From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2126) id 91BDA385828D; Wed, 3 Aug 2022 19:42:25 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 91BDA385828D Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Tom Tromey To: gdb-cvs@sourceware.org Subject: [binutils-gdb] Use unique_ptr to destroy per-bfd object X-Act-Checkin: binutils-gdb X-Git-Author: Tom Tromey X-Git-Refname: refs/heads/master X-Git-Oldrev: 075e4d6d95681bfbf53e849c2802a75d1d4cbdca X-Git-Newrev: 88c4cce8d28e6be486cb25fbbccf2b42e40da45b Message-Id: <20220803194225.91BDA385828D@sourceware.org> Date: Wed, 3 Aug 2022 19:42:25 +0000 (GMT) X-BeenThere: gdb-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2022 19:42:25 -0000 https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3D88c4cce8d28e= 6be486cb25fbbccf2b42e40da45b commit 88c4cce8d28e6be486cb25fbbccf2b42e40da45b Author: Tom Tromey Date: Tue Aug 2 12:01:01 2022 -0600 Use unique_ptr to destroy per-bfd object =20 In some cases, the objfile owns the per-bfd object. This is yet another object that can sometimes be destroyed before the registry is destroyed, possibly reslting in a use-after-free. Also, I noticed that the condition for deleting the object is not the same as the condition used to create it -- so it could possibly result in a memory leak in some situations. This patch fixes the problem by introducing a new unique_ptr that holds this object when necessary. Diff: --- gdb/objfiles.c | 22 +++++++--------------- gdb/objfiles.h | 9 +++++++-- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/gdb/objfiles.c b/gdb/objfiles.c index c92da7548b3..31c27e9c3cb 100644 --- a/gdb/objfiles.c +++ b/gdb/objfiles.c @@ -117,9 +117,10 @@ objfile_per_bfd_storage::~objfile_per_bfd_storage () NULL, and it already has a per-BFD storage object, use that. Otherwise, allocate a new per-BFD storage object. */ =20 -static struct objfile_per_bfd_storage * -get_objfile_bfd_data (bfd *abfd) +void +set_objfile_per_bfd (struct objfile *objfile) { + bfd *abfd =3D objfile->obfd.get (); struct objfile_per_bfd_storage *storage =3D NULL; =20 if (abfd !=3D NULL) @@ -133,21 +134,15 @@ get_objfile_bfd_data (bfd *abfd) enough that this seems reasonable. */ if (abfd !=3D NULL && !gdb_bfd_requires_relocations (abfd)) objfiles_bfd_data.set (abfd, storage); + else + objfile->per_bfd_storage.reset (storage); =20 /* Look up the gdbarch associated with the BFD. */ if (abfd !=3D NULL) storage->gdbarch =3D gdbarch_from_bfd (abfd); } =20 - return storage; -} - -/* See objfiles.h. */ - -void -set_objfile_per_bfd (struct objfile *objfile) -{ - objfile->per_bfd =3D get_objfile_bfd_data (objfile->obfd.get ()); + objfile->per_bfd =3D storage; } =20 /* Set the objfile's per-BFD notion of the "main" name and @@ -353,7 +348,7 @@ objfile::objfile (gdb_bfd_ref_ptr bfd_, const char *nam= e, objfile_flags flags_) build_objfile_section_table (this); } =20 - per_bfd =3D get_objfile_bfd_data (obfd.get ()); + set_objfile_per_bfd (this); } =20 /* If there is a valid and known entry point, function fills *ENTRY_P with= it @@ -555,9 +550,6 @@ objfile::~objfile () if (sf !=3D NULL) (*sf->sym_finish) (this); =20 - if (obfd =3D=3D nullptr) - delete per_bfd; - /* Before the symbol table code was redone to make it easier to selectively load and remove information particular to a specific linkage unit, gdb used to do these things whenever the monolithic diff --git a/gdb/objfiles.h b/gdb/objfiles.h index ac45fa3980f..16dab0d2c69 100644 --- a/gdb/objfiles.h +++ b/gdb/objfiles.h @@ -653,11 +653,16 @@ public: =20 gdb_bfd_ref_ptr obfd; =20 - /* The per-BFD data. Note that this is treated specially if OBFD - is NULL. */ + /* The per-BFD data. */ =20 struct objfile_per_bfd_storage *per_bfd =3D nullptr; =20 + /* In some cases, the per_bfd object is owned by this objfile and + not by the BFD itself. In this situation, this holds the owning + pointer. */ + + std::unique_ptr per_bfd_storage; + /* The modification timestamp of the object file, as of the last time we read its symbols. */