From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id 9aDVJlgTP2bF6g0AWB0awg (envelope-from ) for ; Sat, 11 May 2024 02:42:32 -0400 Authentication-Results: simark.ca; dkim=pass (2048-bit key; unprotected) header.d=HOTMAIL.DE header.i=@HOTMAIL.DE header.a=rsa-sha256 header.s=selector1 header.b=Bmj3gNrG; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id 8D1861E0C1; Sat, 11 May 2024 02:42:32 -0400 (EDT) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id E4CC71E030 for ; Sat, 11 May 2024 02:42:29 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D7305386F81C for ; Sat, 11 May 2024 06:42:28 +0000 (GMT) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04olkn2050.outbound.protection.outlook.com [40.92.75.50]) by sourceware.org (Postfix) with ESMTPS id 009ED384474F for ; Sat, 11 May 2024 06:42:07 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 009ED384474F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=hotmail.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=hotmail.de ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 009ED384474F Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=40.92.75.50 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1715409730; cv=pass; b=NMSGMI6fhynJY2tdL2xMjmRs1p2b27w4Grpn9VY3sK8ixjgWWVNxrU+nG4eMl0mx+Q6FGh3PEzcw1uVVMVMfUhx7nf4OSnxPEQl55gVffJ1LpIW4UNDHkwpUvhs8JCVfnXIKmZ4aa27Zmyk2e0lXLheQnrXpwND7mtBibwPe7Xk= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1715409730; c=relaxed/simple; bh=OsdS7PK0qt0WPFCN4LaU7U+tPSG+/JzCRPAjPEseQtQ=; h=DKIM-Signature:Message-ID:Date:Subject:To:From:MIME-Version; b=T5TbqCktMkYT+utYnMGfW2hjFV9m139c9mkKfFOVuhMx+8bXFktgpzPCJEqQgfek9WA9jnEE/gA0+p11apJU/E0bMcKIulsihLEL/rBoCxzqcZC17yLVL0jediWxAL3Z1LpgtiFlliSdooo2wyBjFTOAg55tmRnD5EiXDif3wSo= ARC-Authentication-Results: i=2; server2.sourceware.org ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kQolaB5OZkZb0QkQZipuf6Xr0BlMLtZMwxDfsmgQ08UgONNdzW1N8PTh1b24gqnT/SH/Vjm79Jet73Ln0ahABFDWfdXqD1bob9ibxwMdptWy8ByHELj+VvRrJT7h3zNKjBIJdMzdAAerufmfUfr0UFMWFxmSbJL7zhIctTqRrKdnZDlHsnnamHRA/fE0MJn59SMQIbhXhR+QdZ72boiXxZeDx6YhLqKLMiAuPjiAO3hCpL49jDsfk7LqbXFYZlsp1M7ip0NGVZz8dgfpN/6JS1yn2EBofux7l0JiedFqhfLEBu6an0H+aQdu2pYKo2vvrX0X4Jhr1urleqB3/rZ7+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FzDz4RBWXUBBz4KWTla16R7c9+mqNKGvcCPYyF9Wcck=; b=Jzkrt9Cp4GR7lK8jacoRRs8SYvH2vAOkxHZX/LZ2Hd5m97WL/Eser00w7DskLWxnCCALWLoNG43lYRQtmbmBae9yucg0efbK/5epULvtg9B6tWwXe4ECRzfrjKZQu4Pte+F6zXYMWxbovmz/0aAV8x+u0LjREeWeY8WLjhv/uN3dcJaye31P/rv1V3aSojtej40mapfDR/PoamVbAlvy3ioeBOAnAyp7pMTYplgxoJU0rTOvx+w5Syqhw8t977cYqR1WtQnNKVuJWVSgsqac9Qpitwt9ynp45UuCTp0vKCtsV5rnHEwHIpYO7tHY4H6yj97PQWf3fjtJLH1wSFSRdA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=HOTMAIL.DE; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FzDz4RBWXUBBz4KWTla16R7c9+mqNKGvcCPYyF9Wcck=; b=Bmj3gNrGsnmWN1X+pQBjFyng5lVYE47Wm8FBUiOCOPl1IGuowwGZCILOoHUjm7BC+gyBAiiNx0I89gdFZTowGrhA/QYOSyv0U2+cEeUrosTi5WgqeCnTb/r9bW+pzWKeWLnj/drkvMjyl9M32O48drfzFvraSN3XKUQKumFPxHkn2T3iMIWYBqP0ShcO3DnUKJHCIJO1x6X7cVvV9KEU0zvwtSGaPxeNr3zpwJKVzjoAvCvyu5hOhM7aXBKv/bUHMpascGRzDWubgPWZCGEhLiasO0inIjjhk5bvvYCnyE28y6mVib/+RRuFa79EtsWKY/FGSz4qE8zZu38cNa+m1A== Received: from AS8P193MB1285.EURP193.PROD.OUTLOOK.COM (2603:10a6:20b:333::21) by DU2P193MB2306.EURP193.PROD.OUTLOOK.COM (2603:10a6:10:2f7::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.47; Sat, 11 May 2024 06:42:05 +0000 Received: from AS8P193MB1285.EURP193.PROD.OUTLOOK.COM ([fe80::e65d:5dd2:5662:c61f]) by AS8P193MB1285.EURP193.PROD.OUTLOOK.COM ([fe80::e65d:5dd2:5662:c61f%3]) with mapi id 15.20.7544.048; Sat, 11 May 2024 06:42:05 +0000 Message-ID: Date: Sat, 11 May 2024 08:44:12 +0200 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] Fix heap-use-after-free in index-cached with --disable-threading To: Tom Tromey Cc: Hannes Domani , "gdb-patches@sourceware.org" References: <20240504110942.922-1-ssbssa.ref@yahoo.de> <20240504110942.922-1-ssbssa@yahoo.de> <878r0p1szk.fsf@tromey.com> <1287184562.10844646.1714841805671@mail.yahoo.com> <7fe48268-18d8-4c0f-8d2c-b763d82cf8db@hotmail.de> <87r0e91r44.fsf@tromey.com> Content-Language: en-US From: Bernd Edlinger In-Reply-To: <87r0e91r44.fsf@tromey.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-TMN: [zkplk3txhjtH6x7RfQPJfwx7X6N9PQ5jYkfxC4oKxoSFeqyebxjgMnCtAMXnVCQh] X-ClientProxiedBy: FR3P281CA0132.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:94::12) To AS8P193MB1285.EURP193.PROD.OUTLOOK.COM (2603:10a6:20b:333::21) X-Microsoft-Original-Message-ID: <0a04c4dc-e919-4467-89c3-0835cb0affbe@hotmail.de> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P193MB1285:EE_|DU2P193MB2306:EE_ X-MS-Office365-Filtering-Correlation-Id: b4394714-de6d-4f8e-7e44-08dc718578de X-MS-Exchange-SLBlob-MailProps: obhAqMD0nT8zM5ED4kW8pWDnAc256+fsqw9qDHQHA1tjTLpgm9R2QlR7zIcbSFXGcDyiyXllJdXzXc6wYnozFhJ0JHcTCaFjFAe6W2jZ7QI2svjALp4rEcc4IQMorSpKSlV/6GyfrxC3fcEku2EEYpdCEyUEZuaBM5D2zfseYrxmif41GiYDCIYOuSkVzk9rgV9Y0bDZyya3q7JSMlvEX+5NoEGvzBFrqZHeFpp3StbaRA1i++XgPE6vTXLNr+bNeU52ttrIufpCb4SYb3LUC+j9Nh5unbKvyVdMdYnEKA5gfst+2aDy34ED1QhiUXQVfmAt1DhJqL9sLgHihAhbUsM9JEa0/7kYRdiyP8TB44nwsUdgwuJdTGSUeUGx6Kg5GUwHpQaS6Gr7E/tf/cM2Ms6UaFh925cfSc9KcigerNVxwRYHRaJApcKbboT63/BYEDWvda3rXpb859xG1C7Bcrmz6YlDd/HiN7Cqjcv9PSM/LUgR/GGpNOPcMbBBlxDUk7MMKpGkdKoUUTcex5D0IslSWX5dlNmPgNe3HgJJfjTAPvAjYF/l5B1G8m32738si0Vr7wpFMdglkWfVx1qxwnVFdUaJaHTIf2n03vzJAYnQ6u+drMjfrMbi0A5LzWjAwwVf+dMnnBZYp+JG54lQNALUM13zuCWVLXg+tPzU8nOgF3aAgfBXyQ/QHF4W1ZRMVXdXeObP8nvmdLH8aNr0iCSmc5Noxzh3pzqhXxCOPA4smJ6GUIOtqJ3onIHTaqIX9G4jiU4UEWBb5I9iOi73GRhTA8ase5GM0LonECi9+C0mmrX+Ro2/yhuh/Yl0cDOB X-Microsoft-Antispam: BCL:0; ARA:14566002|461199019|440099019|3412199016|1602099003; X-Microsoft-Antispam-Message-Info: v8uUxbrO064zL6Rsj6SU0sogHi2UFo1HJtm1x5ADCrDVjLUAIFRecnqGsO/rm8oSwmSQdJjI20ylaswgui9+rd1A3dJy9V8P9Z1Y167RkmIBCCN0G3Y9V/TRaQQSLYgNnlhEYPyVCvrU013LHAZu7psaD45pW3wAwkyJFrHBhXimX7EO8IpP/gyKrntKC1/h5zrbsRYNXZrcM5WpUfu2zLG34jj5YBc+bsYi3SorMre7mD1FtYoYC6MzWy6jnGWLnNw6+haemMbXv/7u/0Pd6mhmxiO+4VUR7zs8tZrT/jeyn+dMJ/X8qxEbEzMV9MGQuKhIGpxk6UEemqbi9DgVlELEeE+K3aygr7VLfyTOzKtpzFymMA7Rvq0Wnb0EYMjq5YRrDIjpiTI5zyXYfZUIxB7iHK0DeqNaZx5Tlb1yJpqmTgLEREJis9ZHZYxmdtkyfbYFOAE+u/b5sj4phPC9kp+9IRcEV46u2bKi7C9e7s1rcasuORmys7HyKxbNIxhTnFMMhjJUrTHLJt/wrVr1GzdcSegNefhWPQwMoQKCmBDkusOEZ8gZYGfeIDsJegA9GoCha77MTV1QWfbVmh7f+vZpNKPHt4XrH1rwPNNjZm5TbLCujmjdm8VjdHrP/7EwP++Vh6rFB5HNZeVEZGK1zB85qjdXDzkwf6E01F6WwIE= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bVhHVGVrSndnM09pQkNMd3p5K1d3cXVDSk9yVGNtMXBRZ3NPOXl2Sm9XWTM4?= =?utf-8?B?VWMwYnQ1RVRuQm4wbTZiM2o2WlJHdzE1bWdaWXZBRmFIelg0amJsRGhaUXpQ?= =?utf-8?B?MlV1a1M1Vnl5SDR0dHhNd2dNaWMwU0laSFNKZjNvNW9CQ2g3SmhlK1lMMWlo?= =?utf-8?B?TDJIWWZnSm5RMDg0YVNmdVpRNkpidjdtd1B0R242SktjYXZvUXp3WWNXVmo5?= =?utf-8?B?QUJEMnBOc2I1cTRQUndOWEhkbmN2a3VPbzU5SGlMYlJVRm5ybW1kSVU1b0lN?= =?utf-8?B?TmRORVdIZ3EwTXh2S0VzQW1qdDZhY1ltb3Mrb3VkUFQvcmd5YmxvbFhyeDQw?= =?utf-8?B?WnJrR29DaXhXWUlTVmNZM2NPSzN2d1FuZEVBSEgyWVR1dE85UGptU1FnSC9M?= =?utf-8?B?Q3RrSVN6aGd1VDVrRDArc0pqQW9RWWlIbVIzOVl3bWhwRUtIZTM0RHNMTnVQ?= =?utf-8?B?cUZCaEhiUWpLeTNTbTdUYUQxbys2T1dEeG1VUk8wU0xmVTlURjJWeGpnNVd1?= =?utf-8?B?UDRleDlqaWY4QjE0SWozOWdoN0xRUzhURzM3NFY5NDVLQ0lRR1JPd0h3YnRm?= =?utf-8?B?MldxNTFtOW45cGtyWkJ4RWFZQVUzTDk3Q0lIUjg5MTE3RHNHM3laNHVXNW43?= =?utf-8?B?UkpYL1hZbHUwendPYUhYTmhnM1NEYkI0bUtZN1F3NEhXankzWnlWdG9ISnNI?= =?utf-8?B?aDRRME5Kekp5K1JxL0Zxc2VuKzMwYklPaVlzWTJoaCsvU0xzSnV3elNVbDlv?= =?utf-8?B?VnJDZHNZY1ZRdElIbmZscy9MbVpPR3g0VFE1aVF4akNmaXpWQWl1TWZVUlZq?= =?utf-8?B?UUY5bGNFVXNGSE05UjJWUFFLUlJ1eEs5TTJMVHhRayszSFM1RlhFekFxNmtm?= =?utf-8?B?KzY3VG12bzRvakFOMUxnRVN1QXd3TWM3ejBwcURXMTJYeUpiNFpKdlJaSHNC?= =?utf-8?B?UHJmeTRTRXUrcGVCU2VRbXZVbzlEOGJqS21RVFNuU3lmM3B6aXBDRWxJazBV?= =?utf-8?B?YlFjYjVKODMyM0tubWo1ZVdzdTBJSkpZeWRIdDBEb1J5eldrcHloVkxiY1FU?= =?utf-8?B?R0MrRkhnS0l4akJ1T1F5elFYNmFXY0cxMTgxdzY3MGFCZDZkb0hPMDBxRlAr?= =?utf-8?B?NGQrM3hobnJFdnFVQ25zeGhsMUZ2Q3pRbDZqZUliZzI3R3hkM05HMUkyLzB2?= =?utf-8?B?ejBKMkNxSGZIU05ZTEtTWi9mZTFHaHBuSk5GL2twTW5VWmEzVGEvUjVrYjA1?= =?utf-8?B?R0d2cktVQjdDbE1kTUVhYW5hUEpSMVFGMmpDeTlEQytwc2EwTHl6YlJUaXVj?= =?utf-8?B?Z2ZVdUNpa0FSMmw1QWhVQ29uZjBZdEZPZWtpVWpKMWdIWVR3YnRxNDExdmpI?= =?utf-8?B?U1RESzhOQmJUeTZCQXA1M2YvZ3JoY1VGaXVoSDBMOVRBRXUvcDErc1ZEY01L?= =?utf-8?B?cWN0TDBkcjJkbHVkQmxpQi9xT0I1a21nSWpYdGhPei9WbUF4ZENzWjVaeWZ0?= =?utf-8?B?VjRKU0I2eVl3Z0pKWnpQNlg2TjFjZktsZHBkeWFodmVBRzNEYzM3MHdtaUNu?= =?utf-8?B?S0NrYXIzcWl0UTZGcmxxZWFnRkt5NVZTWWdiazhGZ2FKZWgzSzlobWR2SU5R?= =?utf-8?B?ZFRlODhDUVBVY3VJNVVXWnlqem5lZVQ5OWR0UHB0b2tTbEFqZUlYaWlNb3Ra?= =?utf-8?B?TUdBdUV4TlFBSm1LcEV2N3c2UStGYzVuYy9XQlVQTldOdTg0MWpqeTIyWTlX?= =?utf-8?Q?0HNtxfMu1ry1C+6Ig1kVAzqgw9iDYS5y68LNQsf?= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-80ceb.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: b4394714-de6d-4f8e-7e44-08dc718578de X-MS-Exchange-CrossTenant-AuthSource: AS8P193MB1285.EURP193.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2024 06:42:05.4348 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2P193MB2306 X-Spam-Status: No, score=-6.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+public-inbox=simark.ca@sourceware.org On 5/10/24 20:03, Tom Tromey wrote: >>>>>> "Bernd" == Bernd Edlinger writes: > > Bernd> due to this incident you fixed here, I did some testing with tsan, > Bernd> and found a couple issues that I think are important, but I have no > Bernd> good idea how to solve them. > Bernd> https://sourceware.org/bugzilla/show_bug.cgi?id=31713 > Bernd> https://sourceware.org/bugzilla/show_bug.cgi?id=31715 > Bernd> https://sourceware.org/bugzilla/show_bug.cgi?id=31716 > > One option is to disable background reading, by having the DWARF reader > wait for the indexer to finish its work before returning. > > This is easy to implement, but unfortunate to have to do. Still, maybe > the best approach for GDB 15. > > I'll try to look into these bugs soon. > Thanks Tom, I think the call stack from the lambda function is probably a bit misleading. It seems to be that the state MAIN_AVAILABLE is set too early, because one or all of the Finalize functions need to be run first. This could solve most of the issues: --- a/gdb/dwarf2/cooked-index.c +++ b/gdb/dwarf2/cooked-index.c @@ -644,8 +644,6 @@ cooked_index::set_contents (vec_type &&vec, deferred_warnings *warn, gdb_assert (m_vector.empty ()); m_vector = std::move (vec); - m_state->set (cooked_state::MAIN_AVAILABLE); - /* This is run after finalization is done -- but not before. If this task were submitted earlier, it would have to wait for finalization. However, that would take a slot in the global @@ -653,6 +651,7 @@ cooked_index::set_contents (vec_type &&vec, deferred_warnings *warn, would cause a livelock. */ gdb::task_group finalizers ([=] () { + m_state->set (cooked_state::MAIN_AVAILABLE); m_state->set (cooked_state::FINALIZED); m_state->write_to_cache (index_for_writing (), warn); m_state->set (cooked_state::CACHE_DONE); but #31716 remains, and #31713 is now even more nasty. I've uploaded new error reports to bugzilla with the details. What I wonder, is how the life-cycle of these objects continue, are they immutable after CACHE_DONE, or can they be deleted later? Can a worker thread theoretically access an object that is about to be deleted? Bernd.