From patchwork Fri Oct 12 21:21:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Keith Seitz X-Patchwork-Id: 29726 Received: (qmail 81858 invoked by alias); 12 Oct 2018 21:21:45 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 81193 invoked by uid 89); 12 Oct 2018 21:21:45 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-24.4 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_LAZY_DOMAIN_SECURITY, KAM_SHORT, KAM_STOCKGEN, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=(unknown), subprogram, frames, assemble X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 12 Oct 2018 21:21:42 +0000 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B0B2A61476 for ; Fri, 12 Oct 2018 21:21:41 +0000 (UTC) Received: from theo.uglyboxes.com (ovpn04.gateway.prod.ext.phx2.redhat.com [10.5.9.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 74DA2831C4 for ; Fri, 12 Oct 2018 21:21:41 +0000 (UTC) From: Keith Seitz To: gdb-patches@sourceware.org Subject: [PATCH] Prevent inline function parameters from crashing the DWARF reader Date: Fri, 12 Oct 2018 14:21:41 -0700 Message-Id: <20181012212141.29423-1-keiths@redhat.com> X-IsSubscribed: yes When reading DWARF information for an inlined function, new_symbol assumes that the CU has a valid builder: case DW_TAG_formal_parameter: { /* If we are inside a function, mark this as an argument. If not, we might be looking at an argument to an inlined function when we do not have enough information to show inlined frames; pretend it's a local variable in that case so that the user can still see it. */ struct context_stack *curr = cu->builder->get_current_context_stack ()); if (curr != nullptr && curr->name != nullptr) SYMBOL_IS_ARGUMENT (sym) = 1; // .. However, as demonstrated in this Fedora bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1638798 the abstract_origin of the parameter DIE may be in an entirely different CU. This CU will have no builder defined for it, so the call to get_current_context_stack is made on an uninitialized builder, and GDB segfaults. gdb/ChangeLog: YYYY-MM-DD Keith Seitz https://bugzilla.redhat.com/show_bug.cgi?id=1638798 * dwarf2read.c (new_symbol): Don't assume there is a valid builder when processing formal_parameter; it may have come from another CU. gdb/testsuite/ChangeLog: YYYY-MM-DD Keith Seitz https://bugzilla.redhat.com/show_bug.cgi?id=1638798 * gdb.dwarf2/inline_subroutine-inheritance.exp: New file. --- gdb/ChangeLog | 7 + gdb/dwarf2read.c | 8 +- gdb/testsuite/ChangeLog | 5 + .../inline_subroutine-inheritance.exp | 213 ++++++++++++++++++ 4 files changed, 232 insertions(+), 1 deletion(-) create mode 100644 gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp diff --git a/gdb/ChangeLog b/gdb/ChangeLog index b3cc64659f..18fcb671b4 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,10 @@ +YYYY-MM-DD Keith Seitz + + https://bugzilla.redhat.com/show_bug.cgi?id=1638798 + * dwarf2read.c (new_symbol): Don't assume there is a valid + builder when processing formal_parameter; it may have come + from another CU. + 2018-10-11 Gary Benson * interps.h (interp::m_name): Make private and mutable. diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c index 2a1b805c9a..c11b778e71 100644 --- a/gdb/dwarf2read.c +++ b/gdb/dwarf2read.c @@ -21565,8 +21565,14 @@ new_symbol (struct die_info *die, struct type *type, struct dwarf2_cu *cu, when we do not have enough information to show inlined frames; pretend it's a local variable in that case so that the user can still see it. */ + + /* If this inlined function parameter is inherited from another + CU, that CU may not have a builder associated with it. + Don't assume that it does. */ struct context_stack *curr - = cu->builder->get_current_context_stack (); + = (cu->builder == nullptr + ? nullptr + : cu->builder->get_current_context_stack ()); if (curr != nullptr && curr->name != nullptr) SYMBOL_IS_ARGUMENT (sym) = 1; attr = dwarf2_attr (die, DW_AT_location, cu); diff --git a/gdb/testsuite/ChangeLog b/gdb/testsuite/ChangeLog index ba5fae99e7..9f5ab8f86a 100644 --- a/gdb/testsuite/ChangeLog +++ b/gdb/testsuite/ChangeLog @@ -1,3 +1,8 @@ +YYYY-MM-DD Keith Seitz + + https://bugzilla.redhat.com/show_bug.cgi?id=1638798 + * gdb.dwarf2/inline_subroutine-inheritance.exp: New file. + 2018-10-11 Sandra Loosemore * gdb.base/solib-vanish.exp: Fix regexp not to require a POSIX diff --git a/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp b/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp new file mode 100644 index 0000000000..92c5d0529b --- /dev/null +++ b/gdb/testsuite/gdb.dwarf2/inline_subroutine-inheritance.exp @@ -0,0 +1,213 @@ +# Copyright 2018 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# This tests a segfault that occurs when reading inline_subroutine DIEs +# with abstract_origins pointing to DIEs in other CUs. +# +# See https://bugzilla.redhat.com/show_bug.cgi?id=1638798 . + +load_lib dwarf.exp + +# This test can only be run on targets which support DWARF. +if {![dwarf2_support]} { + return 0 +} + +standard_testfile main.c .S + +# Create the DWARF. This is derived from the reproducer in the Fedora +# bugzila mentioned above. For clarity, some "superfluous" DIES have +# been left instead of simplifying/pruning the test further. +set asm_file [standard_output_file $srcfile2] +Dwarf::assemble $asm_file { + declare_labels Db D72f8 D736e + declare_labels D266465 D266477 D266483 D266496 D266498 D266ad3 D266ad9 \ + D266ade D26b227 D26b237 + declare_labels D26d8b1 D26d8c3 D26d8cf D26d944 D26d946 D26e103 D26e145 \ + D26e415 D26e48c D26df00 D26df06 D26df0b D272519 D274c1a D274c42 + + cu {} { + Db: compile_unit { + {language @DW_LANG_C99} + {name ""} + } { + D72f8: subprogram { + {abstract_origin :$D272519} + {low_pc 0xb9e20 addr} + {high_pc 0x1f5 data4} + } { + D736e: inlined_subroutine { + {abstract_origin :$D26b227} + {low_pc 0xb9efc addr} + {high_pc 0xc data4} + } { + formal_parameter { + {abstract_origin :$D274c42} + } + } + } + } + } + + cu {} { + D266465: compile_unit { + {language @DW_LANG_C99} + } { + D266477: typedef { + {name "size_t"} + {type :$D266483} + } + + D266483: base_type { + {byte_size 8 sdata} + {encoding @DW_ATE_unsigned} + } + + D266496: pointer_type { + {byte_size 8 sdata} + } + + D266498: restrict_type { + {type :$D266496} + } + + D266ad3: pointer_type { + {byte_size 8 sdata} + {type :$D266ade} + } + + D266ad9: restrict_type { + {type :$D266ad3} + } + + D266ade: const_type {} + + D26b227: subprogram { + {external 1 flag} + {name "memcpy"} + {type :$D266496} + } { + D26b237: formal_parameter { + {name "__dest"} + {type :$D266498} + } + formal_parameter { + {name "__src"} + {type :$D266ad9} + } + formal_parameter { + {name "__len"} + {type :$D266477} + } + } + } + } + + cu {} { + D26d8b1: compile_unit { + {language @DW_LANG_C99} + } { + D26d8c3: typedef { + {name "size_t"} + {type :$D26d8cf} + } + + D26d8cf: base_type { + {byte_size 8 sdata} + {encoding @DW_ATE_unsigned} + {name "long unsigned int"} + } + + D26d944: pointer_type { + {byte_size 8 sdata} + } + + D26d946: restrict_type { + {type :$D26d944} + } + + D26e103: structure_type { + {name "__object"} + {byte_size 12 sdata} + } { + member { + {name "__ob_next"} + {type :$D26e145} + {data_member_location 0 sdata} + } + } + + D26e145: pointer_type { + {byte_size 8 sdata} + {type :$D26e103} + } + + D26e415: typedef { + {name "PyObject"} + {type :$D26e103} + } + + D26e48c: pointer_type { + {byte_size 8 sdata} + {type :$D26e415} + } + + D26df00: pointer_type { + {byte_size 8 sdata} + {type :$D26df0b} + } + + D26df06: restrict_type { + {type :$D26df00} + } + + D26df0b: const_type {} + + D272519: subprogram { + {name "bytes_repeat"} + {type :$D26e48c} + } + + D274c1a: subprogram { + {external 1 flag} + {name "memcpy"} + {type :$D26d944} + } { + formal_parameter { + {name "__dest"} + {type :$D26d946} + } + formal_parameter { + {name "__src"} + {type :$D26df06} + } + D274c42: formal_parameter { + {name "__len"} + {type :$D26d8c3} + } + } + } + } +} + +if {[prepare_for_testing "failed to prepare" $testfile \ + "${asm_file} ${srcfile}" {}]} { + return -1 +} + +# All we need to do is set a breakpoint, which causes the DWARF +# info to be read, to demonstrate the problem. + +gdb_breakpoint "bytes_repeat" message