bpo-32962: Fix test_gdb failure in debug build with -mcet -fcf-protection -O0 (GH-9656)

When Python is built with the intel control-flow protection flags, -mcet -fcf-protection, gdb is not able to read the stack without actually jumping inside the function. This means an extra 'next' command is required to make the $pc (program counter) enter the function and make the stack of the function exposed to gdb. Co-Authored-By: Marcel Plch <gmarcel.plch@gmail.com> (cherry picked from commit 9b7c74ca32)
2018-10-09 16:54:04 +02:00 · 2018-10-09 16:54:04 +02:00 · 79d21331e6
parent 7b31397180
commit 79d21331e6
2 changed files with 33 additions and 1 deletions
--- a/Lib/test/test_gdb.py
+++ b/Lib/test/test_gdb.py
@ -54,6 +54,23 @@ checkout_hook_path = os.path.join(os.path.dirname(sys.executable),

 PYTHONHASHSEED = '123'

+
+def cet_protection():
+    cflags = sysconfig.get_config_var('CFLAGS')
+    if not cflags:
+        return False
+    flags = cflags.split()
+    # True if "-mcet -fcf-protection" options are found, but false
+    # if "-fcf-protection=none" or "-fcf-protection=return" is found.
+    return (('-mcet' in flags)
+            and any((flag.startswith('-fcf-protection')
+                     and not flag.endswith(("=none", "=return")))
+                    for flag in flags))
+
+# Control-flow enforcement technology
+CET_PROTECTION = cet_protection()
+
+
 def run_gdb(*args, **env_vars):
    """Runs gdb in --batch mode with the additional arguments given by *args.

@ -162,6 +179,12 @@ class DebuggerTests(unittest.TestCase):
            commands += ['set print entry-values no']

        if cmds_after_breakpoint:
+            if CET_PROTECTION:
+                # bpo-32962: When Python is compiled with -mcet
+                # -fcf-protection, function arguments are unusable before
+                # running the first instruction of the function entry point.
+                # The 'next' command makes the required first step.
+                commands += ['next']
            commands += cmds_after_breakpoint
        else:
            commands += ['backtrace']
@ -869,9 +892,17 @@ id(42)
            id("first break point")
            l = MyList()
        ''')
+        cmds_after_breakpoint = ['break wrapper_call', 'continue']
+        if CET_PROTECTION:
+            # bpo-32962: same case as in get_stack_trace():
+            # we need an additional 'next' command in order to read
+            # arguments of the innermost function of the call stack.
+            cmds_after_breakpoint.append('next')
+        cmds_after_breakpoint.append('py-bt')
+
        # Verify with "py-bt":
        gdb_output = self.get_stack_trace(cmd,
-                                          cmds_after_breakpoint=['break wrapper_call', 'continue', 'py-bt'])
+                                          cmds_after_breakpoint=cmds_after_breakpoint)
        self.assertRegex(gdb_output,
                         r"<method-wrapper u?'__init__' of MyList object at ")

--- a/Misc/NEWS.d/next/Tests/2018-05-10-16-59-15.bpo-32962.S-rcIN.rst
+++ b/Misc/NEWS.d/next/Tests/2018-05-10-16-59-15.bpo-32962.S-rcIN.rst
@ -0,0 +1 @@
+Fixed test_gdb when Python is compiled with flags -mcet -fcf-protection -O0.
				`@ -0,0 +1 @@`
				`Fixed test_gdb when Python is compiled with flags -mcet -fcf-protection -O0.`