From d2f071160810f3d7df6bc7ef8c91e36bc3cf08cb Mon Sep 17 00:00:00 2001
From: Tomasz Grabiec <tgrabiec@scylladb.com>
Date: Tue, 19 Jul 2016 20:13:07 +0200
Subject: [PATCH] scylla-gdb: Fix bounds checking in scylla ptr command

Message-Id: <1468951987-10184-1-git-send-email-tgrabiec@scylladb.com>
---
 scylla-gdb.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scylla-gdb.py b/scylla-gdb.py
index 1421cf1a7b..2947f0a531 100644
--- a/scylla-gdb.py
+++ b/scylla-gdb.py
@@ -191,11 +191,12 @@ class scylla_ptr(gdb.Command):
             msg += ', small (size <= %d)' % object_size
             offset_in_object = offset_in_span % object_size
             free_object_ptr = gdb.lookup_type('void').pointer().pointer()
+            char_ptr = gdb.lookup_type('char').pointer()
             # pool's free list
             next_free = pool['_free']
             free = False
             while next_free:
-                if ptr >= next_free and ptr < next_free + object_size:
+                if ptr >= next_free and ptr < next_free.reinterpret_cast(char_ptr) + object_size:
                     free = True
                     break
                 next_free = next_free.reinterpret_cast(free_object_ptr).dereference()
@@ -203,7 +204,7 @@ class scylla_ptr(gdb.Command):
                 # span's free list
                 next_free = first_page_in_span['freelist']
                 while next_free:
-                    if ptr >= next_free and ptr < next_free + object_size:
+                    if ptr >= next_free and ptr < next_free.reinterpret_cast(char_ptr) + object_size:
                         free = True
                         break
                     next_free = next_free.reinterpret_cast(free_object_ptr).dereference()