From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on2087.outbound.protection.outlook.com [40.107.13.87]) by sourceware.org (Postfix) with ESMTPS id A0928386186D for ; Fri, 1 Dec 2023 09:13:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org A0928386186D Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org A0928386186D Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=40.107.13.87 ARC-Seal: i=3; a=rsa-sha256; d=sourceware.org; s=key; t=1701422036; cv=pass; b=fzhou8ikwiLdViKWMdARTHuZHwacBi4UMOQFpfG5OrJksrFK1uTgIpxM+vx6cWPY4owui27DvawTMuEej8JgkwZ0Qkqa00XLKtoduXvP/TUkfToq5+6wBfXZcZvZiQX4ZdK5EF/GAC97xOMGD5CO7BP1+Na+IquRY71RwPHQHmo= ARC-Message-Signature: i=3; a=rsa-sha256; d=sourceware.org; s=key; t=1701422036; c=relaxed/simple; bh=eATF5jLP6pxTEsaH2Oc8kWGXj7JF63CKgrbrIGxMUW8=; h=DKIM-Signature:DKIM-Signature:Message-ID:Date:Subject:To:From: MIME-Version; b=al+/a/tKnmfTmK0I8Y8gtkDnj2QIPWp7PbicnGBqYZjc8x4PT9UDJiWRxE1y69i8j6phWU3cs/nwy0+Zqsr9NEo3QlUX5iAuKbmsziTQ3WILsa6KBd+eYZpRz7Q0RZeKx3ynLypDRTuwC/7yPrOBr5YPg9xwFlAH17abc+onsDI= ARC-Authentication-Results: i=3; server2.sourceware.org ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=G/4zPMDGKqeQ9p56jQ9WZz5eL/Cylxw7zFjHQYBrhyWf5j9fwRyqw6bLhURJS8MmhGkEHM26rbY2TKKiVfy2hUm2vvWuFXStG6PkyeDrkieVgyTt32Sfdj8EHZXA5EQ0GyK7tAg4f+70GEQQstPItFXwCu+p6zI10IboGTJ1RSSZzc7dtaviMHF3pZlcXtHiBR/yykQqlVyx4aEJhlUldFuzgJG9vQrgdkZ4R6xShrfkFKWBB2ucEmyAHjuzQ9lr6dDwzeYvAjULQ5x5qPER5o39dJAtw850bJYMgTyNAGbd5ailY8ujFZ3uoBBDmnoEHwuoJNJB4AO/LFhG5uqW3g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=h+6IVJAwa9NDqcMBNtKrgtasVtB3ebBdWKym29LGw4c=; b=dJqZPMPU/po2XQpWqGlvI8pJAA4nNTqYYFHxUGop1XWbqDj7n+JNnEwZ7n+lUXN5A8RazwMcuDudr0H2yHznkjsumBiixnfPiDAxIObR+eiJx3Un6LtUXfa/26Ei7wTjwNtDPqAFqlztgabseOl89JJbApIbjZRgAGvE/80Vo3j/nQ/ZRNUhhPvmaswfntAz+wa+bJB9XUwzmKZfr203CFuIB6eX3UUnUgj1VjI9LR61YSDdDKiAagv3WFGCOvfclrNxPfskOJ/fz/YPP/TD4lh4kA3e0UcRzckZJv1DXASNfhTUJfmRu6XP4iy/eeGrS1k83CaoAahLsjigjWJyNQ== ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com]) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h+6IVJAwa9NDqcMBNtKrgtasVtB3ebBdWKym29LGw4c=; b=Q23E5cnZvbWOQp/aQC6z1BKhgvUYYaCFoH6OUINwgAfBhNTLmV0GGxoTzq5r9OxRKZP99e+vDG0vGtzMQ+LixV3MBQe3nX+1g4Aa/Dk84EsZiLrPWLnISPyy87jASVfHyl98mLY9jDq5KN1VPJGfJkqv1DpoKw6z4utmZEtSwJ4= Received: from DU2PR04CA0022.eurprd04.prod.outlook.com (2603:10a6:10:3b::27) by PAVPR08MB8920.eurprd08.prod.outlook.com (2603:10a6:102:328::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.24; Fri, 1 Dec 2023 09:13:49 +0000 Received: from DU6PEPF00009527.eurprd02.prod.outlook.com (2603:10a6:10:3b:cafe::fe) by DU2PR04CA0022.outlook.office365.com (2603:10a6:10:3b::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.26 via Frontend Transport; Fri, 1 Dec 2023 09:13:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DU6PEPF00009527.mail.protection.outlook.com (10.167.8.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.17 via Frontend Transport; Fri, 1 Dec 2023 09:13:49 +0000 Received: ("Tessian outbound 7c4ecdadb9e7:v228"); Fri, 01 Dec 2023 09:13:49 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: f7c31f42fbe7c6b5 X-CR-MTA-TID: 64aa7808 Received: from 2f83221eb59e.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 7C6EF3D2-A44E-4FAF-8A57-E32176B8A07A.1; Fri, 01 Dec 2023 09:13:42 +0000 Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 2f83221eb59e.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 01 Dec 2023 09:13:42 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q6N97AcVmkbXsgrY6pCarsG9r5voA2cHqJhMiKZ6oYkIlaCoZrwVmtvuWITJnl/XJ/lvxpjTDtK2WEasjsa0z9d9p8NiIZVcD0aLn5M7Wv2hsEU7lGJ9mad0s8c4brek/grYAZEFX9D/USF/t0Jvv6iQCfOqI/0egPJT6B1/JbD5WDIQAlE7b2HKYZ16AmouUKnR8BJ+Pr91KPzuaeCMbSbG2Ei/Q3k63NIKPFG2ln+8A0Ev9SzSGA8p40OjpbIT+VqZU84936p1qclDEM6+vLL43OYjnyZClLecYN5XAnh8IjYfz71aa3ZGv+lSuqHyMpy9Gn0jQYjNxkR97JHzlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=h+6IVJAwa9NDqcMBNtKrgtasVtB3ebBdWKym29LGw4c=; b=BPMenwpkj6oleWgDCwGKOkP5JqroSyaz71ETuwIBPkViIs4Nk4LJty9er+SVC6LyxgXBtmiWXWwDsVYbKW7Q/sp5aydaQ/JnUkJaZSbkMWB19gMbuLVLqu5SBiqlwyyo/UcjE/aC9E+L5FLHeqEcNPNMw8irIoqjhXmtwIn5hrKxRZS1lZJyFLbqDEhNlYRcL5pqbob1U6WrGR3JTcCXXiqA0orIwy/ZSE8MoOy9meMhuVMFGpq8JdYRxj+gH/yd2MXATaFVWspWTCP10m4ZxzdL8GFuZIMPpwjEtIcZga9IR3a0nmzaD3ER7fEK93wcClOjN8gJbPG1w1Svpff2Xw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h+6IVJAwa9NDqcMBNtKrgtasVtB3ebBdWKym29LGw4c=; b=Q23E5cnZvbWOQp/aQC6z1BKhgvUYYaCFoH6OUINwgAfBhNTLmV0GGxoTzq5r9OxRKZP99e+vDG0vGtzMQ+LixV3MBQe3nX+1g4Aa/Dk84EsZiLrPWLnISPyy87jASVfHyl98mLY9jDq5KN1VPJGfJkqv1DpoKw6z4utmZEtSwJ4= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from VI1PR08MB3919.eurprd08.prod.outlook.com (2603:10a6:803:c4::31) by AS8PR08MB8612.eurprd08.prod.outlook.com (2603:10a6:20b:562::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.27; Fri, 1 Dec 2023 09:13:39 +0000 Received: from VI1PR08MB3919.eurprd08.prod.outlook.com ([fe80::e05e:c012:f1f9:eb51]) by VI1PR08MB3919.eurprd08.prod.outlook.com ([fe80::e05e:c012:f1f9:eb51%4]) with mapi id 15.20.7046.025; Fri, 1 Dec 2023 09:13:39 +0000 Message-ID: <359a8beb-18d2-42c5-885a-b2be0721367d@arm.com> Date: Fri, 1 Dec 2023 09:13:38 +0000 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 1/2] gdb: return when exceeding buffer size in regcache::transfer_regset Content-Language: en-US To: Simon Marchi , gdb-patches@sourceware.org Cc: John Baldwin References: <20231130212057.722990-1-simon.marchi@efficios.com> <20231130212057.722990-2-simon.marchi@efficios.com> From: Luis Machado In-Reply-To: <20231130212057.722990-2-simon.marchi@efficios.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: LO4P123CA0163.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:18a::6) To VI1PR08MB3919.eurprd08.prod.outlook.com (2603:10a6:803:c4::31) MIME-Version: 1.0 X-MS-TrafficTypeDiagnostic: VI1PR08MB3919:EE_|AS8PR08MB8612:EE_|DU6PEPF00009527:EE_|PAVPR08MB8920:EE_ X-MS-Office365-Filtering-Correlation-Id: 4ec0302a-c130-4fdd-15fa-08dbf24dd472 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: SMAvoXPPcF5UmdFJ7kq6kT0nrKMhOAxQY+RlxwTvNZJNaU31w8UT2+PIggmfTO9jchHJScAsFSSevhegdJgYbsh0R8OC4nSGzPgH4+nSKmqJ2kssZoUUX7odOQZr1+sbme9+jqzXCnW5xdoy33QQ/W5A3VX+hM0KsUTDQUaydQ1GN2OwBHXFJkNk+ajzecthAOl6vURm8SDTH+RQAlpAXSGkodvq27dN4rHA1/lNUJX7/Nb72igvxtfvhNizDim7Dx13CSG5kdPvQW//HtzvVjO5GJds8pedgVVK7N9nxboOe/JrBvW7xohkZZ3gNeGGQcJPgUCzCT6yQYxAsC4WJq86GEsmeSgnpmP4ujDwP5MGSt843Y0P0jNzdjAP++pRCZuMj6Km1luO43NP17K9fxiokNskKtRlVB2Jz6skVmTSL/qkAz4kNNg/WsRNi0Bk9wpTLmGg6Y3lybrTNzP9+8LRmSYnZHghwi7FyRl9ck7DlcTyu2931ISk+z7se8wrNw1vyxc4WkObCXN+GXwnhVzX8OvYRIXv2aopBkRPGJeqcA2eXKf5HfcnPN9PiR5RzbtrgHUWK+nvsB1CbrhSbG9MHeTOQzYU8snhbayAOGl6EyvqAstHSKCcouUcFLs4kIJmHdYtyS5bocC4kowVfA== X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR08MB3919.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(396003)(346002)(136003)(39860400002)(366004)(230922051799003)(1800799012)(451199024)(186009)(64100799003)(2906002)(44832011)(4326008)(31686004)(8676002)(8936002)(26005)(316002)(41300700001)(66556008)(66946007)(66476007)(5660300002)(6512007)(53546011)(2616005)(6506007)(83380400001)(84970400001)(38100700002)(31696002)(86362001)(6486002)(478600001)(36756003)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR08MB8612 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: DU6PEPF00009527.eurprd02.prod.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: ca5a5e67-8797-4c63-9703-08dbf24dceae X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8SMg+1zt6zDR4KAL25LS1u/HbzZrv1ci2cxMgp6smQ/RRmdZ6VyRXyYOZLXgNjAq3ctDeAohB9hx9h9sYIP0v1LSI6QEh7TSIE8hPm5Kr8ZUE3/ePlY58GSsH+Ys7+ewaNGPTvjERS9rvfg4CV8lIsB8jJi2Na+4r4KKmNTt3zRkr7ixe6Xh4Yd8EdHjJB8mdoKBvq4+n9u8MyvCiA380CQFqU6tDjPhLzeRxzKRFuJ9BHZr19TjIrn7w3U1wDouWZofRGLRRxEqmet8ZYE2Yrl+Je8eb9NUaraENg0NlwLBjbPZ2LQrbT9S8x0dD7LwzI6+91DpuNUZno4LjUuMWF2XmRvZcZGOXAzoxvsU67vDkj5aqEa/IzDESUIlf7UWAH10k4ymJlFpYIwP0QN2y8n4Ov+1uayYxp8EDEsz+ZPthclwZPriGw3XF9EbsBHjVKJLidcObFzSs/kcEQnLCBuUdyS1y5FyktD2KQUrYpTcho13z+8QqPm+Z/tFHui/ajKlS/kjgaHbUv9F/Kike9GErdAQzO+Otajimto7VVYiSQT7OvUs6URgNA5lVwgnGAusl74IrX2sDybjPIpyd09nGP5sz7ZEpW31Cr6TJHiPlmMZxKUbzBHJ4qJLnULJ6zURSctkEtsOx4uA/g6JL6PbWuMcDpDxv8prBZ9kDmR9RAAYaSaR3O0u9UzX861FkgWPbedqNsqJZBQF2O+cU9f5bUiaQPiHA2RgGa0eV8mddJeBA3AJd8GUvjSFf+SsNn3lmIXwv0hVbgLEjWI5qg== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230031)(4636009)(396003)(376002)(346002)(39860400002)(136003)(230922051799003)(186009)(64100799003)(82310400011)(451199024)(1800799012)(40470700004)(46966006)(36840700001)(40480700001)(84970400001)(31686004)(86362001)(40460700003)(70586007)(81166007)(70206006)(356005)(82740400003)(36756003)(31696002)(83380400001)(47076005)(36860700001)(26005)(6506007)(6512007)(2616005)(107886003)(53546011)(2906002)(316002)(4326008)(5660300002)(8936002)(8676002)(336012)(478600001)(6486002)(44832011)(41300700001)(43740500002);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Dec 2023 09:13:49.3707 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4ec0302a-c130-4fdd-15fa-08dbf24dd472 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: DU6PEPF00009527.eurprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR08MB8920 X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,FORGED_SPF_HELO,GIT_PATCH_0,KAM_DMARC_NONE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 11/30/23 21:20, Simon Marchi wrote: > regcache::transfer_regset iterates over an array of regcache_map_entry, > transferring the registers (between regcache and buffer) described by > those entries. It stops either when it reaches the end of the > regcache_map_entry array (marked by a null entry) or (it seems like the > intent is) when it reaches the end of the buffer (in which case not all > described registers are transferred). > > I said "seems like the intent is", because there appears to be a small > bug. transfer_regset is made of two loops: > > foreach regcache_map_entry: > foreach register described by the regcache_map_entry: > if the register doesn't fit in the remainder of the buffer: > break > > transfer register > > When stopping because we have reached the end of the buffer, the break > only breaks out of the inner loop. > > This problem causes some failures when I run tests such as > gdb.arch/aarch64-sme-core-3.exp (on AArch64 Linux, in qemu). This is > partly due to aarch64_linux_iterate_over_regset_sections failing to add > a null terminator in its regcache_map_entry array, but I think there is > still a problem in transfer_regset. > > The sequence to the crash is: > > - The `regcache_map_entry za_regmap` object built in > aarch64_linux_iterate_over_regset_sections does not have a null > terminator. > - When the target does not have a ZA register, > aarch64_linux_collect_za_regset calls `regcache->collect_regset` with > a size of 0 (it's actually pointless, but still it should work). > - transfer_regset gets called with a buffer size of 0. > - transfer_regset detects that the register to transfer wouldn't fit in > 0 bytes, so it breaks out of the inner loop. > - The outer loop tries to go read the next regcache_map_entry, but > there isn't one, and we start reading garbage. > > Obviously, this would get fixed by making > aarch64_linux_iterate_over_regset_sections use a null terminator (which > is what the following patch does). But I think that when detecting that > there is not enough buffer left for the current register, > transfer_regset should return, not only break out of the inner loop. > > This is a kind of contrived scenario, but imagine we have these two > regcache_map_entry objects: > > - 2 registers of 8 bytes > - 2 registers of 4 bytes > > For some reason, the caller passes a buffer of 12 bytes. > transfer_regset will detect that the second 8 byte register does not > fit, and break out of the inner loop. However, it will then go try the > next regcache_map_entry. It will see that it can fit one 4 byte > register in the remaining buffer space, and transfer it from/to there. > This is very likely not an expected behavior, we wouldn't expect to > read/write this sequence of registers from/to the buffer. > > In this example, whether passing a 12 bytes buffer makes sense or > whether it is a size computation bug in the caller, we don't know, but I > think that exiting as soon as a register doesn't fit is the sane thing > to do. > > Change-Id: Ia349627d2e5d281822ade92a8e7a4dea4f839e07 > --- > gdb/regcache.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/gdb/regcache.c b/gdb/regcache.c > index 9dc354ec2b3a..e46a0b58f505 100644 > --- a/gdb/regcache.c > +++ b/gdb/regcache.c > @@ -1208,7 +1208,7 @@ regcache::transfer_regset (const struct regset *regset, int regbase, > for (; count--; regno++, offs += slot_size) > { > if (offs + slot_size > size) > - break; > + return; > > transfer_regset_register (out_regcache, regno, in_buf, out_buf, > slot_size, offs); LGTM. Reviewed-By: Luis Machado