* [PATCH 2/2][libbacktrace] Don't point to released memory in backtrace_vector_release
@ 2018-11-22 12:36 Tom de Vries
2018-11-23 20:55 ` [PATCH 3/4][libbacktrace] " Tom de Vries
0 siblings, 1 reply; 3+ messages in thread
From: Tom de Vries @ 2018-11-22 12:36 UTC (permalink / raw)
To: gcc-patches; +Cc: Ian Lance Taylor
Hi,
When backtrace_vector_release is called with vec.size == 0, it releases the
memory pointed at by vec.base.
In case of the backtrace_vector_release in alloc.c, vec.base may then be set
to NULL, but this is not guaranteed.
Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released
memory.
OK for trunk if bootstrap and reg-test on x86_64 succeeds?
Thanks,
- Tom
[libbacktrace] Don't point to released memory in backtrace_vector_release
2018-11-22 Tom de Vries <tdevries@suse.de>
* alloc.c (backtrace_vector_release): Set base to NULL if size == 0.
* mmap.c (backtrace_vector_release): Same.
* unittest.c (test1): Add check.
---
libbacktrace/alloc.c | 2 ++
libbacktrace/mmap.c | 2 ++
libbacktrace/unittest.c | 4 +++-
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/libbacktrace/alloc.c b/libbacktrace/alloc.c
index 2f7ad956088..fb1e754788b 100644
--- a/libbacktrace/alloc.c
+++ b/libbacktrace/alloc.c
@@ -152,5 +152,7 @@ backtrace_vector_release (struct backtrace_state *state ATTRIBUTE_UNUSED,
return 0;
}
vec->alc = 0;
+ if (vec->size == 0)
+ vec->base = NULL;
return 1;
}
diff --git a/libbacktrace/mmap.c b/libbacktrace/mmap.c
index 32fcba62399..9f896a1bb99 100644
--- a/libbacktrace/mmap.c
+++ b/libbacktrace/mmap.c
@@ -321,5 +321,7 @@ backtrace_vector_release (struct backtrace_state *state,
backtrace_free (state, (char *) vec->base + aligned, alc,
error_callback, data);
vec->alc = 0;
+ if (vec->size == 0)
+ vec->base = NULL;
return 1;
}
diff --git a/libbacktrace/unittest.c b/libbacktrace/unittest.c
index 576aa080935..6c07aff91ee 100644
--- a/libbacktrace/unittest.c
+++ b/libbacktrace/unittest.c
@@ -58,6 +58,7 @@ test1 (void)
{
int res;
int failed;
+ void *prev;
struct backtrace_vector vec;
@@ -68,8 +69,9 @@ test1 (void)
vec.size = 0;
count = 0;
+ prev = vec.base;
res = backtrace_vector_release (state, &vec, error_callback, NULL);
- failed = res != 1 || count != 0;
+ failed = res != 1 || count != 0 || vec.base != NULL;
printf ("%s: unittest backtrace_vector_release size == 0\n",
failed ? "FAIL": "PASS");
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 3/4][libbacktrace] Don't point to released memory in backtrace_vector_release
2018-11-22 12:36 [PATCH 2/2][libbacktrace] Don't point to released memory in backtrace_vector_release Tom de Vries
@ 2018-11-23 20:55 ` Tom de Vries
2018-11-26 22:25 ` Jeff Law
0 siblings, 1 reply; 3+ messages in thread
From: Tom de Vries @ 2018-11-23 20:55 UTC (permalink / raw)
To: gcc-patches; +Cc: Ian Lance Taylor
[ was: Re: [PATCH 2/2][libbacktrace] Don't point to released memory in
backtrace_vector_release ]
On Thu, Nov 22, 2018 at 01:36:49PM +0100, Tom de Vries wrote:
> Hi,
>
> When backtrace_vector_release is called with vec.size == 0, it releases the
> memory pointed at by vec.base.
>
> In case of the backtrace_vector_release in alloc.c, vec.base may then be set
> to NULL, but this is not guaranteed.
>
> Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released
> memory.
>
> OK for trunk if bootstrap and reg-test on x86_64 succeeds?
>
Reposting patch with alloc.c part dropped, now that alloc.c has been rewritten
to use free instead of realloc with size 0.
OK for trunk?
Thanks,
- Tom
[libbacktrace] Don't point to released memory in backtrace_vector_release
When backtrace_vector_release is called with vec.size == 0, it releases the
memory pointed at by vec.base.
Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released
memory.
Bootstrapped and reg-tested on x86_64.
2018-11-22 Tom de Vries <tdevries@suse.de>
* mmap.c (backtrace_vector_release): Same.
* unittest.c (test1): Add check.
---
libbacktrace/mmap.c | 2 ++
libbacktrace/unittest.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/libbacktrace/mmap.c b/libbacktrace/mmap.c
index 32fcba62399..9f896a1bb99 100644
--- a/libbacktrace/mmap.c
+++ b/libbacktrace/mmap.c
@@ -321,5 +321,7 @@ backtrace_vector_release (struct backtrace_state *state,
backtrace_free (state, (char *) vec->base + aligned, alc,
error_callback, data);
vec->alc = 0;
+ if (vec->size == 0)
+ vec->base = NULL;
return 1;
}
diff --git a/libbacktrace/unittest.c b/libbacktrace/unittest.c
index 576aa080935..3471d78488d 100644
--- a/libbacktrace/unittest.c
+++ b/libbacktrace/unittest.c
@@ -69,7 +69,7 @@ test1 (void)
count = 0;
res = backtrace_vector_release (state, &vec, error_callback, NULL);
- failed = res != 1 || count != 0;
+ failed = res != 1 || count != 0 || vec.base != NULL;
printf ("%s: unittest backtrace_vector_release size == 0\n",
failed ? "FAIL": "PASS");
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 3/4][libbacktrace] Don't point to released memory in backtrace_vector_release
2018-11-23 20:55 ` [PATCH 3/4][libbacktrace] " Tom de Vries
@ 2018-11-26 22:25 ` Jeff Law
0 siblings, 0 replies; 3+ messages in thread
From: Jeff Law @ 2018-11-26 22:25 UTC (permalink / raw)
To: Tom de Vries, gcc-patches; +Cc: Ian Lance Taylor
On 11/23/18 1:55 PM, Tom de Vries wrote:
> [ was: Re: [PATCH 2/2][libbacktrace] Don't point to released memory in
> backtrace_vector_release ]
>
> On Thu, Nov 22, 2018 at 01:36:49PM +0100, Tom de Vries wrote:
>> Hi,
>>
>> When backtrace_vector_release is called with vec.size == 0, it releases the
>> memory pointed at by vec.base.
>>
>> In case of the backtrace_vector_release in alloc.c, vec.base may then be set
>> to NULL, but this is not guaranteed.
>>
>> Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released
>> memory.
>>
>> OK for trunk if bootstrap and reg-test on x86_64 succeeds?
>>
>
> Reposting patch with alloc.c part dropped, now that alloc.c has been rewritten
> to use free instead of realloc with size 0.
>
> OK for trunk?
>
> Thanks,
> - Tom
>
> [libbacktrace] Don't point to released memory in backtrace_vector_release
>
> When backtrace_vector_release is called with vec.size == 0, it releases the
> memory pointed at by vec.base.
>
> Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released
> memory.
>
> Bootstrapped and reg-tested on x86_64.
>
> 2018-11-22 Tom de Vries <tdevries@suse.de>
>
> * mmap.c (backtrace_vector_release): Same.
> * unittest.c (test1): Add check.
Looks like this one still is relevant :-)
OK
jeff
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-11-26 22:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-22 12:36 [PATCH 2/2][libbacktrace] Don't point to released memory in backtrace_vector_release Tom de Vries
2018-11-23 20:55 ` [PATCH 3/4][libbacktrace] " Tom de Vries
2018-11-26 22:25 ` Jeff Law
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).