From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id gc1YCOAL3ma0hyQAWB0awg (envelope-from ) for ; Sun, 08 Sep 2024 16:41:04 -0400 Authentication-Results: simark.ca; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=MZm1jbcP; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id 0BAF41E353; Sun, 8 Sep 2024 16:41:04 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-10.1 required=5.0 tests=ARC_SIGNED,ARC_VALID, BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED, RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,URIBL_BLOCKED, URIBL_DBL_BLOCKED_OPENDNS,WEIRD_PORT autolearn=ham autolearn_force=no version=4.0.0 Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id 540811E08F for ; Sun, 8 Sep 2024 16:41:03 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D60A8385DDEB for ; Sun, 8 Sep 2024 20:41:02 +0000 (GMT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTP id 67C143858C66 for ; Sun, 8 Sep 2024 20:40:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 67C143858C66 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 67C143858C66 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725828044; cv=none; b=jGQVcdeIUxp+8ZSjvt7vqqgxXaoDxR1UCi/D696K7Whk1kH38oA6bEk5VNDN/svsyYgmkRQfvJRgh0flFMdHpKKzXHP18gHw51DCjiFObbAEON3rjxV07DForQlgm/UCBLlillLXrkbj3hqusrJOUiV0qpOX40MDa9PB12N3odI= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725828044; c=relaxed/simple; bh=nzt18McRI/TM/Mot+rCBXfwz1/Fjz506QFRKt6Vw/hw=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=jUqSvDeSv3UPSt4O4oDUYS+wJYOPHCAieTrEGQ41caxMVdb+g0vWirpjkU8Hr7nO2HT5tN8+asTe8mJ88FdzbGBUG5NbCvthNvr4xwfld1ju4Z0qlHYR2hWFPQlwbc7VTIZOi/xac/WZbUzmngq0c8bEhQqOA0EkOiKZtU54y9Q= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725828042; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=n75WJossDLsGLcCi99ndykpeW2pMwIzHN4g8vdxLWfI=; b=MZm1jbcPIdh0o1a85ucIvH9snVcjLPJOxamZ+QoMZR/w6mBCkS1t66HZXCGA22Bxpa21NR HadF2SQMTzjP/X/apYAie/Nl+VDWA4IDQsju5tRYYMsbKXL5ZurJjd3BF8bC8mJrbA4Sex kCRklIZt4B4t8pMvV/lWIPZq1k24pMo= Received: from mail-lj1-f199.google.com (mail-lj1-f199.google.com [209.85.208.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-453-Jv1-ATyaMRqqnkAGShlWOA-1; Sun, 08 Sep 2024 16:40:41 -0400 X-MC-Unique: Jv1-ATyaMRqqnkAGShlWOA-1 Received: by mail-lj1-f199.google.com with SMTP id 38308e7fff4ca-2f75ea32971so8376851fa.1 for ; Sun, 08 Sep 2024 13:40:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725828039; x=1726432839; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=n75WJossDLsGLcCi99ndykpeW2pMwIzHN4g8vdxLWfI=; b=Vn+ipuO3bOgvHY/i20PI4G20y0lfxjKLK0c35Pl+Y4k1imUjKy5P+7YQ04qy6FtU0m +8w3dBwgZ14Ba8oUC7vnZgTMUPfiET+pzpGmapU6OdjohntY60Ne/IBe2MQ+O3DWeCXm +BmqGw4ns2yfT22+9+Itvk/uId7DIf2a6enOJ7VPYfNuBri8j1ZAm+p60CZ/dIZ/flQB krLibMr6t3AyXeIFBZ6CpEpupq+HHJ4FIhI+jNO1+xntlEKTUC9r5MjwaFLgWlwgWCw9 LixF438yzLTWAAAxdk35K+GztSU5/CAJPa8S5psZU1fzMs0jTGYNUKlfvLURwrlntnhb +W4g== X-Gm-Message-State: AOJu0YxXTZpf6/2ib7pi2si/UL5g9JXJXBATeXbEql4dRrj9eRItY8CQ xH5ytjGMTnVBxWVSVi0bjdDB8VJLDpOIeE/Dp5060L7NQqgR3So1Yjq18IDyhKAXylPlPQWB7cS eKsyHuD9RefCoZ2N54VUBu6cviQ98FkINDVBXlUbPLRdkl21WVJpSD1yUyUGgpEgfaLrXH6mxmg U0avkWpPH8wkE+dm8VkdZBoDClhSLF9wJ91UTf8+VtObI= X-Received: by 2002:a2e:b8cb:0:b0:2f7:64b9:ff90 with SMTP id 38308e7fff4ca-2f764ba01d2mr16456301fa.9.1725828038875; Sun, 08 Sep 2024 13:40:38 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGnPyryiQQ9hNU+humzrHmPeCCcwuOTXlv2lR9PeQ6GJtEUvi5EnHkpF+A1iYyEnPtP1EGr3w== X-Received: by 2002:a2e:b8cb:0:b0:2f7:64b9:ff90 with SMTP id 38308e7fff4ca-2f764ba01d2mr16456151fa.9.1725828038031; Sun, 08 Sep 2024 13:40:38 -0700 (PDT) Received: from localhost (178.126.90.146.dyn.plus.net. [146.90.126.178]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5c3ebd46886sm2162529a12.34.2024.09.08.13.40.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 Sep 2024 13:40:37 -0700 (PDT) From: Andrew Burgess To: gdb-patches@sourceware.org Cc: Eli Zaretskii Subject: Re: [PATCHv13 4/6] gdb: parse pending breakpoint thread/task immediately In-Reply-To: <1064bff309f0039da101e3191fa0e2d3b81981dd.1725613660.git.aburgess@redhat.com> References: <1064bff309f0039da101e3191fa0e2d3b81981dd.1725613660.git.aburgess@redhat.com> Date: Sun, 08 Sep 2024 21:40:36 +0100 Message-ID: <87a5ghswu3.fsf@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org This patch has a bug which CI testing revealed. Pushed the patch below to resolve it. Thanks, Andrew --- commit da8730e8f9255b683f0b5d311ac31cabf84fa1de Author: Andrew Burgess Date: Sun Sep 8 21:17:55 2024 +0100 gdb: fix use of out of scope temporary variable in break-cond-parse.c The commit: commit c6b486755e020095710c7494d029577ca967a13a Date: Thu Mar 30 19:21:22 2023 +0100 gdb: parse pending breakpoint thread/task immediately Introduce a use bug where the value of a temporary variable was being used after it had gone out of scope. This was picked up by the address sanitizer and would result in this error: (gdb) maintenance selftest create_breakpoint_parse_arg_string Running selftest create_breakpoint_parse_arg_string. ================================================================= ==2265825==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fbb08046511 at pc 0x000001632230 bp 0x7fff7c2fb770 sp 0x7fff7c2fb768 READ of size 1 at 0x7fbb08046511 thread T0 #0 0x163222f in create_breakpoint_parse_arg_string(char const*, std::unique_ptr >*, int*, int*, int*, std::unique_ptr >*, bool*) ../../src/gdb/break-cond-parse.c:496 #1 0x1633026 in test ../../src/gdb/break-cond-parse.c:582 #2 0x163391b in create_breakpoint_parse_arg_string_tests ../../src/gdb/break-cond-parse.c:649 #3 0x12cfebc in void std::__invoke_impl(std::__invoke_other, void (*&)()) /usr/include/c++/13/bits/invoke.h:61 #4 0x12cc8ee in std::enable_if, void>::type std::__invoke_r(void (*&)()) /usr/include/c++/13/bits/invoke.h:111 #5 0x12c81e5 in std::_Function_handler::_M_invoke(std::_Any_data const&) /usr/include/c++/13/bits/std_function.h:290 #6 0x18bb51d in std::function::operator()() const /usr/include/c++/13/bits/std_function.h:591 #7 0x4193ef9 in selftests::run_tests(gdb::array_view, bool) ../../src/gdbsupport/selftest.cc:100 #8 0x21c2206 in maintenance_selftest ../../src/gdb/maint.c:1172 ... etc ... The problem was caused by three lines like this one: thread_info *thr = parse_thread_id (std::string (t.get_value ()).c_str (), &tmptok); After parsing the thread-id TMPTOK would be left pointing into the temporary string which had been created on this line. When on the next line we did this: gdb_assert (*tmptok == '\0'); The value of *TMPTOK is undefined. Fix this by creating the std::string earlier in the scope. Now the contents of the string will remain valid when we check *TMPTOK. The address sanitizer issue is now resolved. diff --git a/gdb/break-cond-parse.c b/gdb/break-cond-parse.c index f5fe308a923..b2b1324479f 100644 --- a/gdb/break-cond-parse.c +++ b/gdb/break-cond-parse.c @@ -478,6 +478,7 @@ create_breakpoint_parse_arg_string for (const token &t : tokens) { + std::string tok_value (t.get_value ()); switch (t.get_type ()) { case token::type::FORCE: @@ -490,9 +491,7 @@ create_breakpoint_parse_arg_string if (task != -1 || inferior != -1) error ("You can specify only one of thread, inferior, or task."); const char *tmptok; - thread_info *thr - = parse_thread_id (std::string (t.get_value ()).c_str (), - &tmptok); + thread_info *thr = parse_thread_id (tok_value.c_str (), &tmptok); gdb_assert (*tmptok == '\0'); thread = thr->global_num; } @@ -504,8 +503,7 @@ create_breakpoint_parse_arg_string if (task != -1 || thread != -1) error ("You can specify only one of thread, inferior, or task."); char *tmptok; - long inferior_id - = strtol (std::string (t.get_value ()).c_str (), &tmptok, 0); + long inferior_id = strtol (tok_value.c_str (), &tmptok, 0); if (*tmptok != '\0') error (_("Junk '%s' after inferior keyword."), tmptok); if (inferior_id > INT_MAX) @@ -523,8 +521,7 @@ create_breakpoint_parse_arg_string if (inferior != -1 || thread != -1) error ("You can specify only one of thread, inferior, or task."); char *tmptok; - long task_id - = strtol (std::string (t.get_value ()).c_str (), &tmptok, 0); + long task_id = strtol (tok_value.c_str (), &tmptok, 0); if (*tmptok != '\0') error (_("Junk '%s' after task keyword."), tmptok); if (task_id > INT_MAX)