From patchwork Thu May 18 08:37:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Burgess X-Patchwork-Id: 69587 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 767A93857724 for ; Thu, 18 May 2023 08:38:48 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 767A93857724 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1684399128; bh=B63TIwJIoB/VB//C80GAuVFiiJoWscvD2ylyUyL5TXM=; h=To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=Ajd3HSxs1F1Y3hl1wUz55MrhNebhGuGwL4A3LJDbgn85XAYrpGNJ8K0kYaR1EyIzC kaT/2BZwxj+sBVOIgPZzm/Q6EcxxH2yhhC5QVHWMhDXCZ6nVGFTYjRsS4OgOOkqXln 7pHjoWviByZJs7HdJ2FQ5djK4431ryzptz4Fjp/4= X-Original-To: gdb-patches@sourceware.org Delivered-To: gdb-patches@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 45D6638560AA for ; Thu, 18 May 2023 08:38:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 45D6638560AA Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-186-NViED8oaOwCmIv3GJ0Yx6w-1; Thu, 18 May 2023 04:38:08 -0400 X-MC-Unique: NViED8oaOwCmIv3GJ0Yx6w-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-30643d4a430so669230f8f.0 for ; Thu, 18 May 2023 01:38:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684399087; x=1686991087; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B63TIwJIoB/VB//C80GAuVFiiJoWscvD2ylyUyL5TXM=; b=LE0j5OGLL6qA5bPQkvNtHsulv5z0QxJGgGpcBcOrCofu6VeGLpL8JL+fV20an5JiZ+ AR7MrXbP2ry5qev2sMMEM1GXpt4oIhllHy6HOVVCYniWJsXZa1gOlgh3a/bLQy7sOr64 ZIjiDjjIOd64RYzsWagBQWgO/3ZqK10MEeaTbUofLIIYowGJLh3rG4F+flSgMEUoinrx mcn4aDwNjBXRO+8g8/t2B+7gA22VEX4W1xifUHkGtU13Qw0GtyiCVrUHFYOH+ykU6TyE T18ezcyTH6KPVOYhMnzaYu/B3WzP0eWNc2KRxx9/ZDKa0DkrQY7OUbS3XSvcu09XGSUN Ab1g== X-Gm-Message-State: AC+VfDyViIZXJzDE73Z49Kh+ICpuwUV4NJtWknab4+DPtR8DZU2hXxVB v54lxYbH5U5fHYrDXUU7iuO33Sk7o2iK4A5YJQkGRSquPJ01WAZPepMHRRckevAYEz6ho5mUDtX LQ/JhPvt8mK5PvEQcGS7sr+my1Umtt1QVQQIKYhkAUUuGu2O6dqtt+gxvGzCtny2p/nMoQDH3sV AaLMrvAw== X-Received: by 2002:adf:e50f:0:b0:309:4da8:7726 with SMTP id j15-20020adfe50f000000b003094da87726mr645664wrm.44.1684399087124; Thu, 18 May 2023 01:38:07 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6RA3S39STr0kty538tl9ed8DDB3RaWLj5VhcW5J8qtiQzFpft59cIN/fWIMlX2+JpW1HwFbA== X-Received: by 2002:adf:e50f:0:b0:309:4da8:7726 with SMTP id j15-20020adfe50f000000b003094da87726mr645640wrm.44.1684399086698; Thu, 18 May 2023 01:38:06 -0700 (PDT) Received: from localhost (11.72.115.87.dyn.plus.net. [87.115.72.11]) by smtp.gmail.com with ESMTPSA id f4-20020a5d5684000000b0030903d44dbcsm1399095wrv.33.2023.05.18.01.38.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 May 2023 01:38:06 -0700 (PDT) To: gdb-patches@sourceware.org Cc: Andrew Burgess Subject: [PATCH 2/2] gdb: safety checks in skip_prologue_using_sal Date: Thu, 18 May 2023 09:37:55 +0100 Message-Id: <74b814d3c7621df2d09945579829194e33a4ccf4.1684398918.git.aburgess@redhat.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: References: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-11.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Andrew Burgess via Gdb-patches From: Andrew Burgess Reply-To: Andrew Burgess Errors-To: gdb-patches-bounces+patchwork=sourceware.org@sourceware.org Sender: "Gdb-patches" While working on the previous patch I reverted this commit: commit e86e87f77fd5d8afb3e714f1d9e09e0ff5b4e6ff Date: Tue Nov 28 16:23:32 2006 +0000 * symtab.c (find_pc_sect_line): Do not return a line before the start of a symtab. When I re-ran the testsuite I saw some GDB crashes in the tests: gdb.dwarf2/dw2-line-number-zero.exp gdb.dwarf2/dw2-lines.exp gdb.dwarf2/dw2-vendor-extended-opcode.exp GDB was reading beyond the end of an array in the function skip_prologue_using_sal. Now, without the above commit reverted I don't believe that this should ever happen. Reverting the above commit effectively breaks GDB's symtab_and_line lookup, we try to find a result for an address, and return the wrong symtab and line-table. In skip_prologue_using_sal we then walk the line table looking for an appropriate entry, except we never find one, and GDB just keeps going, wandering off the end of the array. However, I think adding extra protection to prevent walking off the end of the array is pretty cheap, and if something does go wrong in the future then this should prevent a random crash. Obviously, I have no reproducer for this, as I said, I don't think this should impact GDB at all, this is just adding a little extra caution. --- gdb/symtab.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/gdb/symtab.c b/gdb/symtab.c index 4f28667b1b3..5e1b9d91879 100644 --- a/gdb/symtab.c +++ b/gdb/symtab.c @@ -3953,15 +3953,17 @@ skip_prologue_using_sal (struct gdbarch *gdbarch, CORE_ADDR func_addr) struct objfile *objfile = prologue_sal.symtab->compunit ()->objfile (); const linetable *linetable = prologue_sal.symtab->linetable (); + gdb_assert (linetable->nitems > 0); int idx = 0; /* Skip any earlier lines, and any end-of-sequence marker from a previous function. */ - while (linetable->item[idx].pc (objfile) != prologue_sal.pc - || linetable->item[idx].line == 0) + while (idx + 1 < linetable->nitems + && (linetable->item[idx].pc (objfile) != prologue_sal.pc + || linetable->item[idx].line == 0)) idx++; - if (idx+1 < linetable->nitems + if (idx + 1 < linetable->nitems && linetable->item[idx+1].line != 0 && linetable->item[idx+1].pc (objfile) == start_pc) return start_pc;