From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gproxy1-pub.mail.unifiedlayer.com (gproxy1-pub.mail.unifiedlayer.com [69.89.25.95]) by sourceware.org (Postfix) with ESMTPS id 564213858C2B for ; Tue, 8 Nov 2022 19:39:36 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 564213858C2B Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=tromey.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tromey.com Received: from cmgw13.mail.unifiedlayer.com (unknown [10.0.90.128]) by progateway3.mail.pro1.eigbox.com (Postfix) with ESMTP id 858EE10045DD1 for ; Tue, 8 Nov 2022 19:39:24 +0000 (UTC) Received: from box5379.bluehost.com ([162.241.216.53]) by cmsmtp with ESMTP id sURPo814fovtqsURPorGMp; Tue, 08 Nov 2022 19:39:23 +0000 X-Authority-Reason: nr=8 X-Authority-Analysis: v=2.4 cv=PshW0yA3 c=1 sm=1 tr=0 ts=636ab06b a=ApxJNpeYhEAb1aAlGBBbmA==:117 a=ApxJNpeYhEAb1aAlGBBbmA==:17 a=dLZJa+xiwSxG16/P+YVxDGlgEgI=:19 a=9xFQ1JgjjksA:10:nop_rcvd_month_year a=Qbun_eYptAEA:10:endurance_base64_authed_username_1 a=CCpqsmhAAAAA:8 a=fWjdTgIDgagnJj33b6sA:9 a=ul9cdbp4aOFLsgKbc677:22 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com; s=default; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:References :Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=nPRRPmPuyxLB7nPCPlYUn1g3kdxcL7x6uYwLMVYdfs0=; b=FlXkh6pJvMVKTT66I8Dyc9zv7w MN6OnkibGrfOjJiVJvDGfsUjbte/XjI8037RpEdVKRfnGQe0sRQUWvr/nASikhaUUSVGjvvWY5C8B pQVMHh9OmHPAs1wWx6wmOajVR; Received: from 97-122-76-186.hlrn.qwest.net ([97.122.76.186]:56790 helo=murgatroyd) by box5379.bluehost.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1osURP-002sgh-Hs; Tue, 08 Nov 2022 12:39:23 -0700 From: Tom Tromey To: Simon Marchi via Gdb-patches Cc: Bruno Larsen , Simon Marchi Subject: Re: [PATCH 2/7] gdb: add prepare_reinflate/reinflate around print_frame_args in info_frame_command_core References: <20221107155310.2590069-1-simon.marchi@polymtl.ca> <20221107155310.2590069-2-simon.marchi@polymtl.ca> <522f68d7-1452-e275-93c7-b6989b40e5f6@redhat.com> <85e999de-64c7-37f9-2fcf-d6ce01d1baf5@polymtl.ca> X-Attribution: Tom Date: Tue, 08 Nov 2022 12:39:20 -0700 In-Reply-To: <85e999de-64c7-37f9-2fcf-d6ce01d1baf5@polymtl.ca> (Simon Marchi via Gdb-patches's message of "Tue, 8 Nov 2022 10:55:21 -0500") Message-ID: <875yfp44nr.fsf@tromey.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - box5379.bluehost.com X-AntiAbuse: Original Domain - sourceware.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tromey.com X-BWhitelist: no X-Source-IP: 97.122.76.186 X-Source-L: No X-Exim-ID: 1osURP-002sgh-Hs X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: 97-122-76-186.hlrn.qwest.net (murgatroyd) [97.122.76.186]:56790 X-Source-Auth: tom+tromey.com X-Email-Count: 1 X-Source-Cap: ZWx5bnJvYmk7ZWx5bnJvYmk7Ym94NTM3OS5ibHVlaG9zdC5jb20= X-Local-Domain: yes X-Spam-Status: No, score=-3022.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,JMQ_SPF_NEUTRAL,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: >>>>> "Simon" == Simon Marchi via Gdb-patches writes: Simon> But this shows how the current frame_info_ptr is error-prone: you have Simon> two know which functions can, deep down their call tree, reinit the Simon> frame cache. And all their callers that have a frame_info_ptr object, Simon> recursively, must explicitly do prepare_reinflate / reinflate to protect Simon> themselves against their frame_info object being invalidated. It's very Simon> easy to forget some spots. Yeah. This problem already existed, and the rationale behind frame_info_ptr wasn't to fix it, but rather to expose it when it happens -- by crashing rather than allowing a UAF. Simon> I'm currently working on making frame_info_ptr work automatically, Simon> meaning it would grab the wrapped frame id automatically on Simon> construction, and reinflate the frame automatically if needed We tried this a bit, but the problem we hit was that computing the frame id require unwinding a bit, and since the code generally uses frame_info_ptr everywhere, gdb would end up unwinding everything. If this can be overcome then that would be great. Tom