This is an archive of the discontinued LLVM Phabricator instance.

Differential D38394

Fix dumping of characters with non-standard sizes
ClosedPublic

Authored by petpav01 on Sep 29 2017, 2:50 AM.

Details

Reviewers
clayborg
jingham
Summary
  • Prevent dumping of characters in DumpDataExtractor() with item_byte_size bigger than 8 bytes. This case is not supported by the code and results in a crash because the code calls DataExtractor::GetMaxU64Bitfield() -> GetMaxU64() that asserts for byte size > 8 bytes.
  • Teach DataExtractor::GetMaxU64(), GetMaxU32() and GetMaxS64() how to handle byte sizes that are not a multiple of 2. This allows DumpDataExtractor() to dump characters and booleans with item_byte_size in the interval of [1, 8] bytes. Values that are not a multiple of 2 would previously result in a crash because they were not handled by GetMaxU64().

Examples of two commands that previously resulted in a crash when debugging an AArch64 target, and their new behaviour:

(lldb) register read --format character v0
      v0 = error: unsupported byte size (16) for char format
(lldb) memory read --format boolean --size 7 $sp
0x7ffffffd70: false
0x7ffffffd77: false
[...]

Diff Detail

Event Timeline

petpav01 created this revision.Sep 29 2017, 2:50 AM
Herald added subscribers: kristof.beyls, aemerson. · View Herald TranscriptSep 29 2017, 2:50 AM
jingham edited edge metadata.Sep 29 2017, 4:20 PM

This looks fine to me. I'd give Greg a little time to weigh in, this is much more his code than mine. But I don't see any problem with this, and thanks for the tests!

source/Core/DumpDataExtractor.cpp
275–281

Should this consume the weird input we couldn't print? I actually don't have a good feel for which would be better.

source/Utility/DataExtractor.cpp
571–572

This is trivial, and you didn't change what was there, but this message makes it sound like this is just something we haven't gotten to yet. It's really "You passed in an illegal byte size"... Might be clearer if the message said that.

jingham accepted this revision.Sep 29 2017, 4:20 PM
This revision is now accepted and ready to land.Sep 29 2017, 4:20 PM
petpav01 added a comment.Oct 3 2017, 7:32 AM

Thank you for the initial review.

source/Core/DumpDataExtractor.cpp
275–281

The behaviour implemented in DumpDataExtractor() for other formats, such as eFormatBoolean or eFormatComplexInteger, is to report an error and do not advance the offset. The approach that the patch takes is to make eFormatChar (and its variants) consistent with this behaviour.

source/Utility/DataExtractor.cpp
571–572

I was not sure what is the expected behaviour when the input byte_size exceeds the size of the return type of each of these GetMax...() methods. The current behaviour is to assert this situation but comments describing the methods (in both DataExtractor.cpp and DataExtractor.h) say that nothing should get extracted in these cases and zero is returned.

Maybe the patch should go a bit further and clean this up as follows:

  • Remove duplicated comments in DataExtractor.cpp for DataExtractor::GetMaxU32() and GetMaxU64() and keep only their Doxygen versions in DataExtractor.h.
  • Update comments in DataExtractor.h for DataExtractor::GetMaxU32(), GetMaxU64(), GetMaxS64(), GetMaxU64Bitfield() and GetMaxS64Bitfield() to match the current implementation.
  • Change assertion text in DataExtractor::GetMaxU32() and GetMaxU64() from "unhandled case" to "invalid byte size".

Does this sound reasonable?

jingham added a comment.Oct 3 2017, 8:58 AM

See inlined comments.

source/Core/DumpDataExtractor.cpp
275–281

The doc's say an error in the size "will result in nothing being extracted". That seems like a roundabout way of saying that offset won't be advanced, but I probably should have figured it out from there. Thanks for checking on the error behavior of the other dumpers! You are doing the right thing.

source/Utility/DataExtractor.cpp
571–572

The released versions of lldb - at least the ones Apple releases - have asserts disabled. This isn't unique to lldb, clang does the same thing.

I do my day-to-day debugging using a TOT build with asserts enabled, and we run the testsuite that way so the asserts catch errors at this stage. But for the general public, the function will behave as described. It would be great to remove the duplicated docs - that's just begging for one or the other to get out of date. But the descriptions are functionally correct. And then changing the text to "invalid byte size" also seems good to me.

zturner added a subscriber: zturner.Oct 3 2017, 9:16 AM
zturner added inline comments.
source/Utility/DataExtractor.cpp
571–572

Being pedantic, this *is* a functionality change. Previously, we would assert on a size of 3 or 0, with this change we will allow those cases through.

petpav01 added inline comments.Oct 4 2017, 2:49 AM
source/Utility/DataExtractor.cpp
571–572

To explain myself better, what I was thinking about is that e.g. GetMaxU64() should have part:

"\a byte_size should have a value greater than or equal to one and less than or equal to eight since the return value is 64 bits wide. Any \a byte_size values less than 1 or greater than 8 will result in nothing being extracted, and zero being returned."

changed to:

"\a byte_size must have a value greater than or equal to one and less than or equal to eight since the return value is 64 bits wide. The behaviour is undefined for any \a byte_size values less than 1 or greater than 8."

This way the comment provides information that does not depend on whether assertions are enabled or not. The behaviour for byte_size > 8 is said to be undefined in the updated description because it either results in an assertion failure or some undefined behaviour if asserts are disabled.

If the behaviour for byte_size > 4/8 with assertions disabled should actually be that these methods still return 0 and do not advance the offset then the patch has two bugs:

  • The general case added in GetMaxU64() is not correct. It returns an unexpected value for byte_size > 8 and advances the offset.
  • GetMaxU32() needs to have if (byte_size > 4) return 0; added before it calls GetMaxU64() to avoid the same problem for any byte_size > 4.

An additional thing is that the patch causes that byte_size == 0 is now fully valid and does not assert. This might not be the best idea given that the current descriptions say that byte_size values should be in interval [1, 4/8]. I will add the assertion for byte_size == 0 back in the updated patch so the changes affect/enable only byte_size in range [1, 4/8] (which are clear to be valid) and the zero corner case has its behaviour unchanged.

clayborg edited edge metadata.Oct 9 2017, 8:20 AM

Looks good. Would be nice to add support for byte sizes of 3, 5 and 7 to the unchecked version as noted in inline comments, or remove the function if no one is using this function. Just a few quick fixes and this will be good to go.

source/Utility/DataExtractor.cpp
571–572

use lldbassert if the function will function correctly with the assert removed. I know the previous code was always asserting, but we should change it to use lldbassert to make sure we don't crash the debugger in release builds.

610–614

Shouldn't we handle the 3, 5 and 7 sizes here too?

unittests/Core/DataExtractorTest.cpp
134

add a test for the unchecked version here?

petpav01 updated this revision to Diff 118375.Oct 10 2017, 6:33 AM

Updated patch contains the following changes:

  • Remove comments for DataExtractor::GetMaxU32() and GetMaxU64() from DataExtractor.cpp and keep only the Doxygen ones in the header file.
  • Restore assertion for byte_size == 0 in GetMaxU32() and GetMaxU64(), change the assert text from "unhandled case" to "invalid byte_size" and replace assert() by lldbassert().
  • Update Doxygen documentation for GetMaxU32(), GetMaxU64(), GetMaxS64(), GetMaxU64Bitfield() and GetMaxS64Bitfield() to say that byte_size must be in interval [1,4/8] and remove that the methods return 0 if byte_size is bigger than 4/8 because that no longer holds. The patch retains the behaviour that LLDB does not crash in such cases but the returned value can be arbitrary. Note: This is something that I am not certain if I addressed properly. It seems to me this should be ok because the code now uses lldbassert() and so there will be always some error that something went wrong. An alternative is to add extra code that checks for byte_size > 4/8 and returns 0 in such cases. Please let me know if that would be preferred.
  • Enable GetMaxU64_unchecked() to also handle any byte_size in range [1,8] and add testing for this method in DataExtractorTest.cpp.
clayborg accepted this revision.Oct 10 2017, 8:04 AM

Looks good

petpav01 added a comment.Oct 11 2017, 1:46 AM

Thanks, will commit shortly.

petpav01 closed this revision.Oct 11 2017, 1:56 AM

Landed as r315444. Closing manually because I forgot to include "Differential Revision: ..." in the commit message.

Revision Contents

PathSize
include/
lldb/
Utility/
34 lines
source/
Core/
7 lines
Utility/
111 lines
unittests/
Core/
117 lines

Diff 118375

include/lldb/Utility/DataExtractor.h

Show First 20 LinesShow All 507 Lines▼ Show 20 Linespublic:
long double GetLongDouble(lldb::offset_t *offset_ptr) const; long double GetLongDouble(lldb::offset_t *offset_ptr) const;
//------------------------------------------------------------------ //------------------------------------------------------------------
/// Extract an integer of size \a byte_size from \a *offset_ptr. /// Extract an integer of size \a byte_size from \a *offset_ptr.
/// ///
/// Extract a single integer value and update the offset pointed to /// Extract a single integer value and update the offset pointed to
/// by \a offset_ptr. The size of the extracted integer is specified /// by \a offset_ptr. The size of the extracted integer is specified
/// by the \a byte_size argument. \a byte_size should have a value /// by the \a byte_size argument. \a byte_size must have a value
/// >= 1 and <= 4 since the return value is only 32 bits wide. Any /// >= 1 and <= 4 since the return value is only 32 bits wide.
/// \a byte_size values less than 1 or greater than 4 will result in
/// nothing being extracted, and zero being returned.
/// ///
/// @param[in,out] offset_ptr /// @param[in,out] offset_ptr
/// A pointer to an offset within the data that will be advanced /// A pointer to an offset within the data that will be advanced
/// by the appropriate number of bytes if the value is extracted /// by the appropriate number of bytes if the value is extracted
/// correctly. If the offset is out of bounds or there are not /// correctly. If the offset is out of bounds or there are not
/// enough bytes to extract this value, the offset will be left /// enough bytes to extract this value, the offset will be left
/// unmodified. /// unmodified.
/// ///
/// @param[in] byte_size /// @param[in] byte_size
/// The size in byte of the integer to extract. /// The size in byte of the integer to extract.
/// ///
/// @return /// @return
/// The integer value that was extracted, or zero on failure. /// The integer value that was extracted, or zero on failure.
//------------------------------------------------------------------ //------------------------------------------------------------------
uint32_t GetMaxU32(lldb::offset_t *offset_ptr, size_t byte_size) const; uint32_t GetMaxU32(lldb::offset_t *offset_ptr, size_t byte_size) const;
//------------------------------------------------------------------ //------------------------------------------------------------------
/// Extract an unsigned integer of size \a byte_size from \a /// Extract an unsigned integer of size \a byte_size from \a
/// *offset_ptr. /// *offset_ptr.
/// ///
/// Extract a single unsigned integer value and update the offset /// Extract a single unsigned integer value and update the offset
/// pointed to by \a offset_ptr. The size of the extracted integer /// pointed to by \a offset_ptr. The size of the extracted integer
/// is specified by the \a byte_size argument. \a byte_size should /// is specified by the \a byte_size argument. \a byte_size must
/// have a value greater than or equal to one and less than or equal /// have a value greater than or equal to one and less than or equal
/// to eight since the return value is 64 bits wide. Any /// to eight since the return value is 64 bits wide.
/// \a byte_size values less than 1 or greater than 8 will result in
/// nothing being extracted, and zero being returned.
/// ///
/// @param[in,out] offset_ptr /// @param[in,out] offset_ptr
/// A pointer to an offset within the data that will be advanced /// A pointer to an offset within the data that will be advanced
/// by the appropriate number of bytes if the value is extracted /// by the appropriate number of bytes if the value is extracted
/// correctly. If the offset is out of bounds or there are not /// correctly. If the offset is out of bounds or there are not
/// enough bytes to extract this value, the offset will be left /// enough bytes to extract this value, the offset will be left
/// unmodified. /// unmodified.
/// ///
Show All 10 Lines uint64_t GetMaxU64_unchecked(lldb::offset_t *offset_ptr,
size_t byte_size) const; size_t byte_size) const;
//------------------------------------------------------------------ //------------------------------------------------------------------
/// Extract an signed integer of size \a byte_size from \a *offset_ptr. /// Extract an signed integer of size \a byte_size from \a *offset_ptr.
/// ///
/// Extract a single signed integer value (sign extending if required) /// Extract a single signed integer value (sign extending if required)
/// and update the offset pointed to by \a offset_ptr. The size of /// and update the offset pointed to by \a offset_ptr. The size of
/// the extracted integer is specified by the \a byte_size argument. /// the extracted integer is specified by the \a byte_size argument.
/// \a byte_size should have a value greater than or equal to one /// \a byte_size must have a value greater than or equal to one and
/// and less than or equal to eight since the return value is 64 /// less than or equal to eight since the return value is 64 bits
/// bits wide. Any \a byte_size values less than 1 or greater than /// wide.
/// 8 will result in nothing being extracted, and zero being returned.
/// ///
/// @param[in,out] offset_ptr /// @param[in,out] offset_ptr
/// A pointer to an offset within the data that will be advanced /// A pointer to an offset within the data that will be advanced
/// by the appropriate number of bytes if the value is extracted /// by the appropriate number of bytes if the value is extracted
/// correctly. If the offset is out of bounds or there are not /// correctly. If the offset is out of bounds or there are not
/// enough bytes to extract this value, the offset will be left /// enough bytes to extract this value, the offset will be left
/// unmodified. /// unmodified.
/// ///
/// @param[in] byte_size /// @param[in] byte_size
/// The size in byte of the integer to extract. /// The size in byte of the integer to extract.
/// ///
/// @return /// @return
/// The sign extended signed integer value that was extracted, /// The sign extended signed integer value that was extracted,
/// or zero on failure. /// or zero on failure.
//------------------------------------------------------------------ //------------------------------------------------------------------
int64_t GetMaxS64(lldb::offset_t *offset_ptr, size_t size) const; int64_t GetMaxS64(lldb::offset_t *offset_ptr, size_t byte_size) const;
//------------------------------------------------------------------ //------------------------------------------------------------------
/// Extract an unsigned integer of size \a byte_size from \a /// Extract an unsigned integer of size \a byte_size from \a
/// *offset_ptr, then extract the bitfield from this value if /// *offset_ptr, then extract the bitfield from this value if
/// \a bitfield_bit_size is non-zero. /// \a bitfield_bit_size is non-zero.
/// ///
/// Extract a single unsigned integer value and update the offset /// Extract a single unsigned integer value and update the offset
/// pointed to by \a offset_ptr. The size of the extracted integer /// pointed to by \a offset_ptr. The size of the extracted integer
/// is specified by the \a byte_size argument. \a byte_size should /// is specified by the \a byte_size argument. \a byte_size must
/// have a value greater than or equal to one and less than or equal /// have a value greater than or equal to one and less than or equal
/// to 8 since the return value is 64 bits wide. Any /// to 8 since the return value is 64 bits wide.
/// \a byte_size values less than 1 or greater than 8 will result in
/// nothing being extracted, and zero being returned.
/// ///
/// @param[in,out] offset_ptr /// @param[in,out] offset_ptr
/// A pointer to an offset within the data that will be advanced /// A pointer to an offset within the data that will be advanced
/// by the appropriate number of bytes if the value is extracted /// by the appropriate number of bytes if the value is extracted
/// correctly. If the offset is out of bounds or there are not /// correctly. If the offset is out of bounds or there are not
/// enough bytes to extract this value, the offset will be left /// enough bytes to extract this value, the offset will be left
/// unmodified. /// unmodified.
/// ///
Show All 22 Linespublic:
//------------------------------------------------------------------ //------------------------------------------------------------------
/// Extract an signed integer of size \a byte_size from \a /// Extract an signed integer of size \a byte_size from \a
/// *offset_ptr, then extract and signe extend the bitfield from /// *offset_ptr, then extract and signe extend the bitfield from
/// this value if \a bitfield_bit_size is non-zero. /// this value if \a bitfield_bit_size is non-zero.
/// ///
/// Extract a single signed integer value (sign extending if required) /// Extract a single signed integer value (sign extending if required)
/// and update the offset pointed to by \a offset_ptr. The size of /// and update the offset pointed to by \a offset_ptr. The size of
/// the extracted integer is specified by the \a byte_size argument. /// the extracted integer is specified by the \a byte_size argument.
/// \a byte_size should have a value greater than or equal to one /// \a byte_size must have a value greater than or equal to one and
/// and less than or equal to eight since the return value is 64 /// less than or equal to eight since the return value is 64 bits
/// bits wide. Any \a byte_size values less than 1 or greater than /// wide.
/// 8 will result in nothing being extracted, and zero being returned.
/// ///
/// @param[in,out] offset_ptr /// @param[in,out] offset_ptr
/// A pointer to an offset within the data that will be advanced /// A pointer to an offset within the data that will be advanced
/// by the appropriate number of bytes if the value is extracted /// by the appropriate number of bytes if the value is extracted
/// correctly. If the offset is out of bounds or there are not /// correctly. If the offset is out of bounds or there are not
/// enough bytes to extract this value, the offset will be left /// enough bytes to extract this value, the offset will be left
/// unmodified. /// unmodified.
/// ///
▲ Show 20 LinesShow All 503 LinesShow Last 20 Lines

source/Core/DumpDataExtractor.cpp

Show First 20 LinesShow All 266 Lines▼ Show 20 Lines case eFormatBytesWithASCII:
// is being dumped in a group (item_byte_size is more than 1). // is being dumped in a group (item_byte_size is more than 1).
if (item_byte_size > 1) if (item_byte_size > 1)
s->PutChar(' '); s->PutChar(' ');
break; break;
case eFormatChar: case eFormatChar:
case eFormatCharPrintable: case eFormatCharPrintable:
case eFormatCharArray: { case eFormatCharArray: {
// Reject invalid item_byte_size.
if (item_byte_size > 8) {
s->Printf("error: unsupported byte size (%" PRIu64 ") for char format",
(uint64_t)item_byte_size);
return offset;
}
jinghamUnsubmitted
Not Done
ReplyInline Actions

Should this consume the weird input we couldn't print? I actually don't have a good feel for which would be better.

jingham: Should this consume the weird input we couldn't print? I actually don't have a good feel for…
petpav01AuthorUnsubmitted
Not Done
ReplyInline Actions

The behaviour implemented in DumpDataExtractor() for other formats, such as eFormatBoolean or eFormatComplexInteger, is to report an error and do not advance the offset. The approach that the patch takes is to make eFormatChar (and its variants) consistent with this behaviour.

petpav01: The behaviour implemented in `DumpDataExtractor()` for other formats, such as `eFormatBoolean`…
jinghamUnsubmitted
Not Done
ReplyInline Actions

The doc's say an error in the size "will result in nothing being extracted". That seems like a roundabout way of saying that offset won't be advanced, but I probably should have figured it out from there. Thanks for checking on the error behavior of the other dumpers! You are doing the right thing.

jingham: The doc's say an error in the size "will result in nothing being extracted". That seems like a…
// If we are only printing one character surround it with single // If we are only printing one character surround it with single
// quotes // quotes
if (item_count == 1 && item_format == eFormatChar) if (item_count == 1 && item_format == eFormatChar)
s->PutChar('\''); s->PutChar('\'');
const uint64_t ch = DE.GetMaxU64Bitfield(&offset, item_byte_size, const uint64_t ch = DE.GetMaxU64Bitfield(&offset, item_byte_size,
item_bit_size, item_bit_offset); item_bit_size, item_bit_offset);
if (isprint(ch)) if (isprint(ch))
▲ Show 20 LinesShow All 543 LinesShow Last 20 Lines

source/Utility/DataExtractor.cpp

Show All 11 Lines
#include "lldb/lldb-defines.h" // for LLDB_INVALID_ADDRESS #include "lldb/lldb-defines.h" // for LLDB_INVALID_ADDRESS
#include "lldb/lldb-enumerations.h" // for ByteOrder::eByteOrderBig #include "lldb/lldb-enumerations.h" // for ByteOrder::eByteOrderBig
#include "lldb/lldb-forward.h" // for DataBufferSP #include "lldb/lldb-forward.h" // for DataBufferSP
#include "lldb/lldb-types.h" // for offset_t #include "lldb/lldb-types.h" // for offset_t
#include "lldb/Utility/DataBuffer.h" #include "lldb/Utility/DataBuffer.h"
#include "lldb/Utility/DataBufferHeap.h" #include "lldb/Utility/DataBufferHeap.h"
#include "lldb/Utility/Endian.h" #include "lldb/Utility/Endian.h"
#include "lldb/Utility/LLDBAssert.h"
#include "lldb/Utility/Log.h" #include "lldb/Utility/Log.h"
#include "lldb/Utility/Stream.h" #include "lldb/Utility/Stream.h"
#include "lldb/Utility/StreamString.h" #include "lldb/Utility/StreamString.h"
#include "lldb/Utility/UUID.h" #include "lldb/Utility/UUID.h"
#include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/ArrayRef.h"
#include "llvm/ADT/SmallVector.h" #include "llvm/ADT/SmallVector.h"
#include "llvm/Support/MD5.h" #include "llvm/Support/MD5.h"
▲ Show 20 LinesShow All 72 Lines▼ Show 20 Lines
} }
static inline uint64_t ReadSwapInt64(const void *ptr) { static inline uint64_t ReadSwapInt64(const void *ptr) {
uint64_t value; uint64_t value;
memcpy(&value, ptr, 8); memcpy(&value, ptr, 8);
return llvm::ByteSwap_64(value); return llvm::ByteSwap_64(value);
} }
static inline uint64_t ReadMaxInt64(const uint8_t *data, size_t byte_size,
ByteOrder byte_order) {
uint64_t res = 0;
if (byte_order == eByteOrderBig)
for (size_t i = 0; i < byte_size; ++i)
res = (res << 8) | data[i];
else {
assert(byte_order == eByteOrderLittle);
for (size_t i = 0; i < byte_size; ++i)
res = (res << 8) | data[byte_size - 1 - i];
}
return res;
}
DataExtractor::DataExtractor() DataExtractor::DataExtractor()
: m_start(nullptr), m_end(nullptr), : m_start(nullptr), m_end(nullptr),
m_byte_order(endian::InlHostByteOrder()), m_addr_size(sizeof(void *)), m_byte_order(endian::InlHostByteOrder()), m_addr_size(sizeof(void *)),
m_data_sp(), m_target_byte_size(1) {} m_data_sp(), m_target_byte_size(1) {}
//---------------------------------------------------------------------- //----------------------------------------------------------------------
// This constructor allows us to use data that is owned by someone else. // This constructor allows us to use data that is owned by someone else.
// The data must stay around as long as this object is valid. // The data must stay around as long as this object is valid.
▲ Show 20 LinesShow All 430 Lines▼ Show 20 Lines if (src) {
} }
// Return a non-nullptr pointer to the converted data as an indicator of // Return a non-nullptr pointer to the converted data as an indicator of
// success // success
return void_dst; return void_dst;
} }
return nullptr; return nullptr;
} }
//----------------------------------------------------------------------
// Extract a single integer value from the data and update the offset
// pointed to by "offset_ptr". The size of the extracted integer
// is specified by the "byte_size" argument. "byte_size" should have
// a value between 1 and 4 since the return value is only 32 bits
// wide. Any "byte_size" values less than 1 or greater than 4 will
// result in nothing being extracted, and zero being returned.
//
// RETURNS the integer value that was extracted, or zero on failure.
//----------------------------------------------------------------------
uint32_t DataExtractor::GetMaxU32(offset_t *offset_ptr, uint32_t DataExtractor::GetMaxU32(offset_t *offset_ptr,
size_t byte_size) const { size_t byte_size) const {
switch (byte_size) { lldbassert(byte_size > 0 && byte_size <= 4 && "GetMaxU32 invalid byte_size!");
case 1: return GetMaxU64(offset_ptr, byte_size);
jinghamUnsubmitted
Not Done
ReplyInline Actions

This is trivial, and you didn't change what was there, but this message makes it sound like this is just something we haven't gotten to yet. It's really "You passed in an illegal byte size"... Might be clearer if the message said that.

jingham: This is trivial, and you didn't change what was there, but this message makes it sound like…
petpav01AuthorUnsubmitted
Not Done
ReplyInline Actions

I was not sure what is the expected behaviour when the input byte_size exceeds the size of the return type of each of these GetMax...() methods. The current behaviour is to assert this situation but comments describing the methods (in both DataExtractor.cpp and DataExtractor.h) say that nothing should get extracted in these cases and zero is returned.

Maybe the patch should go a bit further and clean this up as follows:

  • Remove duplicated comments in DataExtractor.cpp for DataExtractor::GetMaxU32() and GetMaxU64() and keep only their Doxygen versions in DataExtractor.h.
  • Update comments in DataExtractor.h for DataExtractor::GetMaxU32(), GetMaxU64(), GetMaxS64(), GetMaxU64Bitfield() and GetMaxS64Bitfield() to match the current implementation.
  • Change assertion text in DataExtractor::GetMaxU32() and GetMaxU64() from "unhandled case" to "invalid byte size".

Does this sound reasonable?

petpav01: I was not sure what is the expected behaviour when the input `byte_size` exceeds the size of…
jinghamUnsubmitted
Not Done
ReplyInline Actions

The released versions of lldb - at least the ones Apple releases - have asserts disabled. This isn't unique to lldb, clang does the same thing.

I do my day-to-day debugging using a TOT build with asserts enabled, and we run the testsuite that way so the asserts catch errors at this stage. But for the general public, the function will behave as described. It would be great to remove the duplicated docs - that's just begging for one or the other to get out of date. But the descriptions are functionally correct. And then changing the text to "invalid byte size" also seems good to me.

jingham: The released versions of lldb - at least the ones Apple releases - have asserts disabled.
petpav01AuthorUnsubmitted
Not Done
ReplyInline Actions

To explain myself better, what I was thinking about is that e.g. GetMaxU64() should have part:

"\a byte_size should have a value greater than or equal to one and less than or equal to eight since the return value is 64 bits wide. Any \a byte_size values less than 1 or greater than 8 will result in nothing being extracted, and zero being returned."

changed to:

"\a byte_size must have a value greater than or equal to one and less than or equal to eight since the return value is 64 bits wide. The behaviour is undefined for any \a byte_size values less than 1 or greater than 8."

This way the comment provides information that does not depend on whether assertions are enabled or not. The behaviour for byte_size > 8 is said to be undefined in the updated description because it either results in an assertion failure or some undefined behaviour if asserts are disabled.

If the behaviour for byte_size > 4/8 with assertions disabled should actually be that these methods still return 0 and do not advance the offset then the patch has two bugs:

  • The general case added in GetMaxU64() is not correct. It returns an unexpected value for byte_size > 8 and advances the offset.
  • GetMaxU32() needs to have if (byte_size > 4) return 0; added before it calls GetMaxU64() to avoid the same problem for any byte_size > 4.

An additional thing is that the patch causes that byte_size == 0 is now fully valid and does not assert. This might not be the best idea given that the current descriptions say that byte_size values should be in interval [1, 4/8]. I will add the assertion for byte_size == 0 back in the updated patch so the changes affect/enable only byte_size in range [1, 4/8] (which are clear to be valid) and the zero corner case has its behaviour unchanged.

petpav01: To explain myself better, what I was thinking about is that e.g. `GetMaxU64()` should have part…
zturnerUnsubmitted
Not Done
ReplyInline Actions

Being pedantic, this *is* a functionality change. Previously, we would assert on a size of 3 or 0, with this change we will allow those cases through.

zturner: Being pedantic, this *is* a functionality change. Previously, we would assert on a size of 3…
clayborgUnsubmitted
Not Done
ReplyInline Actions

use lldbassert if the function will function correctly with the assert removed. I know the previous code was always asserting, but we should change it to use lldbassert to make sure we don't crash the debugger in release builds.

clayborg: use lldbassert if the function will function correctly with the assert removed. I know the…
return GetU8(offset_ptr);
break;
case 2:
return GetU16(offset_ptr);
break;
case 4:
return GetU32(offset_ptr);
break;
default:
assert(false && "GetMaxU32 unhandled case!");
break;
}
return 0;
} }
//---------------------------------------------------------------------- uint64_t DataExtractor::GetMaxU64(offset_t *offset_ptr,
// Extract a single integer value from the data and update the offset size_t byte_size) const {
// pointed to by "offset_ptr". The size of the extracted integer lldbassert(byte_size > 0 && byte_size <= 8 && "GetMaxU64 invalid byte_size!");
// is specified by the "byte_size" argument. "byte_size" should have switch (byte_size) {
// a value >= 1 and <= 8 since the return value is only 64 bits
// wide. Any "byte_size" values less than 1 or greater than 8 will
// result in nothing being extracted, and zero being returned.
//
// RETURNS the integer value that was extracted, or zero on failure.
//----------------------------------------------------------------------
uint64_t DataExtractor::GetMaxU64(offset_t *offset_ptr, size_t size) const {
switch (size) {
case 1: case 1:
return GetU8(offset_ptr); return GetU8(offset_ptr);
break;
case 2: case 2:
return GetU16(offset_ptr); return GetU16(offset_ptr);
break;
case 4: case 4:
return GetU32(offset_ptr); return GetU32(offset_ptr);
break;
case 8: case 8:
return GetU64(offset_ptr); return GetU64(offset_ptr);
break; default: {
default: // General case.
assert(false && "GetMax64 unhandled case!"); const uint8_t *data =
break; static_cast<const uint8_t *>(GetData(offset_ptr, byte_size));
if (data == nullptr)
return 0;
return ReadMaxInt64(data, byte_size, m_byte_order);
}
} }
return 0; return 0;
} }
uint64_t DataExtractor::GetMaxU64_unchecked(offset_t *offset_ptr, uint64_t DataExtractor::GetMaxU64_unchecked(offset_t *offset_ptr,
size_t size) const { size_t byte_size) const {
switch (size) { switch (byte_size) {
case 1: case 1:
return GetU8_unchecked(offset_ptr); return GetU8_unchecked(offset_ptr);
break;
case 2: case 2:
return GetU16_unchecked(offset_ptr); return GetU16_unchecked(offset_ptr);
break;
case 4: case 4:
return GetU32_unchecked(offset_ptr); return GetU32_unchecked(offset_ptr);
break;
case 8: case 8:
return GetU64_unchecked(offset_ptr); return GetU64_unchecked(offset_ptr);
break; default: {
default: uint64_t res = ReadMaxInt64(&m_start[*offset_ptr], byte_size, m_byte_order);
assert(false && "GetMax64 unhandled case!"); *offset_ptr += byte_size;
break; return res;
}
clayborgUnsubmitted
Not Done
ReplyInline Actions

Shouldn't we handle the 3, 5 and 7 sizes here too?

clayborg: Shouldn't we handle the 3, 5 and 7 sizes here too?
} }
return 0; return 0;
} }
int64_t DataExtractor::GetMaxS64(offset_t *offset_ptr, size_t size) const { int64_t DataExtractor::GetMaxS64(offset_t *offset_ptr, size_t byte_size) const {
switch (size) { uint64_t u64 = GetMaxU64(offset_ptr, byte_size);
case 1: return llvm::SignExtend64(u64, 8 * byte_size);
return (int8_t)GetU8(offset_ptr);
break;
case 2:
return (int16_t)GetU16(offset_ptr);
break;
case 4:
return (int32_t)GetU32(offset_ptr);
break;
case 8:
return (int64_t)GetU64(offset_ptr);
break;
default:
assert(false && "GetMax64 unhandled case!");
break;
}
return 0;
} }
uint64_t DataExtractor::GetMaxU64Bitfield(offset_t *offset_ptr, size_t size, uint64_t DataExtractor::GetMaxU64Bitfield(offset_t *offset_ptr, size_t size,
uint32_t bitfield_bit_size, uint32_t bitfield_bit_size,
uint32_t bitfield_bit_offset) const { uint32_t bitfield_bit_offset) const {
uint64_t uval64 = GetMaxU64(offset_ptr, size); uint64_t uval64 = GetMaxU64(offset_ptr, size);
if (bitfield_bit_size > 0) { if (bitfield_bit_size > 0) {
int32_t lsbcount = bitfield_bit_offset; int32_t lsbcount = bitfield_bit_offset;
▲ Show 20 LinesShow All 583 LinesShow Last 20 Lines

unittests/Core/DataExtractorTest.cpp

Show First 20 LinesShow All 43 Lines▼ Show 20 LinesTEST(DataExtractorTest, PeekData) {
EXPECT_EQ(buffer + 2, E.PeekData(2, 0)); EXPECT_EQ(buffer + 2, E.PeekData(2, 0));
EXPECT_EQ(buffer + 2, E.PeekData(2, 2)); EXPECT_EQ(buffer + 2, E.PeekData(2, 2));
EXPECT_EQ(nullptr, E.PeekData(2, 3)); EXPECT_EQ(nullptr, E.PeekData(2, 3));
EXPECT_EQ(buffer + 4, E.PeekData(4, 0)); EXPECT_EQ(buffer + 4, E.PeekData(4, 0));
EXPECT_EQ(nullptr, E.PeekData(4, 1)); EXPECT_EQ(nullptr, E.PeekData(4, 1));
} }
TEST(DataExtractorTest, GetMaxU64) {
uint8_t buffer[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
DataExtractor LE(buffer, sizeof(buffer), lldb::eByteOrderLittle,
sizeof(void *));
DataExtractor BE(buffer, sizeof(buffer), lldb::eByteOrderBig, sizeof(void *));
lldb::offset_t offset;
// Check with the minimum allowed byte size.
offset = 0;
EXPECT_EQ(0x01U, LE.GetMaxU64(&offset, 1));
EXPECT_EQ(1U, offset);
offset = 0;
EXPECT_EQ(0x01U, BE.GetMaxU64(&offset, 1));
EXPECT_EQ(1U, offset);
// Check with a non-zero offset.
offset = 1;
EXPECT_EQ(0x0302U, LE.GetMaxU64(&offset, 2));
EXPECT_EQ(3U, offset);
offset = 1;
EXPECT_EQ(0x0203U, BE.GetMaxU64(&offset, 2));
EXPECT_EQ(3U, offset);
// Check with the byte size not being a multiple of 2.
offset = 0;
EXPECT_EQ(0x07060504030201U, LE.GetMaxU64(&offset, 7));
EXPECT_EQ(7U, offset);
offset = 0;
EXPECT_EQ(0x01020304050607U, BE.GetMaxU64(&offset, 7));
EXPECT_EQ(7U, offset);
// Check with the maximum allowed byte size.
offset = 0;
EXPECT_EQ(0x0807060504030201U, LE.GetMaxU64(&offset, 8));
EXPECT_EQ(8U, offset);
offset = 0;
EXPECT_EQ(0x0102030405060708U, BE.GetMaxU64(&offset, 8));
EXPECT_EQ(8U, offset);
}
TEST(DataExtractorTest, GetMaxS64) {
uint8_t buffer[] = {0x01, 0x02, 0x83, 0x04, 0x05, 0x06, 0x07, 0x08};
DataExtractor LE(buffer, sizeof(buffer), lldb::eByteOrderLittle,
sizeof(void *));
DataExtractor BE(buffer, sizeof(buffer), lldb::eByteOrderBig, sizeof(void *));
lldb::offset_t offset;
// Check with the minimum allowed byte size.
offset = 0;
EXPECT_EQ(0x01, LE.GetMaxS64(&offset, 1));
EXPECT_EQ(1U, offset);
offset = 0;
EXPECT_EQ(0x01, BE.GetMaxS64(&offset, 1));
EXPECT_EQ(1U, offset);
// Check that sign extension works correctly.
offset = 0;
int64_t value = LE.GetMaxS64(&offset, 3);
EXPECT_EQ(0xffffffffff830201U, *reinterpret_cast<uint64_t *>(&value));
EXPECT_EQ(3U, offset);
offset = 2;
value = BE.GetMaxS64(&offset, 3);
EXPECT_EQ(0xffffffffff830405U, *reinterpret_cast<uint64_t *>(&value));
EXPECT_EQ(5U, offset);
// Check with the maximum allowed byte size.
offset = 0;
EXPECT_EQ(0x0807060504830201, LE.GetMaxS64(&offset, 8));
EXPECT_EQ(8U, offset);
offset = 0;
EXPECT_EQ(0x0102830405060708, BE.GetMaxS64(&offset, 8));
EXPECT_EQ(8U, offset);
}
TEST(DataExtractorTest, GetMaxU64_unchecked) {
uint8_t buffer[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
DataExtractor LE(buffer, sizeof(buffer), lldb::eByteOrderLittle,
sizeof(void *));
DataExtractor BE(buffer, sizeof(buffer), lldb::eByteOrderBig, sizeof(void *));
clayborgUnsubmitted
Not Done
ReplyInline Actions

add a test for the unchecked version here?

clayborg: add a test for the unchecked version here?
lldb::offset_t offset;
// Check with the minimum allowed byte size.
offset = 0;
EXPECT_EQ(0x01U, LE.GetMaxU64_unchecked(&offset, 1));
EXPECT_EQ(1U, offset);
offset = 0;
EXPECT_EQ(0x01U, BE.GetMaxU64_unchecked(&offset, 1));
EXPECT_EQ(1U, offset);
// Check with a non-zero offset.
offset = 1;
EXPECT_EQ(0x0302U, LE.GetMaxU64_unchecked(&offset, 2));
EXPECT_EQ(3U, offset);
offset = 1;
EXPECT_EQ(0x0203U, BE.GetMaxU64_unchecked(&offset, 2));
EXPECT_EQ(3U, offset);
// Check with the byte size not being a multiple of 2.
offset = 0;
EXPECT_EQ(0x07060504030201U, LE.GetMaxU64_unchecked(&offset, 7));
EXPECT_EQ(7U, offset);
offset = 0;
EXPECT_EQ(0x01020304050607U, BE.GetMaxU64_unchecked(&offset, 7));
EXPECT_EQ(7U, offset);
// Check with the maximum allowed byte size.
offset = 0;
EXPECT_EQ(0x0807060504030201U, LE.GetMaxU64_unchecked(&offset, 8));
EXPECT_EQ(8U, offset);
offset = 0;
EXPECT_EQ(0x0102030405060708U, BE.GetMaxU64_unchecked(&offset, 8));
EXPECT_EQ(8U, offset);
}