From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2044.outbound.protection.outlook.com [40.107.8.44]) by sourceware.org (Postfix) with ESMTPS id 0C9C6385B190 for ; Mon, 12 Dec 2022 15:09:27 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0C9C6385B190 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MMU6RF7icU76F5rEw5DFVhxLQ8Ts2oNVARGmwc99obs=; b=LfCNtz8mpTBTwRSvgBHQSPHOHsx7pflsalPFCiSqECMsItyVSC8YpX8HU+UvMYVIgYPk7NEHgvYPg/sX+JUT2qv6DCqLMAdd4A8tDpe5A6jKnS468zBTM+xpLBZ85ljc0wJB+HO3OP42aRDs/RGqyW3ODOOtAhQKjZy1hN9lV54= Received: from AS9PR06CA0375.eurprd06.prod.outlook.com (2603:10a6:20b:460::19) by PAVPR08MB9433.eurprd08.prod.outlook.com (2603:10a6:102:319::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.9; Mon, 12 Dec 2022 15:09:20 +0000 Received: from AM7EUR03FT045.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:460:cafe::80) by AS9PR06CA0375.outlook.office365.com (2603:10a6:20b:460::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.19 via Frontend Transport; Mon, 12 Dec 2022 15:09:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT045.mail.protection.outlook.com (100.127.140.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5901.21 via Frontend Transport; Mon, 12 Dec 2022 15:09:20 +0000 Received: ("Tessian outbound f394866f3f2b:v130"); Mon, 12 Dec 2022 15:09:20 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 870ba210d63ee62a X-CR-MTA-TID: 64aa7808 Received: from ed578bc1b080.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 21B4F29C-1A17-4074-B73F-9341F047D595.1; Mon, 12 Dec 2022 15:09:12 +0000 Received: from EUR03-DBA-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id ed578bc1b080.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 12 Dec 2022 15:09:12 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WaG2jo7xjz+h3ogOViSEROshsDx0110H3C6EJqhKDk8wlCNdoZmWvxaMmEStyGiCTBXbkSuBQ4SuymrNayqctd94CfLvVmq7KA23wHcQzy7zCctl8b2TJSOOhrYU2UAIItxE/pALOLaHQNWM2jlmZ2XNdxtYcHqkTIQ7mmsUIzoZohLREKcFM81kT6iUYgiktfpgSFEW82s6BmhJQ4xpk4a7p+/Dbxx/ziPpp4I00y8yozpfgrlqpO1g28uAmlBOHHYcKhx1LxZXTKj0XO5qACR2NOJWJzWcGwz1V+BZ/ByZLKVH+NaR0VhDCi5FlY5myD2FdBYbWwUBU5PezhPvXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=MMU6RF7icU76F5rEw5DFVhxLQ8Ts2oNVARGmwc99obs=; b=KtCstkWvfY58F2JJnKg5l/Bs1opxWYxSCsVeWkQAiTujQOikBVFgEh7AgjMamni2BmxFFMHELj1egRCAhUCP8ZbIMAlTx4RCHpz+p7fe4ZoAIi0BYdQN2B69jcFwJwtwvziI5kxsw3atzx3M41unEGtpSQvwa6bZh3jpkJH6KJ866s3YegFAP92KpKNBFpyKuybE++FX2M1BrNsEOMMbOI9mmN/8Ptteg+nqUo4RXwYdL/ClNWMz5YPUldtlKK0zlGwe38ZGHFTstU4S7MyLv3DzA9FgJaIVoOqeooRQl/5yZ4WGIHG1o+mLY5xT1xrDsVaZWit+jLUBq+Tu88/t+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MMU6RF7icU76F5rEw5DFVhxLQ8Ts2oNVARGmwc99obs=; b=LfCNtz8mpTBTwRSvgBHQSPHOHsx7pflsalPFCiSqECMsItyVSC8YpX8HU+UvMYVIgYPk7NEHgvYPg/sX+JUT2qv6DCqLMAdd4A8tDpe5A6jKnS468zBTM+xpLBZ85ljc0wJB+HO3OP42aRDs/RGqyW3ODOOtAhQKjZy1hN9lV54= Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; Received: from VI1PR08MB3919.eurprd08.prod.outlook.com (2603:10a6:803:c4::31) by AS8PR08MB6710.eurprd08.prod.outlook.com (2603:10a6:20b:397::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.9; Mon, 12 Dec 2022 15:09:11 +0000 Received: from VI1PR08MB3919.eurprd08.prod.outlook.com ([fe80::eed7:25a3:e4ea:187a]) by VI1PR08MB3919.eurprd08.prod.outlook.com ([fe80::eed7:25a3:e4ea:187a%7]) with mapi id 15.20.5924.009; Mon, 12 Dec 2022 15:09:11 +0000 Message-ID: <4f20c3d2-36b6-57be-f63d-66b3f4596786@arm.com> Date: Mon, 12 Dec 2022 15:09:06 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Subject: Re: [PATCH] gdb: fix possible use-after-free when executing commands Content-Language: en-US From: Luis Machado To: Tom Tromey , Jan Vrany via Gdb-patches Cc: Jan Vrany References: <20221208142014.84759-1-jan.vrany@labware.com> <87pmcsh37h.fsf@tromey.com> <1a96057b-afd6-1e90-15c9-ee106a2998c7@arm.com> In-Reply-To: <1a96057b-afd6-1e90-15c9-ee106a2998c7@arm.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-ClientProxiedBy: LO2P265CA0125.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:9f::17) To VI1PR08MB3919.eurprd08.prod.outlook.com (2603:10a6:803:c4::31) MIME-Version: 1.0 X-MS-TrafficTypeDiagnostic: VI1PR08MB3919:EE_|AS8PR08MB6710:EE_|AM7EUR03FT045:EE_|PAVPR08MB9433:EE_ X-MS-Office365-Filtering-Correlation-Id: 3877cc10-6571-415b-8183-08dadc52d88f x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: ZOzWF97yNfsK3UhT8UFX3OuLYr2paYDk/D/EAu/69oNTvVfSBqbKVXzdJoRzFHjyLpd9zFJNjsEWOhr6UVzm+t7gHciB7pqfqxMBu/RMUpplc0e04B2nS4nl35cocMEsnZSoajYijgTq4jWuIWf6iRfl0vZvTPRRkmnYFTNOKbg285+UXUC1xPiVWcma4EhBecb2pXKaK7pPFjvFZkXA2gpcDhpyGI7JcOdEa5O9L7gcB166T7wI7SpkVNdpvBJfHmz5ASKKjRfSPuqNxSQcYmg9jWPFiJeF0pI0YV/AhE/299uIMRlvMEsYr5HE5jvIdZZuhyU/4AikkdETvDkoQDFkmSFZl/uquAGYwqkn5qOrcCWpnQk+JwN7/01jzPOB08KXE7O+h9Jr9kKsjKdct/cVnxJ70eT0Kb56qk93CZhF/M3FQlFztFsANnmW0HLbMTiMMuBJfy+kLXYj3kZ+0FQ4v08nKYb+FVwZPKJw/lrHjYhkhf49bLRYJj6HO1mVbn98mTHYTtm5khEAvFZp4BPJM4XFD5O7RClNs6wQPOIjLYidtISKGnWWYt0L3lucqUfks1atqOUYCi9xKwFn3Tc18sSBJaZblCBo6iVcHOKnuM6DavbPj2oPmSYem1MeRqteIupm8GHt1slxqkqyOnxRM3YlS6pPHvx77DCvnvt1u/CBdvDIMzCx4nU1jNHT7sSFeQgK0sjLc6YAyc9Cht5Hjv9yqgr7I9jWbbwDCPAM5qZziIwSvajPHlsJOy2n X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR08MB3919.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(366004)(39860400002)(346002)(136003)(376002)(396003)(451199015)(31686004)(2906002)(66899015)(5660300002)(8936002)(44832011)(84970400001)(41300700001)(4326008)(8676002)(66556008)(66476007)(66946007)(36756003)(6666004)(2616005)(31696002)(110136005)(6486002)(86362001)(186003)(316002)(6506007)(38100700002)(6512007)(53546011)(26005)(478600001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR08MB6710 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT045.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: faecdcb4-af06-4ba7-7c32-08dadc52d300 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: axmjKRJgFEbn1VtOsdaEjKmd7ybznWGzOHqVl8NmByOwYGvImodU0KOwXyEVhMkg03IdZgCW3vt4QmAykW5FabMsREmYTysf+DTTdLPB+RE82V5ZjkLoZOcOxdEAUMaZZ/b/VTVHn6ty+TOZb7ObpIZFMkISrik5OQ5aTpf5OvVSYHPoI7SlA9LKitGWXvhmDmlw3kPVfwvcPIYIE4zYl2sHV/UvhqhsQu1Vk/QVOHes4ZVWuPudeq1VXalZ0lHE1Q9cEqQdIkjcjS30rE7JjM0i8XMunLxQdKKk55WvqyRDdBKstNeHDvGP4XQFBX8vi6NpxCkMHPJH5Leuok1Zvy6cntX+ck8SxlvN/InrPDmy1DtoDWYPKS6YjD/kCc1mdftKv+B9FBQTvjsUrT/yafR5s0HHz8dBh92OvK4twPjjeqLXmNfbZXiLB2ZE5h9/GEgu9qSWtCmcuijpY7WDVphF6LfN7VsuCAnVm2WIvVKY78VT1NAjCbgFS1S1iOUzA1SeVUUCAWybZVoHpEL3cyPgycmWDqIq1c1NPSztkyUvr8eOrKc/1ZoeufaLEX2sSzrLxbEyM/ZmODPuO04hcw0+4FoeIgQldWRE5sazdFuajh6I7hBCfhV1vPVUcUu6neRa/Si2+k42i/TVCOd1AXLJ64caci+wcB4snmQ6ARyDlgkKOfTx69Fs3b2GuRRSBfqMvPOd6fa36GISo1xUZ4AUNBwOcsNH1vm1akz4DE/yUzAu1+Fwi3XyyGqBp+tR0ExyYUi5SG7Me1jGRJA7bA== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(39860400002)(136003)(346002)(376002)(451199015)(40470700004)(46966006)(36840700001)(84970400001)(66899015)(36756003)(82310400005)(110136005)(81166007)(31696002)(356005)(86362001)(36860700001)(82740400003)(5660300002)(40460700003)(8936002)(2906002)(31686004)(44832011)(47076005)(41300700001)(336012)(316002)(2616005)(70206006)(4326008)(70586007)(6506007)(8676002)(186003)(6666004)(107886003)(26005)(478600001)(40480700001)(53546011)(6486002)(6512007)(43740500002);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Dec 2022 15:09:20.4433 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3877cc10-6571-415b-8183-08dadc52d88f X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT045.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR08MB9433 X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,BODY_8BITS,DKIM_SIGNED,DKIM_VALID,FORGED_SPF_HELO,KAM_DMARC_NONE,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE,TXREP,UNPARSEABLE_RELAY autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 12/12/22 15:05, Luis Machado wrote: > Hi, > > On 12/9/22 17:55, Tom Tromey wrote: >>>>>>> "Jan" == Jan Vrany via Gdb-patches writes: >> >> Jan> This may lead into use-after-free error.  Imagine the command >> Jan> being executed is a user-defined Python command that redefines >> Jan> itself.  In that case, struct `cmd_list_element` pointed to by >> Jan> `c` is deallocated during its execution so it is no longer valid >> Jan> when post hook is executed. >> >> Thanks for the patch. >> >> Your analysis makes sense to me.  I wouldn't be surprised if there were >> other issues along these lines.  Or if this were in bugzilla somewhere. >> >> Jan> +      std::string c_name(c->name); >> >> Space before the paren.  Also I think a comment here explaining why it's >> needed would be good. >> >> Jan>        /* If this command has been post-hooked, run the hook last.  */ >> Jan> -      execute_cmd_post_hook (c); >> Jan> +      c = lookup_cmd_exact (c_name.c_str (), cmdlist); >> Jan> +      if (c != nullptr) >> Jan> +    execute_cmd_post_hook (c); >> Perhaps a comment here as well explaining the need to redo the lookup. >> >> This is ok with these minor changes. >> >> thanks, >> Tom > > I've spotted gdb.base/define.exp failing today, and bisection stopped in this particular > patch. > > target testsuite > one > hello > (gdb) FAIL: gdb.base/define.exp: target testsuite with hooks A correction execution shows the following: target testsuite one hello two This is on aarch64-linux Ubuntu 22.04/20.04.