This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[PATCH] Fix segfaults in dwarf array pointer subscripting when -vvv is specified
- From: "Yichun Zhang (agentzh)" <yichun at openresty dot com>
- To: systemtap at sourceware dot org
- Cc: "Yichun Zhang (agentzh)" <yichun at openresty dot com>
- Date: Wed, 21 Nov 2018 23:32:21 -0800
- Subject: [PATCH] Fix segfaults in dwarf array pointer subscripting when -vvv is specified
location_context::new_symref() forgot to initialize sym->tok which led
to NULL e->tok pointers.
Thanks to Mozilla rr for greatly simplifying debugging this issue.
Added some tests to cover this fix.
---
loc2stap.cxx | 1 +
testsuite/systemtap.base/atcast-index.exp | 58 +++++++++++++++++++++++++++++
testsuite/systemtap.base/atcast-index_1.c | 12 ++++++
testsuite/systemtap.base/atcast-index_1.stp | 5 +++
testsuite/systemtap.base/atcast-index_2.c | 13 +++++++
testsuite/systemtap.base/atcast-index_2.stp | 9 +++++
6 files changed, 98 insertions(+)
create mode 100644 testsuite/systemtap.base/atcast-index.exp
create mode 100644 testsuite/systemtap.base/atcast-index_1.c
create mode 100644 testsuite/systemtap.base/atcast-index_1.stp
create mode 100644 testsuite/systemtap.base/atcast-index_2.c
create mode 100644 testsuite/systemtap.base/atcast-index_2.stp
diff --git a/loc2stap.cxx b/loc2stap.cxx
index 177e43856..2502a3d7e 100644
--- a/loc2stap.cxx
+++ b/loc2stap.cxx
@@ -226,6 +226,7 @@ location_context::new_symref(vardecl *var)
{
symbol *sym = new symbol;
sym->name = var->name;
+ sym->tok = var->tok;
sym->referent = var;
return sym;
}
diff --git a/testsuite/systemtap.base/atcast-index.exp b/testsuite/systemtap.base/atcast-index.exp
new file mode 100644
index 000000000..b2c71c55e
--- /dev/null
+++ b/testsuite/systemtap.base/atcast-index.exp
@@ -0,0 +1,58 @@
+set test "atcast-index"
+set testpath "$srcdir/$subdir"
+
+if {! [installtest_p]} { untested $test; return }
+if {! [uretprobes_p]} { untested $test; return }
+
+# --- TEST 1 ---
+
+set subtest1 "TEST 1: const folding in array index of a translated array address"
+
+set res [target_compile ${testpath}/${test}_1.c ./a.out executable \
+ "additional_flags=-O additional_flags=-g"]
+if {$res ne ""} {
+ verbose "target_compile failed: $res" 2
+ fail "$test: $subtest1: unable to compile ${test}_1.c"
+} else {
+ foreach runtime [get_runtime_list] {
+ if {$runtime eq ""} {
+ set runtime "kernel"
+ }
+ set test_name "$test: $subtest1 ($runtime)"
+ set cmd "stap -vvv --runtime=$runtime -c ./a.out '$srcdir/$subdir/${test}_1.stp'"
+ set exit_code [run_cmd_2way $cmd out stderr]
+ set out_pat "^78\\n\\Z"
+ like "${test_name}: stdout" $out $out_pat "-linestop -lineanchor"
+ set stderr_pat "Collapsing constant-identity binary operator operator '\\*' at "
+ like "${test_name}: stderr" $stderr $stderr_pat "-lineanchor"
+ is "${test_name}: exit code" $exit_code 0
+ }
+}
+
+# --- TEST 2 ---
+
+set subtest2 "TEST 2: ternay expressions inside dwarf array indexes"
+
+set res [target_compile ${testpath}/${test}_2.c ./a.out executable \
+ "additional_flags=-O additional_flags=-g"]
+if {$res ne ""} {
+ verbose "target_compile failed: $res" 2
+ fail "$test: $subtest2: unable to compile ${test}_2.c"
+} else {
+ foreach runtime [get_runtime_list] {
+ if {$runtime eq ""} {
+ set runtime "kernel"
+ }
+ set test_name "$test: $subtest2 ($runtime)"
+ set cmd "stap --runtime=$runtime -c ./a.out '$srcdir/$subdir/${test}_2.stp'"
+ set exit_code [run_cmd_2way $cmd out stderr]
+ set exp_out "91
+78
+"
+ is "${test_name}: stdout" $out $exp_out
+ is "${test_name}: exit code" $exit_code 0
+ if {$stderr ne ""} {
+ send_log "stderr:\n$stderr"
+ }
+ }
+}
diff --git a/testsuite/systemtap.base/atcast-index_1.c b/testsuite/systemtap.base/atcast-index_1.c
new file mode 100644
index 000000000..49e50ff69
--- /dev/null
+++ b/testsuite/systemtap.base/atcast-index_1.c
@@ -0,0 +1,12 @@
+typedef struct {
+ char arr[3];
+ char sz;
+} foo;
+
+foo a;
+
+int main(void) {
+ a.sz = 2;
+ a.arr[2] = 78;
+ return 0;
+}
diff --git a/testsuite/systemtap.base/atcast-index_1.stp b/testsuite/systemtap.base/atcast-index_1.stp
new file mode 100644
index 000000000..f06e72759
--- /dev/null
+++ b/testsuite/systemtap.base/atcast-index_1.stp
@@ -0,0 +1,5 @@
+probe process.function("main").return {
+ p = &@var("a");
+ q = &@cast(p, "char")[((@cast(p, "foo")->sz)) * (1)];
+ printf("%d\n", user_int8(q));
+}
diff --git a/testsuite/systemtap.base/atcast-index_2.c b/testsuite/systemtap.base/atcast-index_2.c
new file mode 100644
index 000000000..88bd18915
--- /dev/null
+++ b/testsuite/systemtap.base/atcast-index_2.c
@@ -0,0 +1,13 @@
+typedef struct {
+ char arr[5];
+ char sz;
+} foo;
+
+foo a;
+
+int main(void) {
+ a.sz = 2;
+ a.arr[2] = 78;
+ a.arr[4] = 91;
+ return 0;
+}
diff --git a/testsuite/systemtap.base/atcast-index_2.stp b/testsuite/systemtap.base/atcast-index_2.stp
new file mode 100644
index 000000000..ec76af3fb
--- /dev/null
+++ b/testsuite/systemtap.base/atcast-index_2.stp
@@ -0,0 +1,9 @@
+probe process.function("main").return {
+ p = &@var("a");
+ q = &@cast(p, "char")[((@cast(p, "foo")->sz))
+ * (@cast(p, "foo")->sz != 2 ? (1) : (2))];
+ printf("%d\n", user_int8(q));
+ q = &@cast(p, "char")[((@cast(p, "foo")->sz))
+ * (@cast(p, "foo")->sz == 2 ? (1) : (2))];
+ printf("%d\n", user_int8(q));
+}
--
2.11.0.295.gd7dffce