[Bug libctf/32161] New: CTF array dimensions dumped backwards
https://sourceware.org/bugzilla/show_bug.cgi?id=32161 Bug ID: 32161 Summary: CTF array dimensions dumped backwards Product: binutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: libctf Assignee: unassigned at sourceware dot org Reporter: bruce.mcculloch at oracle dot com Target Milestone: --- Created attachment 15698 --> https://sourceware.org/bugzilla/attachment.cgi?id=15698&action=edit Patch that fixes backwards multidimensional array dumping, plus tests $ cat array.c int a[1][2][3] $ gcc -gctf -o array.o -c array.c $ objdump --ctf array.o array.o: file format elf64-x86-64 Contents of CTF section .ctf: Header: Magic number: 0xdff2 Version: 4 (CTF_VERSION_3) Flags: 0x2 (CTF_F_NEWFUNCINFO) Compilation unit name: //array.c Data object section:0x0 -- 0x3 (0x4 bytes) Object index section: 0x4 -- 0x7 (0x4 bytes) Variable section: 0x8 -- 0xf (0x8 bytes) Type section: 0x10 -- 0x77 (0x68 bytes) String section: 0x78 -- 0x9b (0x24 bytes) Labels: Data objects: a -> 0x5: (kind 4) int [3][2][1] (size 0x18) (aligned at 0x4) -> 0x4: (kind 4) int [3][2] (size 0x18) (aligned at 0x4) -> 0x3: (kind 4) int [3] (size 0xc) (aligned at 0x4) -> 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) Function objects: Variables: a -> 0x5: (kind 4) int [3][2][1] (size 0x18) (aligned at 0x4) -> 0x4: (kind 4) int [3][2] (size 0x18) (aligned at 0x4) -> 0x3: (kind 4) int [3] (size 0xc) (aligned at 0x4) -> 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) Types: 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) 0x2: (kind 1) long unsigned int (format 0x0) (size 0x8) (aligned at 0x8) 0x3: (kind 4) int [3] (size 0xc) (aligned at 0x4) -> 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) 0x4: (kind 4) int [3][2] (size 0x18) (aligned at 0x4) -> 0x3: (kind 4) int [3] (size 0xc) (aligned at 0x4) -> 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) 0x5: (kind 4) int [3][2][1] (size 0x18) (aligned at 0x4) -> 0x4: (kind 4) int [3][2] (size 0x18) (aligned at 0x4) -> 0x3: (kind 4) int [3] (size 0xc) (aligned at 0x4) -> 0x1: (kind 1) int (format 0x1) (size 0x4) (aligned at 0x4) Strings: 0x0: 0x1: int 0x5: long unsigned int 0x17: a 0x19: //array.c This behavior occurs as a result of the following patch, which was applied in gcc 14.2.0: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114186 This patch solves the issue of reversed multidimensional array nelems in the BTF dumper and in the assembler output, but causes the multidimensional arrays in CTF to be dumped backwards. This behavior can also be observed in ctf_get_aname() as well as some other functions. The problem lies in ctf_decl_push, and I have a solution as well as some tests. The issue with this is that if this patch is applied while compiling with a version of gcc older than 14.2.0, this patch will make the dumper output backwards. The solution to this is either to backport the gcc-14.2.0 patch, or to add a flag to objdump and libctf. Patch is attached. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug libctf/32903] New: Error pointer overwritten on successful dict open in ctf_dict_open
https://sourceware.org/bugzilla/show_bug.cgi?id=32903
Bug ID: 32903
Summary: Error pointer overwritten on successful dict open in
ctf_dict_open
Product: binutils
Version: 2.45 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libctf
Assignee: unassigned at sourceware dot org
Reporter: bruce.mcculloch at oracle dot com
Target Milestone: ---
Created attachment 16048
--> https://sourceware.org/bugzilla/attachment.cgi?id=16048&action=edit
binutils libctf patch
When calling ctf_dict_open (const ctf_archive_t *arc, const char *name, int
*errp), the provided error pointer gets overwritten with junk memory on
success. This issue was initially discovered when opening a vmlinux.ctfa.
The error was indirectly introduced by the commit
61914bb6990c943c65fa8e10b1577c0808016149, which intended to return appropriate
error codes when an archive opening function fails.
I have included a patch that fixes the issue and still maintains the code added
in the above commit. Simply, in ctf_arc_import_parent, give the error variable
an initial value, and write to the provided error pointer arg IFF the local
error variable is set by the ctf_dict_open_cached call.
If you would like to test this, I have also included a reproducer written by
Stephen Brennan (stephen.s.bren...@oracle.com). Just build this, link with your
new libctf.so, and provide the path to your vmlinux.ctfa:
#include
#include
int main(int argc, char **argv)
{
if (argc != 2) {
fprintf(stderr, "usage: %s ARCHIVE\n", argv[0]);
return 1;
}
int errnum = 0;
ctf_archive_t *arc = ctf_open(argv[1], NULL, &errnum);
if (!arc) {
fprintf(stderr, "ctf_open returned null, errnum = %d (%s)\n",
errnum, ctf_errmsg(errnum));
return 1;
}
if (errnum)
fprintf(stderr, "ctf_open returned non-null, errnum = %d\n",
errnum);
errnum=0;
ctf_dict_t *dict = ctf_dict_open(arc, "vmlinux", &errnum);
if (!dict) {
fprintf(stderr, "ctf_dict_open returned null, errnum = %d
(%s)\n", errnum, ctf_errmsg(errnum));
return 1;
}
if (errnum)
fprintf(stderr, "ctf_dict_open returned non-null, errnum =
%d\n", errnum);
ctf_id_t id = ctf_lookup_by_name(dict, "struct module");
printf("struct module = 0x%x, kind %d\n", id, ctf_type_kind(dict, id));
}
--
You are receiving this mail because:
You are on the CC list for the bug.
[Bug libctf/32903] Error pointer overwritten on successful dict open in ctf_dict_open
https://sourceware.org/bugzilla/show_bug.cgi?id=32903 Bruce McCulloch changed: What|Removed |Added Attachment #16048|0 |1 is obsolete|| --- Comment #1 from Bruce McCulloch --- Created attachment 16049 --> https://sourceware.org/bugzilla/attachment.cgi?id=16049&action=edit Update to proposed patch Updating the patch to handle the case where the provided errp is NULL. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug libctf/32903] Error pointer overwritten on successful dict open in ctf_dict_open
https://sourceware.org/bugzilla/show_bug.cgi?id=32903 Bruce McCulloch changed: What|Removed |Added CC||bruce.mcculloch at oracle dot com, ||nick.alcock at oracle dot com, ||stephen.s.brennan at oracle dot co ||m -- You are receiving this mail because: You are on the CC list for the bug.
