From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from sonic313-21.consmr.mail.ir2.yahoo.com (sonic313-21.consmr.mail.ir2.yahoo.com [77.238.179.188]) by sourceware.org (Postfix) with ESMTPS id DEF643858D28 for ; Wed, 18 Jan 2023 17:27:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org DEF643858D28 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=yahoo.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yahoo.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.de; s=s2048; t=1674062857; bh=IHqSiXTPga2W0wiIn6obNqy4ZD4yU2FRViUm7hQ1qI4=; h=From:To:Subject:Date:References:From:Subject:Reply-To; b=cePAhBCmbXtX2/2P7nvQee7CyxeLpWcsKJhxfm0NSd0FIfDFX//s5myZLzILhxRhGsQpwiG8OTMvjdDY2R6nMJ+OOUbp/TKmfexmW0Yy2hdwBx6RYLXAtS9sfM2SmakS4IqKLICWSFQH0sO6X//JGEarWvbgZmI4BBn63aSJrUp0JztyLHaJBVPmgZKrykRALub4UosTDiK2J0LzhDafyDO8/F4DOCKK06rYBNnOnfIiNBezZVjAbjPZoGc9Al5AzPXBefBNGBrGVu7e66ea3pemC1OFFDWg1EqTDXrFNO4vV4qz2AoKkMCKdVwr480VanJpgVI5CuCd4bKSJWGxQg== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1674062857; bh=DWC0Sr1oR+Vp3EtNi8z+arfRY152wuHmmUPQGv58PrO=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=V/VbfIkIZzlReu9JahHWzKfdWz/C+1yHVpInsDExoMdaJ/4iTD4HiYfkuyQMs58LoY+y5/ajWPzwC+yz+yANJ/qzKuJdlRdTJcFc7ffVkVT5hP2cUlyZfdcFT2lsYwdR8xp9FgvOw9mtfBm8dGrLD9f0koDxJItw5yF7wYdUbSKGAEbRFrKIrF7DR+z7ilJe70fEW1fcFTuftNcevxkdW6yM96mbmk4yD8doUXTjS/6443CTRrjCZwo4UNBm6TSJqzn+QcrOoE3W18/sUXzRT+BGD87IMx371gB2bP4o83YvejHvIICvRJnznYjfeXPvekJUYBb9Oa/xyXoggtU+tQ== X-YMail-OSG: aPh6dVoVM1l1COzQlt8Jj0EhNSkyvh4p7uif3kJ09yrJ.6JRuzzUzAMWPUZ27sq bVcofOH38D4FfRsT6xYxfkXGwkFyXk56fjadZNuA7do7AAztuuyYuN_RW4nPOCewplwBs8yhxRyq PAp0M8Rir5gQGfefKAm_9_cHMQaWvgT6gNYyqYDGLls9tXEt13b3o9AXqtoDaHBYKCi2M9Qn85da x8aPmcjl7GVBS_qdJ.s80kiohYWJs.zot3C3SQswV_pUEDLcXJYvzZcRwhLfZ55XX5jTwcQMQaol a9yF2j5fMjp411z1tNNhyc0GXxuJScCB1fDXjW0eeDiRj2gw7CX0LzEoNEjYmBbsrXGnQFSk1F6o XTpIa3t6mjanbyUzm43c0XiBCKlu2yEMc_vk7WWqio6QzbQVxWMqy79sXnfGWKfMkMnhvuVDHrIc NVxtVDQKk52INB6vBIlmcz85nMzfhhzPOMRT8rmcgX2tzpYBmtQLZWWnCHqsbOWuMsfZ5In98Yjo w1h2wc0nywDC_ENSUMbC10fv8TWJU7KJdCHmw0iMnHpLpbvTR_aCvur8PHn4g5EQ2feZH..yVjyV ru7aKmAyS_lA3GYHsZRLtotP6j0Yj25SJkGSIVh1cTS9z6bKsfzDgpJ9XhTXKX4MD6DqJQg1_yd5 Z9i7hPI_VxUoAC6aFSa4iW2wFTxIhQQjBaZeVBGgWFH3bZivrzGLoSzdLJ.Hb.ZO5vlY1z0Yo5Bk 7AQvZh.Hwgc99JUejrfBfdR3j6PiBbzrKVVJnv92ejtW5BoDr3DS.NbttuJzYj7nBIWPXzzAYybG vJAFU5dh4Z3ylLAG1WDJ.ZoixcehkAKUKD6Uev73Ysak2ds4oCEyHLuyLFi6BrUqIDAmk10I6b0D fQoei8trCni_z2NsFZQ5oBtKcmvZpycBrZ_JtwgaEP4_OGkYeX.nF5KVJbBTPGhss_Rro5VOgvAR 39NnSUs8CIw3nELD0wbITZIPzz93kDKpjL8tbvGcB4_mc0qUi7hK8EPnUqMsmyjhAb6nO37w8lLP cntaeECGjauaIrVcGRkGWZwcHwfw9CqP7FPEUBnCtpk9WVGiWJSkLhCAk3IiTFZglq6UHuCWOaJO DJvUDETMFEAI89.dZ81TOy6_MyN6n9myWz7VejOpvRAUgHSsXFjx1nWK7g5_PFffZNH87oML2um1 P62lSEtXGtos7XzS8bOIaZRegFGUekx2nyq2CmgfkFtGkUcM6VSjtQ84tNe55DKUlNpAY59eVpiE cjDMYmFeVWccKY60.uSHX7upL70EOMrq1jKdWiBuKySoYVhOHB.dWbYAjFaVnnrpX95Sw1GAoyBC gfWm.lkOh6gHsLxbUKnjTAPrYzQ2oyuSu1dXzXJ_hkWUzu5lc4f5wagKAWelCGC7zgF7bwHkdsrD XCgBseddGwPY0csXiJs9DFZotTYCYTxX5QtfDUEwtvKwLPkzEuwnTNzFnrLirgQxcwDl47D4CnHK JeLmoCAnUTfJIk8DWeFRI2x3AeH70n9BF3KQEzef2JDBIBh1SN_N7lbNOnL94KL7p1EgRKyjTyFX f0jCTb4J7m1cLMcPdFGO8HtEXo6a8HASxchFtaBNcThdJB3TGYw6r3K_xvV7FDBpy9QKBvW50rrs BeUWNlpAJPIIQy6LtqdMiZ3N0su.Wx.Y8kOUSGjIVUkqen08FfywWHrWkew8xWPZKSVzk2Jt_Osv XrZ6xl5xSJwfuC2uQlgYD79TccLHKDR_wd919SIJdxoHyj0hg5BCUDGGgG0AnStkmzGfW924g8PE RV_oOQLmZuXYo.LJOTR3Whg6f4PFbX7gaUDmY1t0wg_6kVYb2jVEHD7tfBhcUg59kvaXfYdwpW3P uXpFVIt1tWEh4NF_Eew1dceKM9ZlXQk6z6bPLmGnWKsa0F30PG8PbvQiN.iMdPsBiFzbH9de664Q gzfuvGAelNsRI.NF45ZiLy52gHsCuMK5jlWMeyTL_IcXcekP.qqyAb.aHOzmjlX.415bFU95AlWA ERDrbSutAT4cECVi8uXSzdBQ_ulZVvUqvF6e4NEPENRQEH42Jgg.nAdkNO_KV4BovEflwXcN4UIU yzGQ4BOGZeJa7LLvAA87FCeO4JbDPXkh.uX1ev4KiRgn2otFB0Zj34uGxXF.hXbAP8ogu.6lQCvL 11dNbvhsYQlNzXqZI2tJ88cRL5S86xT3UOq8Wphn5tuHh2bPhFjFJmx5mPuX6ufFcHAmQT1w_sv3 3u0WP_lP1kFnVl1l3BSybK_HnJ7Ta X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.ir2.yahoo.com with HTTP; Wed, 18 Jan 2023 17:27:37 +0000 Received: by hermes--production-ir2-69cbd7d4db-f42dt (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID d405026fac7eda13583cda9907141032; Wed, 18 Jan 2023 17:27:35 +0000 (UTC) From: Hannes Domani To: gdb-patches@sourceware.org Subject: [PATCH] Always create a new value object in valpy_do_cast Date: Wed, 18 Jan 2023 18:27:40 +0100 Message-Id: <20230118172740.2171-1-ssbssa@yahoo.de> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Antivirus: Avast (VPS 230118-6, 01/18/2023), Outbound message X-Antivirus-Status: Clean References: <20230118172740.2171-1-ssbssa.ref@yahoo.de> X-Spam-Status: No, score=-10.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: In case a pretty printer casts a value to the same type, so value_cast() returns the same object again, you get this simplified situation: { struct value *val = ((value_object *) self)->value; scoped_value_mark free_values; res_val = value_cast (type, val); // this returns val result = value_to_value_object (res_val); } So value_to_value_object() removes a value at or before the free_values marker. And if this happens inside a pretty printer, then the self value_object was created with value_to_value_object_no_release(), so the original value is still in all_values, at the last position. Putting this together means that the value_to_value_object() releases the exact value object that is referenced by the free_values marker, and at its destruction value_free_to_mark() clears all_values completely. If the variable that is pretty printed is part of a struct, and this struct is again referenced afterwards for other members, then it will try to access already freed objects: $ valgrind ./gdb pp-cast ==16306== Memcheck, a memory error detector ==16306== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==16306== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==16306== Command: ./gdb pp-cast ==16306== Reading symbols from pp-cast... (gdb) b break_function Breakpoint 1 at 0x4004a4: file pp-cast.cpp, line 6. (gdb) r Starting program: pp-cast Breakpoint 1, break_function () at pp-cast.cpp:6 6 return 0; (gdb) up 18 return break_function(); (gdb) info locals ==16306== Invalid read of size 1 ==16306== at 0xA47EA0: value_contents_for_printing(value*) (value.c:1267) ==16306== by 0x70E069: cp_print_value_fields(value*, ui_file*, int, value_print_options const*, type**, int) (cp-valprint.c:192) ==16306== by 0x6BDD01: c_value_print_inner(value*, ui_file*, int, value_print_options const*) (c-valprint.c:396) ==16306== by 0xA3EE4F: common_val_print(value*, ui_file*, int, value_print_options const*, language_defn const*) (valprint.c:1074) ==16306== by 0x8D9B31: print_variable_and_value(char const*, symbol*, frame_info_ptr, ui_file*, int) (printcmd.c:2416) ==16306== by 0x99DCD5: print_variable_and_value_data::operator()(char const*, symbol*) (stack.c:2353) ==16306== by 0x99470E: iterate_over_block_local_vars(block const*, gdb::function_view) (function-view.h:289) ==16306== by 0x99E071: print_frame_local_vars(frame_info_ptr, bool, char const*, char const*, int, ui_file*) (stack.c:2427) ==16306== by 0x99E2E0: info_locals_command(char const*, int) (stack.c:2508) ==16306== by 0x6CBDF5: cmd_func(cmd_list_element*, char const*, int) (cli-decode.c:2543) ==16306== by 0x9F5178: execute_command(char const*, int) (top.c:700) ==16306== by 0x7A3F23: command_handler(char const*) (event-top.c:616) ==16306== Address 0x12701ad4 is 4 bytes inside a block of size 176 free'd ==16306== at 0x4A09430: free (vg_replace_malloc.c:446) ==16306== by 0xA462EC: value_free_to_mark(value const*) (value.h:114) ==16306== by 0x92494D: valpy_do_cast(_object*, _object*, exp_opcode) (value.h:796) ==16306== by 0xDD32C5: method_vectorcall_VARARGS (descrobject.c:330) ==16306== by 0xBD98AE: PyObject_Vectorcall (pycore_call.h:92) ==16306== by 0x5E9887: _PyEval_EvalFrameDefault (ceval.c:4772) ==16306== by 0xCA9354: _PyEval_Vector (pycore_ceval.h:73) ==16306== by 0xBD8FFF: object_vacall (pycore_call.h:92) ==16306== by 0xBDC401: PyObject_CallMethodObjArgs (call.c:879) ==16306== by 0x9115D2: pretty_print_one_value(_object*, value**) (py-prettyprint.c:205) ==16306== by 0x91198B: gdbpy_apply_pretty_printer(_object*, ui_file*, int, value_print_options const*, language_defn const*, gdbarch*) (py-prettyprint.c:290) ==16306== by 0x912598: gdbpy_apply_val_pretty_printer(extension_language_defn const*, value*, ui_file*, int, value_print_options const*, language_defn const*) (py-prettyprint.c:627) Fixed by creating an explicit copy of the value if the cast function returned the original value again. --- gdb/python/py-value.c | 3 ++ gdb/testsuite/gdb.python/py-pp-cast.c | 35 +++++++++++++++++++++ gdb/testsuite/gdb.python/py-pp-cast.exp | 41 +++++++++++++++++++++++++ gdb/testsuite/gdb.python/py-pp-cast.py | 28 +++++++++++++++++ 4 files changed, 107 insertions(+) create mode 100644 gdb/testsuite/gdb.python/py-pp-cast.c create mode 100644 gdb/testsuite/gdb.python/py-pp-cast.exp create mode 100644 gdb/testsuite/gdb.python/py-pp-cast.py diff --git a/gdb/python/py-value.c b/gdb/python/py-value.c index dcc92e51b60..51e00a99481 100644 --- a/gdb/python/py-value.c +++ b/gdb/python/py-value.c @@ -815,6 +815,9 @@ valpy_do_cast (PyObject *self, PyObject *args, enum exp_opcode op) res_val = value_cast (type, val); } + if (res_val == val) + res_val = value_copy (val); + result = value_to_value_object (res_val); } catch (const gdb_exception &except) diff --git a/gdb/testsuite/gdb.python/py-pp-cast.c b/gdb/testsuite/gdb.python/py-pp-cast.c new file mode 100644 index 00000000000..72716a79dd4 --- /dev/null +++ b/gdb/testsuite/gdb.python/py-pp-cast.c @@ -0,0 +1,35 @@ +/* This testcase is part of GDB, the GNU debugger. + + Copyright 2023 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . */ + +typedef int pp_int; + +int break_function() +{ + return 0; +} + +struct container +{ + pp_int p_i; + int i; +}; + +int main() +{ + struct container c = { 10, 5 }; + return break_function(); +} diff --git a/gdb/testsuite/gdb.python/py-pp-cast.exp b/gdb/testsuite/gdb.python/py-pp-cast.exp new file mode 100644 index 00000000000..0842babaacc --- /dev/null +++ b/gdb/testsuite/gdb.python/py-pp-cast.exp @@ -0,0 +1,41 @@ +# Copyright (C) 2023 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Test casting of a gdb.Value inside a pretty printer. + +load_lib gdb-python.exp + +standard_testfile + +if { [prepare_for_testing "failed to prepare" ${testfile} ${srcfile}] } { + return -1 +} + +# Skip all tests if Python scripting is not enabled. +if { [skip_python_tests] } { continue } + +if ![runto break_function] { + return -1 +} + +set remote_python_file [gdb_remote_download host \ + ${srcdir}/${subdir}/${testfile}.py] + +gdb_test_no_output "source ${remote_python_file}" \ + "source ${testfile}.py" + +gdb_test "up" "#1.*main.*" + +gdb_test "info locals" "c = {p_i = 10p, i = 5}" diff --git a/gdb/testsuite/gdb.python/py-pp-cast.py b/gdb/testsuite/gdb.python/py-pp-cast.py new file mode 100644 index 00000000000..b171a919c70 --- /dev/null +++ b/gdb/testsuite/gdb.python/py-pp-cast.py @@ -0,0 +1,28 @@ +# Copyright (C) 2023 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +class PpIntPrinter(object): + def __init__(self, val): + self.val = val + + def to_string(self): + val = self.val.cast(self.val.type) + return "%dp" % int(val) + + +pp = gdb.printing.RegexpCollectionPrettyPrinter("pp-cast") +pp.add_printer("pp_int", "^pp_int$", PpIntPrinter) +gdb.printing.register_pretty_printer(gdb.current_objfile(), pp) -- 2.35.1