From patchwork Thu Jun 22 14:36:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alan Hayward X-Patchwork-Id: 21199 Received: (qmail 105836 invoked by alias); 22 Jun 2017 14:36:33 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 105800 invoked by uid 89); 22 Jun 2017 14:36:32 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.0 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, MIME_BASE64_BLANKS, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.2 spammy= X-HELO: EUR01-HE1-obe.outbound.protection.outlook.com Received: from mail-he1eur01on0045.outbound.protection.outlook.com (HELO EUR01-HE1-obe.outbound.protection.outlook.com) (104.47.0.45) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 22 Jun 2017 14:36:30 +0000 Received: from AM3PR08MB0101.eurprd08.prod.outlook.com (10.160.211.19) by AM3PR08MB0101.eurprd08.prod.outlook.com (10.160.211.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1178.14; Thu, 22 Jun 2017 14:36:25 +0000 Received: from AM3PR08MB0101.eurprd08.prod.outlook.com ([fe80::9063:8caa:1bc4:156f]) by AM3PR08MB0101.eurprd08.prod.outlook.com ([fe80::9063:8caa:1bc4:156f%14]) with mapi id 15.01.1178.023; Thu, 22 Jun 2017 14:36:25 +0000 From: Alan Hayward To: Pedro Alves CC: Yao Qi , "gdb-patches@sourceware.org" , nd Subject: Re: [PATCH] Remove MAX_REGISTER_SIZE from py-unwind.c Date: Thu, 22 Jun 2017 14:36:25 +0000 Message-ID: References: <86bmpgjso6.fsf@gmail.com> <82556349-1E8C-44C3-9FC9-68F15E36D4D4@arm.com> <8b641cf5-6cdc-5c4e-6f85-eb28f08bed9c@redhat.com> In-Reply-To: <8b641cf5-6cdc-5c4e-6f85-eb28f08bed9c@redhat.com> authentication-results: redhat.com; dkim=none (message not signed) header.d=none; redhat.com; dmarc=none action=none header.from=arm.com; x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM3PR08MB0101; 7:sDRBBQkeb4MnE/VIZ295gZncuEz3BR8hVvwQrBvutKvcqqWO1d/bvOzkH3tBPAmkJw/zY+ILeoh8rIaKu42AGBaUeFCEXYZdNIVYXgeYkyeeX9qrmrzrWYWV3g/wVEfsgWw0oxn9+xb/Uzd+SDmdENoN0pTkwt2HITFtvOeuZNN/uzpg6PVO0Z0reQ4crLI3e1/gau09xWUIZFC8drCSs71Ubv010v78gZBdfiutr3PNnI3T9zwMfTc6FqPpomKCizFCUHImv2FFlMQmbvSTDKXZFrkiDapYzibbkANMavOEsNfInYKmFberSJq8OEH/eY1bpSCsKyArXCmrH0zkZ3L5yg09b31Z6MKpS7cOyfCGpRqJ15OhYa02AjNg0a3WHXNZQ8nGGSsZmBH4IERtj9ExzFcCEqZRQOAIhFAHK3/LAsflbxQ8ZbmX+Ov7t7592X7IC+N3NzSqhixKlPCxJNvLkYg8piUhycwisRl4cbUmW7AXn3C7OcuHwzAmSj5pJ4lb6ybUHAsYs99gdUjS8yG84CB50zuHFWYN63kP2D9XTm3V/P432LCQxM/k0zt7TUzy2knHLD1y4vOKK/h3rNxyMwrw2jgEuxpCBImiH0gdJ6Z4I/edKbtIB7oyTS9RBgpIGHkCk61IOkqmbNhB4LB1vjgP8hSXV3e+ZGU/hrR05YM3V0LKSyGWpEIoCKbCyIUOyFoGhCv8Tn5QiJAuwsMnQ1ZHrG3jXrUxTlNTjoEKIY7fhTCTDFlL3+338okgVN7v41WZgARYXQgEC5yE9HtZNLcsLkgNdHoAP4r7fr0= x-ms-office365-filtering-correlation-id: ecf156b4-3a02-4b49-fe20-08d4b97c0fc6 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:AM3PR08MB0101; x-ms-traffictypediagnostic: AM3PR08MB0101: nodisclaimer: True x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(180628864354917); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(100000703101)(100105400095)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123558100)(20161123555025)(20161123560025)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM3PR08MB0101; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM3PR08MB0101; x-forefront-prvs: 03468CBA43 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39410400002)(39400400002)(39850400002)(39450400003)(39840400002)(39860400002)(377454003)(24454002)(377424004)(305945005)(36756003)(66066001)(7736002)(6486002)(229853002)(478600001)(2906002)(2950100002)(6916009)(3280700002)(86362001)(3660700001)(14454004)(72206003)(81166006)(8936002)(81156014)(99286003)(189998001)(6506006)(8676002)(6512007)(54906002)(25786009)(5660300001)(4326008)(3846002)(102836003)(6116002)(2900100001)(83716003)(33656002)(6246003)(110136004)(6436002)(38730400002)(5250100002)(54356999)(76176999)(39060400002)(50986999)(93886004)(82746002)(53546010)(53936002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR08MB0101; H:AM3PR08MB0101.eurprd08.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-ID: <7183C94F4DF8A74196B1D0E690E64C05@eurprd08.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2017 14:36:25.7083 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR08MB0101 X-IsSubscribed: yes > On 22 Jun 2017, at 14:22, Pedro Alves wrote: > > On 06/22/2017 02:13 PM, Alan Hayward wrote: > >> Ok, pushed with changes as suggested. >> >> Patch below. > > Sorry, but this looks broken to me. > > cached_frame_info is using the trailing array idiom ... > >> @@ -93,7 +84,7 @@ typedef struct >> /* Length of the `reg' array below. */ >> int reg_count; >> >> - struct reg_info reg[]; >> + cached_reg_t reg[]; >> } cached_frame_info; >> > >> >> - cached_frame >> - = ((cached_frame_info *) >> - xmalloc (sizeof (*cached_frame) >> - + reg_count * sizeof (cached_frame->reg[0]))); >> + cached_frame = XNEW (cached_frame_info); > > but now you're not allocating enough space for the array elements... > > >> cached_frame->gdbarch = gdbarch; >> cached_frame->frame_id = unwind_info->frame_id; >> cached_frame->reg_count = reg_count; >> @@ -580,13 +568,14 @@ pyuw_sniffer (const struct frame_unwind *self, struct frame_info *this_frame, >> struct value *value = value_object_to_value (reg->value); >> size_t data_size = register_size (gdbarch, reg->number); >> >> - cached_frame->reg[i].number = reg->number; >> + cached_frame->reg[i].num = reg->number; > > ... that you're accessing here and below. > > Valgrind probably shows the now-out-of-bounds accesses. > > Ouch! My mistake. Quick patch to revert that line to it’s previous state. Ok? 2017-06-22 Alan Hayward * python/py-unwind.c (pyuw_sniffer): Allocate space for registers. diff --git a/gdb/python/py-unwind.c b/gdb/python/py-unwind.c index da1703ecf2b843d9a6790f095e64c2915280ae35..1d800a7b7861da6a168440b600fb2862c42b4e4b 100644 --- a/gdb/python/py-unwind.c +++ b/gdb/python/py-unwind.c @@ -557,7 +557,10 @@ pyuw_sniffer (const struct frame_unwind *self, struct frame_info *this_frame, saved_reg *reg; int i; - cached_frame = XNEW (cached_frame_info); + cached_frame + = ((cached_frame_info *) + xmalloc (sizeof (*cached_frame) + + reg_count * sizeof (cached_frame->reg[0]))); cached_frame->gdbarch = gdbarch; cached_frame->frame_id = unwind_info->frame_id; cached_frame->reg_count = reg_count;