From patchwork Thu Nov 22 12:35:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom de Vries X-Patchwork-Id: 1001745 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-490712-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=suse.de Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="ctXibzQa"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 430zSR3S3cz9s8J for ; Thu, 22 Nov 2018 23:35:50 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; q=dns; s=default; b=vJEZmjrMGkd4MO1Wx2YFnV4vKkYDqI+m46vTeeWDLOJqivmQXf l/8b2QWbhSSYtJ6sCaiMBf2fvEmH3nMn5KpSQj6UKBvfU79YM9aN9qwXuZxbVklI KeQ1L2kg4pqz0YMTT0DBG3QarB9DXXHeP4YRB0o/XOmGPuiN/YFnPWpZA= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; s= default; bh=shET9D2xEDDYzj1tXtlWKlL7KiE=; b=ctXibzQawQYaFlkMmz3t hlYdw0EWb/0hi7ZMmm5m1bmjTetx0M9+GtI816WTmmFkHeo6rSQyE3cuod2r7Uwi ClSFPc26NZjgVqcdo/v870m201G1AhPUbXL/KKnjqI/oXrQ8C+Bm9CSF3+T7orgp xgk8ejiW4QpxXephQ3utxyA= Received: (qmail 17950 invoked by alias); 22 Nov 2018 12:35:43 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 17940 invoked by uid 89); 22 Nov 2018 12:35:42 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.4 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_NUMSUBJECT, SPF_PASS autolearn=ham version=3.3.2 spammy=BUSINESS, damage, SERVICES, endorse X-HELO: mx1.suse.de Received: from mx2.suse.de (HELO mx1.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 22 Nov 2018 12:35:40 +0000 Received: from relay1.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 87001AD24; Thu, 22 Nov 2018 12:35:38 +0000 (UTC) Date: Thu, 22 Nov 2018 13:35:43 +0100 From: Tom de Vries To: gcc-patches@gcc.gnu.org Cc: Ian Lance Taylor Subject: [PATCH 1/2][libbacktrace] Handle realloc returning NULL if size == 0 Message-ID: <20181122123541.GA2333@delia> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-IsSubscribed: yes Hi, If realloc is called with size 0, realloc can return NULL. When this happens in the backtrace_vector_release in alloc.c, the error callback is called, which should not be the case. Fix this by testing for size == 0 before calling the error callback. Build and tested on x86_64, with mmap.c replaced by alloc.c to ensure that backtrace_vector_release in alloc.c is tested. OK for trunk if bootstrap and reg-test on x86_64 succeeds? Thanks, - Tom [libbacktrace] Handle realloc returning NULL if size == 0 2018-11-22 Tom de Vries * Makefile.am (check_PROGRAMS): Add unittest. * Makefile.in: Regenerate. * alloc.c (backtrace_vector_release): Handle realloc returning NULL if * size == 0. * unittest.c: New file. --- libbacktrace/Makefile.am | 5 +++ libbacktrace/Makefile.in | 25 ++++++++++--- libbacktrace/alloc.c | 2 +- libbacktrace/unittest.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 119 insertions(+), 5 deletions(-) diff --git a/libbacktrace/Makefile.am b/libbacktrace/Makefile.am index 3c1bd49dd7b..a2111ee7f67 100644 --- a/libbacktrace/Makefile.am +++ b/libbacktrace/Makefile.am @@ -90,6 +90,11 @@ TESTS = $(check_PROGRAMS) if NATIVE +unittest_SOURCES = unittest.c testlib.c +unittest_LDADD = libbacktrace.la + +check_PROGRAMS += unittest + btest_SOURCES = btest.c testlib.c btest_CFLAGS = $(AM_CFLAGS) -g -O btest_LDADD = libbacktrace.la diff --git a/libbacktrace/Makefile.in b/libbacktrace/Makefile.in index 60a9d887dba..2d62ce20b9a 100644 --- a/libbacktrace/Makefile.in +++ b/libbacktrace/Makefile.in @@ -121,7 +121,7 @@ build_triplet = @build@ host_triplet = @host@ target_triplet = @target@ check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_3) -@NATIVE_TRUE@am__append_1 = btest stest ztest edtest +@NATIVE_TRUE@am__append_1 = unittest btest stest ztest edtest @HAVE_ZLIB_TRUE@@NATIVE_TRUE@am__append_2 = -lz @HAVE_PTHREAD_TRUE@@NATIVE_TRUE@am__append_3 = ttest @HAVE_OBJCOPY_DEBUGLINK_TRUE@@NATIVE_TRUE@am__append_4 = dtest @@ -158,8 +158,8 @@ AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = -@NATIVE_TRUE@am__EXEEXT_1 = btest$(EXEEXT) stest$(EXEEXT) \ -@NATIVE_TRUE@ ztest$(EXEEXT) edtest$(EXEEXT) +@NATIVE_TRUE@am__EXEEXT_1 = unittest$(EXEEXT) btest$(EXEEXT) \ +@NATIVE_TRUE@ stest$(EXEEXT) ztest$(EXEEXT) edtest$(EXEEXT) @HAVE_PTHREAD_TRUE@@NATIVE_TRUE@am__EXEEXT_2 = ttest$(EXEEXT) @HAVE_COMPRESSED_DEBUG_TRUE@@NATIVE_TRUE@am__EXEEXT_3 = \ @HAVE_COMPRESSED_DEBUG_TRUE@@NATIVE_TRUE@ ctestg$(EXEEXT) \ @@ -202,6 +202,10 @@ ttest_OBJECTS = $(am_ttest_OBJECTS) ttest_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ttest_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ +@NATIVE_TRUE@am_unittest_OBJECTS = unittest.$(OBJEXT) \ +@NATIVE_TRUE@ testlib.$(OBJEXT) +unittest_OBJECTS = $(am_unittest_OBJECTS) +@NATIVE_TRUE@unittest_DEPENDENCIES = libbacktrace.la @NATIVE_TRUE@am_ztest_OBJECTS = ztest-ztest.$(OBJEXT) \ @NATIVE_TRUE@ ztest-testlib.$(OBJEXT) ztest_OBJECTS = $(am_ztest_OBJECTS) @@ -246,7 +250,7 @@ am__v_CCLD_1 = SOURCES = $(libbacktrace_la_SOURCES) $(EXTRA_libbacktrace_la_SOURCES) \ $(btest_SOURCES) $(ctesta_SOURCES) $(ctestg_SOURCES) \ $(edtest_SOURCES) $(stest_SOURCES) $(ttest_SOURCES) \ - $(ztest_SOURCES) + $(unittest_SOURCES) $(ztest_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -655,6 +659,8 @@ libbacktrace_la_LIBADD = \ libbacktrace_la_DEPENDENCIES = $(libbacktrace_la_LIBADD) TESTS = $(check_PROGRAMS) $(am__append_4) +@NATIVE_TRUE@unittest_SOURCES = unittest.c testlib.c +@NATIVE_TRUE@unittest_LDADD = libbacktrace.la @NATIVE_TRUE@btest_SOURCES = btest.c testlib.c @NATIVE_TRUE@btest_CFLAGS = $(AM_CFLAGS) -g -O @NATIVE_TRUE@btest_LDADD = libbacktrace.la @@ -800,6 +806,10 @@ ttest$(EXEEXT): $(ttest_OBJECTS) $(ttest_DEPENDENCIES) $(EXTRA_ttest_DEPENDENCIE @rm -f ttest$(EXEEXT) $(AM_V_CCLD)$(ttest_LINK) $(ttest_OBJECTS) $(ttest_LDADD) $(LIBS) +unittest$(EXEEXT): $(unittest_OBJECTS) $(unittest_DEPENDENCIES) $(EXTRA_unittest_DEPENDENCIES) + @rm -f unittest$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(unittest_OBJECTS) $(unittest_LDADD) $(LIBS) + ztest$(EXEEXT): $(ztest_OBJECTS) $(ztest_DEPENDENCIES) $(EXTRA_ztest_DEPENDENCIES) @rm -f ztest$(EXEEXT) $(AM_V_CCLD)$(ztest_LINK) $(ztest_OBJECTS) $(ztest_LDADD) $(LIBS) @@ -1088,6 +1098,13 @@ recheck: all $(check_PROGRAMS) am__force_recheck=am--force-recheck \ TEST_LOGS="$$log_list"; \ exit $$? +unittest.log: unittest$(EXEEXT) + @p='unittest$(EXEEXT)'; \ + b='unittest'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) btest.log: btest$(EXEEXT) @p='btest$(EXEEXT)'; \ b='btest'; \ diff --git a/libbacktrace/alloc.c b/libbacktrace/alloc.c index 7070afbf2aa..2f7ad956088 100644 --- a/libbacktrace/alloc.c +++ b/libbacktrace/alloc.c @@ -146,7 +146,7 @@ backtrace_vector_release (struct backtrace_state *state ATTRIBUTE_UNUSED, void *data) { vec->base = realloc (vec->base, vec->size); - if (vec->base == NULL) + if (vec->base == NULL && vec->size != 0) { error_callback (data, "realloc", errno); return 0; diff --git a/libbacktrace/unittest.c b/libbacktrace/unittest.c new file mode 100644 index 00000000000..576aa080935 --- /dev/null +++ b/libbacktrace/unittest.c @@ -0,0 +1,92 @@ +/* unittest.c -- Test for libbacktrace library + Copyright (C) 2018 Free Software Foundation, Inc. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + (1) Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + (2) Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + (3) The name of the author may not be used to + endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. */ + +#include +#include +#include +#include +#include + +#include "filenames.h" + +#include "backtrace.h" +#include "backtrace-supported.h" + +#include "testlib.h" + +#include "internal.h" + +static unsigned count; + +static void +error_callback (void *vdata ATTRIBUTE_UNUSED, const char *msg ATTRIBUTE_UNUSED, + int errnum ATTRIBUTE_UNUSED) +{ + ++count; +} + +static int +test1 (void) +{ + int res; + int failed; + + struct backtrace_vector vec; + + memset (&vec, 0, sizeof vec); + + backtrace_vector_grow (state, 100, error_callback, NULL, &vec); + vec.alc += vec.size; + vec.size = 0; + + count = 0; + res = backtrace_vector_release (state, &vec, error_callback, NULL); + failed = res != 1 || count != 0; + + printf ("%s: unittest backtrace_vector_release size == 0\n", + failed ? "FAIL": "PASS"); + + if (failed) + ++failures; + + return failures; +} + +int +main (int argc ATTRIBUTE_UNUSED, char **argv) +{ + state = backtrace_create_state (argv[0], BACKTRACE_SUPPORTS_THREADS, + error_callback_create, NULL); + + test1 (); + + exit (failures ? EXIT_FAILURE : EXIT_SUCCESS); +} From patchwork Thu Nov 22 12:36:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom de Vries X-Patchwork-Id: 1001746 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-490713-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=suse.de Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="T2U9evvL"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 430zTf6blqz9s29 for ; Thu, 22 Nov 2018 23:36:54 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; q=dns; s=default; b=CJUkDvXlDvJQVXlur+Kq0oJQw/zd00B8Ohd3ABR5276ezHFM0z dWDujoTCP3mJMq9iFlCLa9BsBbW0FuGoQxFCI5Tpw9HwNGX2AfjA0wgPGuzl9plX x9dyltXeXKVLrtPwZlYaYcbpqHSK/oNa2V3vLo+kARm4t/TBv3XkY8bvs= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; s= default; bh=SpgA1j7IkchRjgi3YqwYboWWlRQ=; b=T2U9evvLMGO6pwPVYhgi D+RqFQvTxpB8XojoWTKrqJla9QNaDDX2x3RCzYZ4sTc3Unog4XfqMmZn/KQaXo2I LBAVffAb+KU/Pwnww/FED8gRtTRR1Yht3o0P1Y3rsE3UMibzUtqWfhEiGlHkLdMw Jr8G3qtONddNVAt/GcXfT/E= Received: (qmail 19987 invoked by alias); 22 Nov 2018 12:36:47 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 19975 invoked by uid 89); 22 Nov 2018 12:36:47 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_PASS autolearn=ham version=3.3.2 spammy=Hx-languages-length:2163 X-HELO: mx1.suse.de Received: from mx2.suse.de (HELO mx1.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 22 Nov 2018 12:36:45 +0000 Received: from relay1.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id C7826AEAA; Thu, 22 Nov 2018 12:36:43 +0000 (UTC) Date: Thu, 22 Nov 2018 13:36:49 +0100 From: Tom de Vries To: gcc-patches@gcc.gnu.org Cc: Ian Lance Taylor Subject: [PATCH 2/2][libbacktrace] Don't point to released memory in backtrace_vector_release Message-ID: <20181122123647.GA2403@delia> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-IsSubscribed: yes Hi, When backtrace_vector_release is called with vec.size == 0, it releases the memory pointed at by vec.base. In case of the backtrace_vector_release in alloc.c, vec.base may then be set to NULL, but this is not guaranteed. Set vec.base set to NULL if vec.size == 0 to ensure we don't point to released memory. OK for trunk if bootstrap and reg-test on x86_64 succeeds? Thanks, - Tom [libbacktrace] Don't point to released memory in backtrace_vector_release 2018-11-22 Tom de Vries * alloc.c (backtrace_vector_release): Set base to NULL if size == 0. * mmap.c (backtrace_vector_release): Same. * unittest.c (test1): Add check. --- libbacktrace/alloc.c | 2 ++ libbacktrace/mmap.c | 2 ++ libbacktrace/unittest.c | 4 +++- 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/libbacktrace/alloc.c b/libbacktrace/alloc.c index 2f7ad956088..fb1e754788b 100644 --- a/libbacktrace/alloc.c +++ b/libbacktrace/alloc.c @@ -152,5 +152,7 @@ backtrace_vector_release (struct backtrace_state *state ATTRIBUTE_UNUSED, return 0; } vec->alc = 0; + if (vec->size == 0) + vec->base = NULL; return 1; } diff --git a/libbacktrace/mmap.c b/libbacktrace/mmap.c index 32fcba62399..9f896a1bb99 100644 --- a/libbacktrace/mmap.c +++ b/libbacktrace/mmap.c @@ -321,5 +321,7 @@ backtrace_vector_release (struct backtrace_state *state, backtrace_free (state, (char *) vec->base + aligned, alc, error_callback, data); vec->alc = 0; + if (vec->size == 0) + vec->base = NULL; return 1; } diff --git a/libbacktrace/unittest.c b/libbacktrace/unittest.c index 576aa080935..6c07aff91ee 100644 --- a/libbacktrace/unittest.c +++ b/libbacktrace/unittest.c @@ -58,6 +58,7 @@ test1 (void) { int res; int failed; + void *prev; struct backtrace_vector vec; @@ -68,8 +69,9 @@ test1 (void) vec.size = 0; count = 0; + prev = vec.base; res = backtrace_vector_release (state, &vec, error_callback, NULL); - failed = res != 1 || count != 0; + failed = res != 1 || count != 0 || vec.base != NULL; printf ("%s: unittest backtrace_vector_release size == 0\n", failed ? "FAIL": "PASS");