From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 67405 invoked by alias); 13 Oct 2018 18:49:49 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 67386 invoked by uid 89); 13 Oct 2018 18:49:48 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-24.4 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_LAZY_DOMAIN_SECURITY,KAM_SHORT,KAM_STOCKGEN,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=memcpy, sk:prepare, assemble, pruning X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 13 Oct 2018 18:49:46 +0000 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7999B83F3F for ; Sat, 13 Oct 2018 18:49:45 +0000 (UTC) Received: from localhost (unused-10-15-17-196.yyz.redhat.com [10.15.17.196]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4D3D960C46; Sat, 13 Oct 2018 18:49:45 +0000 (UTC) From: Sergio Durigan Junior To: Keith Seitz Cc: gdb-patches@sourceware.org Subject: Re: [PATCH] Prevent inline function parameters from crashing the DWARF reader References: <20181012212141.29423-1-keiths@redhat.com> Date: Sat, 13 Oct 2018 18:49:00 -0000 In-Reply-To: <20181012212141.29423-1-keiths@redhat.com> (Keith Seitz's message of "Fri, 12 Oct 2018 14:21:41 -0700") Message-ID: <87efct65rr.fsf@redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-IsSubscribed: yes X-SW-Source: 2018-10/txt/msg00313.txt.bz2 On Friday, October 12 2018, Keith Seitz wrote: > When reading DWARF information for an inlined function, new_symbol > assumes that the CU has a valid builder: > > case DW_TAG_formal_parameter: > { > /* If we are inside a function, mark this as an argument. If > not, we might be looking at an argument to an inlined function > when we do not have enough information to show inlined frames; > pretend it's a local variable in that case so that the user can > still see it. */ > struct context_stack *curr > = cu->builder->get_current_context_stack ()); > if (curr != nullptr && curr->name != nullptr) > SYMBOL_IS_ARGUMENT (sym) = 1; > // .. > > However, as demonstrated in this Fedora bugzilla: > https://bugzilla.redhat.com/show_bug.cgi?id=1638798 > > the abstract_origin of the parameter DIE may be in an entirely different > CU. This CU will have no builder defined for it, so the call to > get_current_context_stack is made on an uninitialized builder, and GDB > segfaults. Thanks for the patch, Keith. Just FYI, has just been filed (by a Fedora user). You might want to assign it to yourself and mention it in the ChangeLog. > gdb/ChangeLog: > YYYY-MM-DD Keith Seitz > > https://bugzilla.redhat.com/show_bug.cgi?id=1638798 > * dwarf2read.c (new_symbol): Don't assume there is a valid > builder when processing formal_parameter; it may have come > from another CU. > > gdb/testsuite/ChangeLog: > YYYY-MM-DD Keith Seitz > > https://bugzilla.redhat.com/show_bug.cgi?id=1638798 > * gdb.dwarf2/inline_subroutine-inheritance.exp: New file. > --- > gdb/ChangeLog | 7 + > gdb/dwarf2read.c | 8 +- > gdb/testsuite/ChangeLog | 5 + > .../inline_subroutine-inheritance.exp | 213 ++++++++++++++++++ > 4 files changed, 232 insertions(+), 1 deletion(-) > create mode 100644 gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp > > diff --git a/gdb/ChangeLog b/gdb/ChangeLog > index b3cc64659f..18fcb671b4 100644 > --- a/gdb/ChangeLog > +++ b/gdb/ChangeLog > @@ -1,3 +1,10 @@ > +YYYY-MM-DD Keith Seitz > + > + https://bugzilla.redhat.com/show_bug.cgi?id=1638798 > + * dwarf2read.c (new_symbol): Don't assume there is a valid > + builder when processing formal_parameter; it may have come > + from another CU. > + > 2018-10-11 Gary Benson > > * interps.h (interp::m_name): Make private and mutable. > diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c > index 2a1b805c9a..c11b778e71 100644 > --- a/gdb/dwarf2read.c > +++ b/gdb/dwarf2read.c > @@ -21565,8 +21565,14 @@ new_symbol (struct die_info *die, struct type *type, struct dwarf2_cu *cu, > when we do not have enough information to show inlined frames; > pretend it's a local variable in that case so that the user can > still see it. */ > + > + /* If this inlined function parameter is inherited from another > + CU, that CU may not have a builder associated with it. > + Don't assume that it does. */ > struct context_stack *curr > - = cu->builder->get_current_context_stack (); > + = (cu->builder == nullptr > + ? nullptr > + : cu->builder->get_current_context_stack ()); > if (curr != nullptr && curr->name != nullptr) > SYMBOL_IS_ARGUMENT (sym) = 1; > attr = dwarf2_attr (die, DW_AT_location, cu); > diff --git a/gdb/testsuite/ChangeLog b/gdb/testsuite/ChangeLog > index ba5fae99e7..9f5ab8f86a 100644 > --- a/gdb/testsuite/ChangeLog > +++ b/gdb/testsuite/ChangeLog > @@ -1,3 +1,8 @@ > +YYYY-MM-DD Keith Seitz > + > + https://bugzilla.redhat.com/show_bug.cgi?id=1638798 > + * gdb.dwarf2/inline_subroutine-inheritance.exp: New file. > + > 2018-10-11 Sandra Loosemore > > * gdb.base/solib-vanish.exp: Fix regexp not to require a POSIX > diff --git a/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp b/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp > new file mode 100644 > index 0000000000..92c5d0529b > --- /dev/null > +++ b/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp > @@ -0,0 +1,213 @@ > +# Copyright 2018 Free Software Foundation, Inc. > + > +# This program is free software; you can redistribute it and/or modify > +# it under the terms of the GNU General Public License as published by > +# the Free Software Foundation; either version 3 of the License, or > +# (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +# GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program. If not, see . > + > +# This tests a segfault that occurs when reading inline_subroutine DIEs > +# with abstract_origins pointing to DIEs in other CUs. > +# > +# See https://bugzilla.redhat.com/show_bug.cgi?id=1638798 . > + > +load_lib dwarf.exp > + > +# This test can only be run on targets which support DWARF. > +if {![dwarf2_support]} { > + return 0 > +} > + > +standard_testfile main.c .S > + > +# Create the DWARF. This is derived from the reproducer in the Fedora > +# bugzila mentioned above. For clarity, some "superfluous" DIES have > +# been left instead of simplifying/pruning the test further. > +set asm_file [standard_output_file $srcfile2] > +Dwarf::assemble $asm_file { > + declare_labels Db D72f8 D736e > + declare_labels D266465 D266477 D266483 D266496 D266498 D266ad3 D266ad9 \ > + D266ade D26b227 D26b237 > + declare_labels D26d8b1 D26d8c3 D26d8cf D26d944 D26d946 D26e103 D26e145 \ > + D26e415 D26e48c D26df00 D26df06 D26df0b D272519 D274c1a D274c42 > + > + cu {} { > + Db: compile_unit { > + {language @DW_LANG_C99} > + {name ""} > + } { > + D72f8: subprogram { > + {abstract_origin :$D272519} > + {low_pc 0xb9e20 addr} > + {high_pc 0x1f5 data4} > + } { > + D736e: inlined_subroutine { > + {abstract_origin :$D26b227} > + {low_pc 0xb9efc addr} > + {high_pc 0xc data4} > + } { > + formal_parameter { > + {abstract_origin :$D274c42} > + } > + } > + } > + } > + } > + > + cu {} { > + D266465: compile_unit { > + {language @DW_LANG_C99} > + } { > + D266477: typedef { > + {name "size_t"} > + {type :$D266483} > + } > + > + D266483: base_type { > + {byte_size 8 sdata} > + {encoding @DW_ATE_unsigned} > + } > + > + D266496: pointer_type { > + {byte_size 8 sdata} > + } > + > + D266498: restrict_type { > + {type :$D266496} > + } > + > + D266ad3: pointer_type { > + {byte_size 8 sdata} > + {type :$D266ade} > + } > + > + D266ad9: restrict_type { > + {type :$D266ad3} > + } > + > + D266ade: const_type {} > + > + D26b227: subprogram { > + {external 1 flag} > + {name "memcpy"} > + {type :$D266496} > + } { > + D26b237: formal_parameter { > + {name "__dest"} > + {type :$D266498} > + } > + formal_parameter { > + {name "__src"} > + {type :$D266ad9} > + } > + formal_parameter { > + {name "__len"} > + {type :$D266477} > + } > + } > + } > + } > + > + cu {} { > + D26d8b1: compile_unit { > + {language @DW_LANG_C99} > + } { > + D26d8c3: typedef { > + {name "size_t"} > + {type :$D26d8cf} > + } > + > + D26d8cf: base_type { > + {byte_size 8 sdata} > + {encoding @DW_ATE_unsigned} > + {name "long unsigned int"} > + } > + > + D26d944: pointer_type { > + {byte_size 8 sdata} > + } > + > + D26d946: restrict_type { > + {type :$D26d944} > + } > + > + D26e103: structure_type { > + {name "__object"} > + {byte_size 12 sdata} > + } { > + member { > + {name "__ob_next"} > + {type :$D26e145} > + {data_member_location 0 sdata} > + } > + } > + > + D26e145: pointer_type { > + {byte_size 8 sdata} > + {type :$D26e103} > + } > + > + D26e415: typedef { > + {name "PyObject"} > + {type :$D26e103} > + } > + > + D26e48c: pointer_type { > + {byte_size 8 sdata} > + {type :$D26e415} > + } > + > + D26df00: pointer_type { > + {byte_size 8 sdata} > + {type :$D26df0b} > + } > + > + D26df06: restrict_type { > + {type :$D26df00} > + } > + > + D26df0b: const_type {} > + > + D272519: subprogram { > + {name "bytes_repeat"} > + {type :$D26e48c} > + } > + > + D274c1a: subprogram { > + {external 1 flag} > + {name "memcpy"} > + {type :$D26d944} > + } { > + formal_parameter { > + {name "__dest"} > + {type :$D26d946} > + } > + formal_parameter { > + {name "__src"} > + {type :$D26df06} > + } > + D274c42: formal_parameter { > + {name "__len"} > + {type :$D26d8c3} > + } > + } > + } > + } > +} > + > +if {[prepare_for_testing "failed to prepare" $testfile \ > + "${asm_file} ${srcfile}" {}]} { > + return -1 > +} > + > +# All we need to do is set a breakpoint, which causes the DWARF > +# info to be read, to demonstrate the problem. > + > +gdb_breakpoint "bytes_repeat" message > -- > 2.17.1 -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible http://sergiodj.net/