[Bug gdb/16822] New: Segmentation fault on add-symbol-file

[Bug gdb/16822] New: Segmentation fault on add-symbol-file

[ubrindis at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

            Bug ID: 16822
           Summary: Segmentation fault on add-symbol-file
           Product: gdb
           Version: 7.7
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: ubrindis at ti dot com

Using GDB version 7.7 compiled with --host=arm-linux-gnueabi and
--target=tic6x-ti-elf there is a segmentation fault when attempting to add a
symbol file generated by TI C6x compiler version 7.4.4. I did not notice the
segmentation fault in GDB version 7.2.

Debugging into GDB a bit I notice that the seg fault comes from dwarf2read.c.
On line 8464 the function dwarf2_attr returns a non-null but unusable attr. I
have searched through my symbol file and I notice that for the specific DIE,
there is no DW_AT_MIPS_linkage_name specified. I suspect that the null
detecting condition needs reworking (line 8472 in dwarf2read.c). This then
causes gdb_demangled to be called with a bad argument. I am not exactly sure
how to fix this issue, so I am posting it here.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[ubrindis at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Ulises Brindis <ubrindis at ti dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Segmentation fault on       |Segmentation fault on
                   |add-symbol-file             |add-symbol-file command

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[qiyao at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Yao Qi <qiyao at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |qiyao at gcc dot gnu.org

--- Comment #1 from Yao Qi <qiyao at gcc dot gnu.org> ---
(In reply to Ulises Brindis from comment #0)
> Using GDB version 7.7 compiled with --host=arm-linux-gnueabi and
> --target=tic6x-ti-elf there is a segmentation fault when attempting to add a
> symbol file generated by TI C6x compiler version 7.4.4. I did not notice the
> segmentation fault in GDB version 7.2.

tic6x-*-* target was added in FSF GDB 7.4.  GDB 7.2 with tic6x target shouldn't
be an official FSF release.

> 
> Debugging into GDB a bit I notice that the seg fault comes from
> dwarf2read.c. On line 8464 the function dwarf2_attr returns a non-null but
> unusable attr. I have searched through my symbol file and I notice that for
> the specific DIE, there is no DW_AT_MIPS_linkage_name specified. I suspect
> that the null detecting condition needs reworking (line 8472 in
> dwarf2read.c). This then causes gdb_demangled to be called with a bad
> argument. I am not exactly sure how to fix this issue, so I am posting it
> here.

We need a reproducer to see the root cause of this problem.  It may be a GDB
problem or a compiler problem.  If possible, please attach a small executable
to cause GDB segmentation fault, and list your steps.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[ubrindis at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

--- Comment #2 from Ulises Brindis <ubrindis at ti dot com> ---
Created attachment 7542
  --> https://sourceware.org/bugzilla/attachment.cgi?id=7542&action=edit
Executable that causes gdb to crash

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[ubrindis at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

--- Comment #3 from Ulises Brindis <ubrindis at ti dot com> ---
Yao,

Thanks for the quick response. I am attaching an executable that causes a
segmentation fault. I have been able to reproduce this using any version of
GDB, so it does not have to be the tic6x compiled version.

Steps to reproduce - 
run gdb
add-symbol-file GDBseg.out 0x800000
b funcCall

After attempting to set a breakpoint at the symbol funcCall, gdb will crash. I
am also looking into the compiler for possible issues with dwarf parsing.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[keiths at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Keith Seitz <keiths at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |keiths at redhat dot com

--- Comment #4 from Keith Seitz <keiths at redhat dot com> ---
[reproduced on x86_64-linux/Fedora 20 with --target=tick6x-ti-elf]

GDB is crashing in dwarf2_physname on DW_AT_MIPS_linkage_name. This DIE is at
offset 0x144a:

 [  144a]    subprogram
             sibling              (ref4) [  14b8]
             name                 (string) "funcCall"
             low_pc               (addr) 0x000086c0 <funcCall>
             high_pc              (addr) 0x000086d0 <myTask>
             decl_column          (data1) 5
             decl_file            (data1) 1
             decl_line            (data1) 10
             external             (flag) Yes
             type                 (ref_addr) [  1fc7]
             MIPS_fde             (string) "funcCall"
             MIPS_tail_loop_begin (string) "../main.c"
             MIPS_epilog_begin    (data1) 10
             MIPS_loop_unroll_factor (data1) 5
             MIPS_software_pipeline_depth (string) "../main.c"
             MIPS_linkage_name    (data1) 13
             MIPS_stride          (data1) 1
             lo_user+0x14         (data1) 8

DW_AT_MIPS_linkage_name does not have a valid type. It should be a
NULL-terminated string of some sort.

Nonetheless, gdb should be able to recover gracefully from this situation. Here
is an unofficial patch/hack to reroute dwarf2_physname to using the computed
physname instead of the linkage name for this case:

---
diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
index 64f7383..c7f94fd 100644
--- a/gdb/dwarf2read.c
+++ b/gdb/dwarf2read.c
@@ -8517,7 +8517,10 @@ dwarf2_physname (const char *name, struct die_info *die,
struct dwarf2_cu *cu)

   /* DW_AT_linkage_name is missing in some cases - depend on what GDB
      has computed.  */
-  if (attr && DW_STRING (attr))
+  if (attr
+      && (attr->form == DW_FORM_strp || attr->form == DW_FORM_string
+      || attr->form == DW_FORM_GNU_strp_alt)
+      && DW_STRING (attr))
     {
       char *demangled;

---

This should prevent the sefault and get you going again until an official patch
is committed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[ubrindis at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

--- Comment #5 from Ulises Brindis <ubrindis at ti dot com> ---
(In reply to Keith Seitz from comment #4)
I added the patch and everything seems to be working on my end. Thanks Keith.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[c-addison at ti dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Cody Addison <c-addison at ti dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |c-addison at ti dot com

--- Comment #6 from Cody Addison <c-addison at ti dot com> ---
The issue here is not that the TI C6x object file is using the type for
DW_AT_MIPS_linkage_name. The TI C6x object file has TI DWARF extensions that
have the same ID as the MIPS extensions. I think that these attributes should
be treated as unknown unless the object file is a MIPS object file.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[thangaraj.ponnusamy at in dot bosch.com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Thangaraj <thangaraj.ponnusamy at in dot bosch.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |thangaraj.ponnusamy at in dot bosc
                   |                            |h.com

--- Comment #7 from Thangaraj <thangaraj.ponnusamy at in dot bosch.com> ---
Hi,

When this patch will be merged with main release or branch?

Or can we get the executable with the patch applied ?


Regards,
Thangaraj.P

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[kleiber.tamas at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

kleiber.tamas at gmail dot com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kleiber.tamas at gmail dot com

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[thangaraj.ponnusamy at in dot bosch.com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

--- Comment #8 from Thangaraj <thangaraj.ponnusamy at in dot bosch.com> ---
Hi,
could you please update for my request?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[tony.liu at arm dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Tony Liu <tony.liu at arm dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tony.liu at arm dot com

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/16822] Segmentation fault on add-symbol-file command

[kevinb at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=16822

Kevin Buettner <kevinb at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |kevinb at redhat dot com
         Resolution|---                         |FIXED

--- Comment #9 from Kevin Buettner <kevinb at redhat dot com> ---
This bug is fixed now. See:

https://sourceware.org/ml/gdb-patches/2015-08/msg00526.html

Kevin

-- 
You are receiving this mail because:
You are on the CC list for the bug.