 06:19 PM, Paul Koning wrote: >>>>> This fixed an overflow in pointer arithmetic that crashes GDB on Mac OS. >>>> >>>> _unsigned_ overflow? That isn't undefined. Do we really want to trap >>>> those? I don't think GCC's version does that. >>>> >>>> From: >>>> https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#silencing-unsigned-integer-overflow >>>> seems like there's a way to disable it. >>>> >>>> Thanks, >>>> Pedro Alves >>> >>> You're right, it was an LLVM build. I know unsigned overflow is well defined with integers; is that true for pointers? >>> >>> Given that GDB triggers this issue, should the GDB build do that LLVM workaround if LLVM is used to build it? >>> >>> But it seems simpler to use the proposed patch; clearly the intent is to back up a pointer by -(space_left) and doing that operation on a signed type seems like a logical thing to do, it makes the intended meaning clear. >> >> I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different >> use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead >> want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) >> rather than fixing various consumers of the API. That would be a change to >> libiberty though, not just gdb. > > I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? So if obstack_blank_fast() were an inline function instead of a macro, I suspect it's second argument would be of type ptrdiff_t in which case the equivalent "hidden" cast would happen at the function call. That said, the obstack_blank() macro uses _OBSTACK_SIZE_T (which is an unsigned size_t) when it declares a local variable to pass as the offset, so it seems obstack really is relying on unsigned wrap around.
On 10/09/2018 08:58 PM, John Baldwin wrote: > On 10/9/18 11:10 AM, Paul Koning wrote: >> >> >>> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: >>> >>> On 10/9/18 10:40 AM, Paul Koning wrote: >>>> >>>> >>>>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>>>> >>> I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different >>> use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead >>> want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) >>> rather than fixing various consumers of the API. That would be a change to >>> libiberty though, not just gdb. >> >> I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? > > So if obstack_blank_fast() were an inline function instead of a macro, I > suspect it's second argument would be of type ptrdiff_t in which case the > equivalent "hidden" cast would happen at the function call. That said, > the obstack_blank() macro uses _OBSTACK_SIZE_T (which is an unsigned size_t) > when it declares a local variable to pass as the offset, so it seems obstack > really is relying on unsigned wrap around. The function is documented to take an int, at least: void obstack_blank_fast (struct obstack *obstack-ptr, int size) https://www.gnu.org/software/libc/manual/html_node/Summary-of-Obstacks.html Looks like some of the "int"-ness was lost with the obstack v2 changes a while ago, to support larger (64-bit) objects. If I diff my system's obstack.h with libiberty's local copy, I see: (This is Fedora 27, a little outdated wrt to glibc in use by now. Upstream glibc's obstack.h is in sync with liberty's IIRC.) $ diff -upw /usr/include/obstack.h obstack.h | less -#ifdef __PTRDIFF_TYPE__ -# define PTR_INT_TYPE __PTRDIFF_TYPE__ +#if _OBSTACK_INTERFACE_VERSION == 1 +/* For binary compatibility with obstack version 1, which used "int" + and "long" for these two types. */ +# define _OBSTACK_SIZE_T unsigned int +# define _CHUNK_SIZE_T unsigned long +# define _OBSTACK_CAST(type, expr) ((type) (expr)) #else -# include <stddef.h> -# define PTR_INT_TYPE ptrdiff_t +/* Version 2 with sane types, especially for 64-bit hosts. */ +# define _OBSTACK_SIZE_T size_t +# define _CHUNK_SIZE_T size_t +# define _OBSTACK_CAST(type, expr) (expr) #endif and @@ -359,11 +375,10 @@ extern int obstack_exit_failure; # define obstack_blank(OBSTACK, length) \ __extension__ \ ({ struct obstack *__o = (OBSTACK); \ - int __len = (length); \ - if (__o->chunk_limit - __o->next_free < __len) \ + _OBSTACK_SIZE_T __len = (length); \ + if (obstack_room (__o) < __len) \ _obstack_newchunk (__o, __len); \ - obstack_blank_fast (__o, __len); \ - (void) 0; }) + obstack_blank_fast (__o, __len); }) Note how above we used to have "int __len = (length);" But that's obstack_blank, not obstack_blank_fast. The latter never had a cast. Not sure what's best to do, but I think I leaning toward agreeing with Paul, in that passing down a signed negative integer rather than passing down a large unsigned integer expecting it to cast to a negative integer ends up being a little better. Thanks, Pedro Alves
On 10/10/18 1:50 AM, Pedro Alves wrote: > On 10/09/2018 08:58 PM, John Baldwin wrote: >> On 10/9/18 11:10 AM, Paul Koning wrote: >>> >>> >>>> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: >>>> >>>> On 10/9/18 10:40 AM, Paul Koning wrote: >>>>> >>>>> >>>>>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>>>>> > >>>> I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different >>>> use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead >>>> want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) >>>> rather than fixing various consumers of the API. That would be a change to >>>> libiberty though, not just gdb. >>> >>> I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? >> >> So if obstack_blank_fast() were an inline function instead of a macro, I >> suspect it's second argument would be of type ptrdiff_t in which case the >> equivalent "hidden" cast would happen at the function call. That said, >> the obstack_blank() macro uses _OBSTACK_SIZE_T (which is an unsigned size_t) >> when it declares a local variable to pass as the offset, so it seems obstack >> really is relying on unsigned wrap around. > > The function is documented to take an int, at least: > > void obstack_blank_fast (struct obstack *obstack-ptr, int size) > > https://www.gnu.org/software/libc/manual/html_node/Summary-of-Obstacks.html > > Not sure what's best to do, but I think I leaning toward > agreeing with Paul, in that passing down a signed negative > integer rather than passing down a large unsigned integer > expecting it to cast to a negative integer ends up > being a little better. Ok. Do you have a preference on the type to use (ssize_t vs ptrdiff_t vs something else)? Paul's original patch used ssize_t. I'll probably patch the one case I found in minsyms.c to match whatever we use here.
On 10/11/2018 09:15 PM, John Baldwin wrote: > On 10/10/18 1:50 AM, Pedro Alves wrote: >> On 10/09/2018 08:58 PM, John Baldwin wrote: >>> On 10/9/18 11:10 AM, Paul Koning wrote: >>>> >>>> >>>>> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: >>>>> >>>>> On 10/9/18 10:40 AM, Paul Koning wrote: >>>>>> >>>>>> >>>>>>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>>>>>> >> >>>>> I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different >>>>> use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead >>>>> want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) >>>>> rather than fixing various consumers of the API. That would be a change to >>>>> libiberty though, not just gdb. >>>> >>>> I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? >>> >>> So if obstack_blank_fast() were an inline function instead of a macro, I >>> suspect it's second argument would be of type ptrdiff_t in which case the >>> equivalent "hidden" cast would happen at the function call. That said, >>> the obstack_blank() macro uses _OBSTACK_SIZE_T (which is an unsigned size_t) >>> when it declares a local variable to pass as the offset, so it seems obstack >>> really is relying on unsigned wrap around. >> >> The function is documented to take an int, at least: >> >> void obstack_blank_fast (struct obstack *obstack-ptr, int size) >> >> https://www.gnu.org/software/libc/manual/html_node/Summary-of-Obstacks.html >> >> Not sure what's best to do, but I think I leaning toward >> agreeing with Paul, in that passing down a signed negative >> integer rather than passing down a large unsigned integer >> expecting it to cast to a negative integer ends up >> being a little better. > > Ok. Do you have a preference on the type to use (ssize_t vs ptrdiff_t vs > something else)? Paul's original patch used ssize_t. I'll probably patch > the one case I found in minsyms.c to match whatever we use here. I don't really have much of a preference. In practice, it probably doesn't make much of a difference nowadays. Likely ssize_t and ptrdiff_t have the same width on all supported hosts. ssize_t is not standard C++ (it's standard POSIX), while ptrdiff_t is. OTOH, we already use ssize_t in gdb. Pedantically incorrectly, I guess, if we follow the letter of the original ssize_t intention [1]: The type ssize_t shall be capable of storing values at least in the range [-1, {SSIZE_MAX}]. [1] - http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_types.h.html From an aesthetic perspective, "ssize_t" seems better, as the "obvious signed version of size_t". From a pedantic perspective, ptrdiff_t sounds better. Thanks, Pedro Alves
On 10/16/18 8:58 AM, Pedro Alves wrote: > On 10/11/2018 09:15 PM, John Baldwin wrote: >> On 10/10/18 1:50 AM, Pedro Alves wrote: >>> On 10/09/2018 08:58 PM, John Baldwin wrote: >>>> On 10/9/18 11:10 AM, Paul Koning wrote: >>>>> >>>>> >>>>>> On Oct 9, 2018, at 1:57 PM, John Baldwin <jhb@FreeBSD.org> wrote: >>>>>> >>>>>> On 10/9/18 10:40 AM, Paul Koning wrote: >>>>>>> >>>>>>> >>>>>>>> On Oct 9, 2018, at 1:31 PM, Pedro Alves <palves@redhat.com> wrote: >>>>>>>> >>> >>>>>> I also ran into the same failure using LLVM's ubsan on FreeBSD but in a different >>>>>> use of obstack_blank_fast(). If we wanted to fix this, I wonder if we'd instead >>>>>> want to fix it centrally in obstack_blank_fast (e.g. by using a ptrdiff_t cast) >>>>>> rather than fixing various consumers of the API. That would be a change to >>>>>> libiberty though, not just gdb. >>>>> >>>>> I suppose. But casts in macros scare me, they can hide mistakes. It seems more reasonable to have the caller be responsible for creating a value of the correct type. Since it's an adjustment, I suppose the cast should be for ptrdiff_t rather than ssize_t? >>>> >>>> So if obstack_blank_fast() were an inline function instead of a macro, I >>>> suspect it's second argument would be of type ptrdiff_t in which case the >>>> equivalent "hidden" cast would happen at the function call. That said, >>>> the obstack_blank() macro uses _OBSTACK_SIZE_T (which is an unsigned size_t) >>>> when it declares a local variable to pass as the offset, so it seems obstack >>>> really is relying on unsigned wrap around. >>> >>> The function is documented to take an int, at least: >>> >>> void obstack_blank_fast (struct obstack *obstack-ptr, int size) >>> >>> https://www.gnu.org/software/libc/manual/html_node/Summary-of-Obstacks.html >>> >>> Not sure what's best to do, but I think I leaning toward >>> agreeing with Paul, in that passing down a signed negative >>> integer rather than passing down a large unsigned integer >>> expecting it to cast to a negative integer ends up >>> being a little better. >> >> Ok. Do you have a preference on the type to use (ssize_t vs ptrdiff_t vs >> something else)? Paul's original patch used ssize_t. I'll probably patch >> the one case I found in minsyms.c to match whatever we use here. > > I don't really have much of a preference. > > In practice, it probably doesn't make much of a difference nowadays. > Likely ssize_t and ptrdiff_t have the same width on all supported > hosts. > > ssize_t is not standard C++ (it's standard POSIX), while ptrdiff_t is. > OTOH, we already use ssize_t in gdb. Pedantically incorrectly, I guess, > if we follow the letter of the original ssize_t intention [1]: > > The type ssize_t shall be capable of storing values at least in the range [-1, {SSIZE_MAX}]. > > [1] - http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_types.h.html > > From an aesthetic perspective, "ssize_t" seems better, as the "obvious > signed version of size_t". From a pedantic perspective, ptrdiff_t > sounds better. Ok, I think ssize_t is probably fine, so I Think Paul's original patch is ok?
> On Oct 17, 2018, at 2:38 PM, John Baldwin <jhb@FreeBSD.org> wrote: > >> ... >> From an aesthetic perspective, "ssize_t" seems better, as the "obvious >> signed version of size_t". From a pedantic perspective, ptrdiff_t >> sounds better. > > Ok, I think ssize_t is probably fine, so I Think Paul's original patch is > ok? > > -- > John Baldwin Please let me know; I can commit that patch if it is approved. Or commit with changes if that's desired. paul
On 10/17/2018 07:47 PM, Paul Koning wrote: > > >> On Oct 17, 2018, at 2:38 PM, John Baldwin <jhb@FreeBSD.org> wrote: >> >>> ... >>> From an aesthetic perspective, "ssize_t" seems better, as the "obvious >>> signed version of size_t". From a pedantic perspective, ptrdiff_t >>> sounds better. >> >> Ok, I think ssize_t is probably fine, so I Think Paul's original patch is >> ok? >> >> -- >> John Baldwin > > Please let me know; I can commit that patch if it is approved. Or commit with changes if that's desired. Patch is OK as is. Please push. Thanks, Pedro Alves
> On Oct 17, 2018, at 5:51 PM, Pedro Alves <palves@redhat.com> wrote: > > On 10/17/2018 07:47 PM, Paul Koning wrote: >> >> >>> On Oct 17, 2018, at 2:38 PM, John Baldwin <jhb@FreeBSD.org> wrote: >>> >>>> ... >>>> From an aesthetic perspective, "ssize_t" seems better, as the "obvious >>>> signed version of size_t". From a pedantic perspective, ptrdiff_t >>>> sounds better. >>> >>> Ok, I think ssize_t is probably fine, so I Think Paul's original patch is >>> ok? >>> >>> -- >>> John Baldwin >> >> Please let me know; I can commit that patch if it is approved. Or commit with changes if that's desired. > > Patch is OK as is. Please push. > > Thanks, > Pedro Alves Thank you. Done. paul
diff --git a/gdb/charset.c b/gdb/charset.c index 8bb2b4d669..64757ab279 100644 --- a/gdb/charset.c +++ b/gdb/charset.c @@ -548,7 +548,7 @@ convert_between_encodings (const char *from, const char *to, /* Now make sure that the object on the obstack only includes bytes we have converted. */ - obstack_blank_fast (output, -outleft); + obstack_blank_fast (output, -(ssize_t) outleft); if (r == (size_t) -1) {