Fix mismatch 'rz_cons_break_push' and 'rz_cons_break_pop' calls. #4289
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If a function calls 'rz_cons_break_push()' but never calls 'rz_cons_break_pop()' before return, the stack count of 'RzConsContext->break_stack' contains too many elements (each time one too much). This in turn will lead to not resetting 'RzConsContext->breaked' flag. Because the flag is only set to false, if 'rz_stack_is_empty(context->break_stack) == true' (in 'rz_cons_context_break_push()'). This wasn't a problem so far, because 'RzConsContext->breaked' is simply never set to true (exceptions are some timeout cases as far as I can see). Also these cases when 'rz_cons_break_pop()' was forgetten to be called, were edge error cases. So not often hit. But if Rizin is usd by Cutter 'RzConsContext->breaked' is set to 'true', if an `AnalysisTask` interrupt is handled (in 'AnalysisTask::interrupt()'). This interrupt is triggered for example, when the introduction dialog is closed and the main Cutter window opens (after the optional 'aaa'). Now, if the binary file was analysed with 'aaa', and a lot of error cases were hit, those error cases sometimes never called 'rz_cons_break_pop()' before returning from their function. Although, of course, they should have to the `RzConsContext->break_stack` is in a proper state. This means, when the main Cutter window opens binary files which trigger many error edge cases, the `RzConsContext->break_stack` is not empty (because of the not executed 'rz_cons_break_pop()'). This also means, that the last thing done, was setting 'RzConsContext->breaked = true' (by 'AnalysisTask::interrupt()'). If Cutter wants to show some disassembly, it calls 'rz_core_print_disasm()' which checks 'RzConsContext == false' via 'rz_cons_is_breaked()'. This condition is never true, because the flag was not reset to `false` because the stack was never empty. So it returns before anything was disassembled. Hence Cutter gets no disassembly text. Fixes rizinorg/cutter#2552 Fixes rizinorg/cutter#3275
Rot127
requested review from
yossizap,
wargio,
thestr4ng3r,
XVilka,
kazarmy and
ret2libc
as code owners
XVilka
approved these changes
Feb 23, 2024
|
Long-term though, we should think how to avoid this kind of situation, since "counting" RzCons breaks every time isn't sustainable, especially if we are going to make analysis multithreaded. |
wargio
approved these changes
Feb 23, 2024
|
The good thing is though, that the push and pops where always contained in a single function. So if we have RzCons properly implemented with mutexes or even can synchronize it somehow over different analysis tasks, it would work. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Your checklist for this pull request
Detailed description
If a function calls
rz_cons_break_push()but never callsrz_cons_break_pop()before return, the stack count ofRzConsContext->break_stackcontains too many elements (each time one too much).This in turn will lead to not resetting
RzConsContext->breakedflag. Because the flag is only set to false, ifrz_stack_is_empty(context->break_stack) == true(inrz_cons_context_break_push()).This wasn't a problem so far, because
RzConsContext->breakedis simply never set to true (exceptions are some timeout cases as far as I can see). Also these cases whenrz_cons_break_pop()was forgotten to be called, were edge error cases. So not often hit.But if Rizin is usd by Cutter
RzConsContext->breakedis set totrue, if anAnalysisTaskinterrupt is handled (inAnalysisTask::interrupt()). This interrupt is triggered for example, when the introduction dialog is closed and the main Cutter window opens (after the optionalaaa).Now, if the binary file was analysed with
aaa, and a lot of error cases were hit, those error cases sometimes never calledrz_cons_break_pop()before returning from their function. Although, of course, they should have to theRzConsContext->break_stackis in a proper state.This means, when the main Cutter window opens binary files which trigger many error edge cases, the
RzConsContext->break_stackis not empty(because of the not executed
rz_cons_break_pop()).This also means, that the last thing done, was setting
RzConsContext->breaked = true(byAnalysisTask::interrupt()).If Cutter wants to show some disassembly, it calls
rz_core_print_disasm()which checksRzConsContext == falseviarz_cons_is_breaked(). This condition is never true, because the flag was not reset tofalsebecause the stack was never empty. So it returns before anything was disassembled.Hence Cutter gets no disassembly text.
Test plan
All green
Closing issues
Fixes rizinorg/cutter#2552
Fixes rizinorg/cutter#3275
It should at least.