From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id wExkFt+F6WI9Tx8AWB0awg (envelope-from ) for ; Tue, 02 Aug 2022 16:15:27 -0400 Received: by simark.ca (Postfix, from userid 112) id 586851EA05; Tue, 2 Aug 2022 16:15:27 -0400 (EDT) Authentication-Results: simark.ca; dkim=fail reason="signature verification failed" (768-bit key; unprotected) header.d=tromey.com header.i=@tromey.com header.a=rsa-sha256 header.s=default header.b=e5PHWSRj; dkim-atps=neutral X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RDNS_DYNAMIC,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id E9C941EA03 for ; Tue, 2 Aug 2022 16:15:26 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 66E05385EC45 for ; Tue, 2 Aug 2022 20:15:26 +0000 (GMT) Received: from gproxy3-pub.mail.unifiedlayer.com (gproxy3-pub.mail.unifiedlayer.com [69.89.30.42]) by sourceware.org (Postfix) with ESMTPS id 4BA18385781B for ; Tue, 2 Aug 2022 20:15:12 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 4BA18385781B Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=tromey.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tromey.com Received: from cmgw13.mail.unifiedlayer.com (unknown [10.0.90.128]) by progateway5.mail.pro1.eigbox.com (Postfix) with ESMTP id 288D71003EA20 for ; Tue, 2 Aug 2022 20:15:03 +0000 (UTC) Received: from box5379.bluehost.com ([162.241.216.53]) by cmsmtp with ESMTP id IyIAoPOK6WBOVIyIAo1XCt; Tue, 02 Aug 2022 20:15:02 +0000 X-Authority-Reason: nr=8 X-Authority-Analysis: v=2.4 cv=cpReL30i c=1 sm=1 tr=0 ts=62e985c6 a=ApxJNpeYhEAb1aAlGBBbmA==:117 a=ApxJNpeYhEAb1aAlGBBbmA==:17 a=dLZJa+xiwSxG16/P+YVxDGlgEgI=:19 a=biHskzXt2R4A:10:nop_rcvd_month_year a=Qbun_eYptAEA:10:endurance_base64_authed_username_1 a=g9YLgQc7X4uxfoC1JpQA:9 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com; s=default; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=F8rViMFiGwLNsvj4wqXee8qdXcsave2tTENn2ADTJ1g=; b=e5PHWSRjXHrCjNtlvWRD5I7AG6 iAT8ftWsNI3Vsg6zDPDhJlaXhPRLruAfU9LFm8XWJQuRcJYyijhT63YEt+WjZIYqS/B1x/EH2hD7R 1hGsA5ib58lx2of8A71r1FM9H; Received: from 71-211-185-228.hlrn.qwest.net ([71.211.185.228]:45458 helo=prentzel.Home) by box5379.bluehost.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oIyIA-0009ye-2k; Tue, 02 Aug 2022 14:15:02 -0600 From: Tom Tromey To: gdb-patches@sourceware.org Subject: [PATCH 3/3] Use unique_ptr to destroy per-bfd object Date: Tue, 2 Aug 2022 14:14:59 -0600 Message-Id: <20220802201459.2839634-4-tom@tromey.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220802201459.2839634-1-tom@tromey.com> References: <20220802201459.2839634-1-tom@tromey.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - box5379.bluehost.com X-AntiAbuse: Original Domain - sourceware.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tromey.com X-BWhitelist: no X-Source-IP: 71.211.185.228 X-Source-L: No X-Exim-ID: 1oIyIA-0009ye-2k X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: 71-211-185-228.hlrn.qwest.net (prentzel.Home) [71.211.185.228]:45458 X-Source-Auth: tom+tromey.com X-Email-Count: 4 X-Source-Cap: ZWx5bnJvYmk7ZWx5bnJvYmk7Ym94NTM3OS5ibHVlaG9zdC5jb20= X-Local-Domain: yes X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Tom Tromey Errors-To: gdb-patches-bounces+public-inbox=simark.ca@sourceware.org Sender: "Gdb-patches" In some cases, the objfile owns the per-bfd object. This is yet another object that can sometimes be destroyed before the registry is destroyed, possibly reslting in a use-after-free. Also, I noticed that the condition for deleting the object is not the same as the condition used to create it -- so it could possibly result in a memory leak in some situations. This patch fixes the problem by introducing a new unique_ptr that holds this object when necessary. --- gdb/objfiles.c | 22 +++++++--------------- gdb/objfiles.h | 9 +++++++-- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/gdb/objfiles.c b/gdb/objfiles.c index c92da7548b3..31c27e9c3cb 100644 --- a/gdb/objfiles.c +++ b/gdb/objfiles.c @@ -117,9 +117,10 @@ objfile_per_bfd_storage::~objfile_per_bfd_storage () NULL, and it already has a per-BFD storage object, use that. Otherwise, allocate a new per-BFD storage object. */ -static struct objfile_per_bfd_storage * -get_objfile_bfd_data (bfd *abfd) +void +set_objfile_per_bfd (struct objfile *objfile) { + bfd *abfd = objfile->obfd.get (); struct objfile_per_bfd_storage *storage = NULL; if (abfd != NULL) @@ -133,21 +134,15 @@ get_objfile_bfd_data (bfd *abfd) enough that this seems reasonable. */ if (abfd != NULL && !gdb_bfd_requires_relocations (abfd)) objfiles_bfd_data.set (abfd, storage); + else + objfile->per_bfd_storage.reset (storage); /* Look up the gdbarch associated with the BFD. */ if (abfd != NULL) storage->gdbarch = gdbarch_from_bfd (abfd); } - return storage; -} - -/* See objfiles.h. */ - -void -set_objfile_per_bfd (struct objfile *objfile) -{ - objfile->per_bfd = get_objfile_bfd_data (objfile->obfd.get ()); + objfile->per_bfd = storage; } /* Set the objfile's per-BFD notion of the "main" name and @@ -353,7 +348,7 @@ objfile::objfile (gdb_bfd_ref_ptr bfd_, const char *name, objfile_flags flags_) build_objfile_section_table (this); } - per_bfd = get_objfile_bfd_data (obfd.get ()); + set_objfile_per_bfd (this); } /* If there is a valid and known entry point, function fills *ENTRY_P with it @@ -555,9 +550,6 @@ objfile::~objfile () if (sf != NULL) (*sf->sym_finish) (this); - if (obfd == nullptr) - delete per_bfd; - /* Before the symbol table code was redone to make it easier to selectively load and remove information particular to a specific linkage unit, gdb used to do these things whenever the monolithic diff --git a/gdb/objfiles.h b/gdb/objfiles.h index ac45fa3980f..16dab0d2c69 100644 --- a/gdb/objfiles.h +++ b/gdb/objfiles.h @@ -653,11 +653,16 @@ struct objfile gdb_bfd_ref_ptr obfd; - /* The per-BFD data. Note that this is treated specially if OBFD - is NULL. */ + /* The per-BFD data. */ struct objfile_per_bfd_storage *per_bfd = nullptr; + /* In some cases, the per_bfd object is owned by this objfile and + not by the BFD itself. In this situation, this holds the owning + pointer. */ + + std::unique_ptr per_bfd_storage; + /* The modification timestamp of the object file, as of the last time we read its symbols. */ -- 2.34.1