public inbox for gdb-prs@sourceware.org help / color / mirror / Atom feed
From: "sanjoy at playingwithpointers dot com" <sourceware-bugzilla@sourceware.org> To: gdb-prs@sourceware.org Subject: [Bug backtrace/14550] New: Loading a custom JIT reader plugin crashes GDB during backtrace Date: Thu, 06 Sep 2012 09:29:00 -0000 [thread overview] Message-ID: <bug-14550-4717@http.sourceware.org/bugzilla/> (raw) http://sourceware.org/bugzilla/show_bug.cgi?id=14550 Bug #: 14550 Summary: Loading a custom JIT reader plugin crashes GDB during backtrace Product: gdb Version: unknown Status: NEW Severity: normal Priority: P2 Component: backtrace AssignedTo: sanjoy@playingwithpointers.com ReportedBy: sanjoy@playingwithpointers.com Classification: Unclassified Sample code (from Michael Haupt <michael.haupt@oracle.com> with minor modifications): To crash GDB, jit-reader-load myreader.c and break inside the `func` function in jithost.c myreader.c: #include "gdb/jit-reader.h" GDB_DECLARE_GPL_COMPATIBLE_READER; static enum gdb_status read_debug_info(struct gdb_reader_funcs* self, struct gdb_symbol_callbacks* cbs, void* memory, long memory_sz) { GDB_CORE_ADDR* buf = (GDB_CORE_ADDR*) memory; GDB_CORE_ADDR start = buf[0]; GDB_CORE_ADDR end = buf[1]; struct gdb_object* object = cbs->object_open(cbs); struct gdb_symtab* symtab = cbs->symtab_open(cbs, object, ""); struct gdb_block* block = cbs->block_open(cbs, symtab, NULL, start, end, "fluffy"); cbs->symtab_close(cbs, symtab); cbs->object_close(cbs, object); return GDB_SUCCESS; } enum gdb_status unwind_frame(struct gdb_reader_funcs* self, struct gdb_unwind_callbacks* cbs) { return GDB_SUCCESS; } struct gdb_frame_id get_frame_id(struct gdb_reader_funcs* self, struct gdb_unwind_callbacks* cbs) { struct gdb_frame_id frame = { 0x602000, 0 }; return frame; } void destroy_reader(struct gdb_reader_funcs* self) { } extern struct gdb_reader_funcs* gdb_init_reader(void) { static struct gdb_reader_funcs funcs = { GDB_READER_INTERFACE_VERSION, NULL, read_debug_info, unwind_frame, get_frame_id, destroy_reader }; return &funcs; } jithost.c: #include <stdio.h> #include <sys/mman.h> #include "gdb/jit-reader.h" #include "defs.h" #include "jit.h" struct jit_descriptor __jit_debug_descriptor = { 1, 0, 0, 0 }; struct jit_code_entry entry = { 0, 0, 0, 0 }; typedef void (*func)(); void __attribute__((noinline)) __jit_debug_register_code() { __asm(""); } #define SIZE 4096 int main(int argc, char** argv) { char* code = (char*) valloc(SIZE); GDB_CORE_ADDR* buffer = (GDB_CORE_ADDR*) valloc(SIZE); fprintf(stderr, "buffer at %p, code at %p\n", buffer, code); if (0 != mprotect(code, SIZE, PROT_WRITE | PROT_READ | PROT_EXEC)) { perror(NULL); exit(3); } code[0] = 0xc3; // RET buffer[0] = (GDB_CORE_ADDR) code; // store code address in buffer buffer[1] = (GDB_CORE_ADDR) (code + 1); // and the end of the generated "function" entry.symfile_addr = (GDB_CORE_ADDR) buffer; entry.symfile_size = SIZE; __jit_debug_descriptor.first_entry = __jit_debug_descriptor.relevant_entry = (GDB_CORE_ADDR) &entry; __jit_debug_descriptor.action_flag = JIT_REGISTER; __jit_debug_descriptor.version = 1; __jit_debug_register_code(); (((func)(code)))(); return 0; } -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
next reply other threads:[~2012-09-06 9:29 UTC|newest] Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2012-09-06 9:29 sanjoy at playingwithpointers dot com [this message] 2012-09-06 9:30 ` [Bug backtrace/14550] " sanjoy at playingwithpointers dot com 2013-01-17 14:11 ` cvs-commit at gcc dot gnu.org 2013-02-01 20:41 ` tromey at redhat dot com
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-14550-4717@http.sourceware.org/bugzilla/ \ --to=sourceware-bugzilla@sourceware.org \ --cc=gdb-prs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).