* [Bug default/30959] New: abidiff segfault with certain regex patterns
@ 2023-10-10 16:43 quic_johmoo at quicinc dot com
2023-10-11 11:06 ` [Bug default/30959] " dodji at redhat dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: quic_johmoo at quicinc dot com @ 2023-10-10 16:43 UTC (permalink / raw)
To: libabigail
https://sourceware.org/bugzilla/show_bug.cgi?id=30959
Bug ID: 30959
Summary: abidiff segfault with certain regex patterns
Product: libabigail
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: default
Assignee: dodji at redhat dot com
Reporter: quic_johmoo at quicinc dot com
CC: libabigail at sourceware dot org
Target Milestone: ---
Created attachment 15162
--> https://sourceware.org/bugzilla/attachment.cgi?id=15162&action=edit
GDB backtrace
When using a regular expression with range-matching in suppressions, abidiff
segfaults with a null dereference.
To reproduce, create a few binaries that have a diff in a structure, but keep
the same size:
% cat test_1.c
struct foo {
char p[8];
};
int main(void) { return 0; }
% cat test_2.c
struct foo {
int x;
char p[4];
};
int main(void) { return 0; }
% gcc -g -fno-eliminate-unused-debug-types -o test_1.o test_1.c
% gcc -g -fno-eliminate-unused-debug-types -o test_2.o test_2.c
Then create the following suppression file (suppr.txt):
[suppress_type]
type_kind = struct
has_data_member_inserted_at =
offset_of_first_data_member_regexp(.*foo[0-9]?$)
Then, run:
% abidiff --suppr suppr.txt -t test_1.o test_2.o
[1] 16928 segmentation fault abidiff --suppr suppr.txt -t test_1.o test_2.o
It appears to be related to the range-matching pattern in the regular
expression. If I change the suppressions file to be and equivalent (using \d
instead of [0-9]):
[suppress_type]
type_kind = struct
has_data_member_inserted_at = offset_of_first_data_member_regexp(.*foo\d?$)
...abidiff works correctly:
% abidiff --suppr suppr.txt -t test_1.o test_2.o
Functions changes summary: 0 Removed, 0 Changed, 0 Added function
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
Unreachable types summary: 0 removed, 1 changed, 0 added type
1 changed type unreachable from any public interface:
[C] 'struct foo' changed:
type size hasn't changed
1 data member insertion:
'int x', at offset 0 (in bits) at test_2.c:2:1
1 data member change:
type of 'char p[8]' changed:
type name changed from 'char[8]' to 'char[4]'
array type size changed from 64 to 32
array type subrange 1 changed length from 8 to 4
and offset changed from 0 to 32 (in bits) (by +32 bits)
I've attached a GDB backtrace I captured in the failure case.
All I can gather is that in the failure case, the following line in
abg-suppression.cc is returning a NULL fn_call.
ini::function_call_expr_sptr fn_call = b->as_function_call_expr();
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug default/30959] abidiff segfault with certain regex patterns
2023-10-10 16:43 [Bug default/30959] New: abidiff segfault with certain regex patterns quic_johmoo at quicinc dot com
@ 2023-10-11 11:06 ` dodji at redhat dot com
2023-10-11 11:24 ` [Bug default/30959] abidiff segfault on function call expression considered malformed dodji at redhat dot com
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: dodji at redhat dot com @ 2023-10-11 11:06 UTC (permalink / raw)
To: libabigail
https://sourceware.org/bugzilla/show_bug.cgi?id=30959
dodji at redhat dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2023-10-11
Ever confirmed|0 |1
Status|UNCONFIRMED |ASSIGNED
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug default/30959] abidiff segfault on function call expression considered malformed
2023-10-10 16:43 [Bug default/30959] New: abidiff segfault with certain regex patterns quic_johmoo at quicinc dot com
2023-10-11 11:06 ` [Bug default/30959] " dodji at redhat dot com
@ 2023-10-11 11:24 ` dodji at redhat dot com
2023-10-11 12:10 ` dodji at redhat dot com
2023-10-11 17:24 ` quic_johmoo at quicinc dot com
3 siblings, 0 replies; 5+ messages in thread
From: dodji at redhat dot com @ 2023-10-11 11:24 UTC (permalink / raw)
To: libabigail
https://sourceware.org/bugzilla/show_bug.cgi?id=30959
dodji at redhat dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|abidiff segfault with |abidiff segfault on
|certain regex patterns |function call expression
| |considered malformed
--- Comment #1 from dodji at redhat dot com ---
This issue should be fixed by the
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug default/30959] abidiff segfault on function call expression considered malformed
2023-10-10 16:43 [Bug default/30959] New: abidiff segfault with certain regex patterns quic_johmoo at quicinc dot com
2023-10-11 11:06 ` [Bug default/30959] " dodji at redhat dot com
2023-10-11 11:24 ` [Bug default/30959] abidiff segfault on function call expression considered malformed dodji at redhat dot com
@ 2023-10-11 12:10 ` dodji at redhat dot com
2023-10-11 17:24 ` quic_johmoo at quicinc dot com
3 siblings, 0 replies; 5+ messages in thread
From: dodji at redhat dot com @ 2023-10-11 12:10 UTC (permalink / raw)
To: libabigail
https://sourceware.org/bugzilla/show_bug.cgi?id=30959
dodji at redhat dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #2 from dodji at redhat dot com ---
Woops, I hit the wrong button in my previous comment, sorry.
So, strictly speaking, this should be fixed by the patch applied to the master
at https://inbox.sourceware.org/libabigail/87wmvtpdsl.fsf@redhat.com.
A subsequent patch applied to the master branch at
https://inbox.sourceware.org/libabigail/87sf6hpdoz.fsf@redhat.com/ makes the
regular expression passed in argument to the function call expression as
"offset_of_first_data_member_regexp(.*foo[0-9]?$)" be considered valid. Without
that patch, the parser was wrongly considering the characters '[' and ']' as
needing to be escaped.
The fix should be available in the libabigail 2.4 version.
Thanks for reporting this problem and sorry for the inconvenience.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug default/30959] abidiff segfault on function call expression considered malformed
2023-10-10 16:43 [Bug default/30959] New: abidiff segfault with certain regex patterns quic_johmoo at quicinc dot com
` (2 preceding siblings ...)
2023-10-11 12:10 ` dodji at redhat dot com
@ 2023-10-11 17:24 ` quic_johmoo at quicinc dot com
3 siblings, 0 replies; 5+ messages in thread
From: quic_johmoo at quicinc dot com @ 2023-10-11 17:24 UTC (permalink / raw)
To: libabigail
https://sourceware.org/bugzilla/show_bug.cgi?id=30959
--- Comment #3 from John Moon <quic_johmoo at quicinc dot com> ---
Thank you Dodji for the quick response! I just tested the fix and can
cross-confirm the segfault issue is fixed on master.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-10-11 17:24 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-10-10 16:43 [Bug default/30959] New: abidiff segfault with certain regex patterns quic_johmoo at quicinc dot com
2023-10-11 11:06 ` [Bug default/30959] " dodji at redhat dot com
2023-10-11 11:24 ` [Bug default/30959] abidiff segfault on function call expression considered malformed dodji at redhat dot com
2023-10-11 12:10 ` dodji at redhat dot com
2023-10-11 17:24 ` quic_johmoo at quicinc dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).