public inbox for gdb-prs@sourceware.org help / color / mirror / Atom feed
* [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields
@ 2015-09-07 1:41 anton_nix at mail dot ru
2015-09-07 1:45 ` [Bug gdb/18929] " anton_nix at mail dot ru
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: anton_nix at mail dot ru @ 2015-09-07 1:41 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=18929
Bug ID: 18929
Summary: NULL deref on throw in cp_print_value_fields
Product: gdb
Version: 7.10
Status: NEW
Severity: normal
Priority: P2
Component: gdb
Assignee: unassigned at sourceware dot org
Reporter: anton_nix at mail dot ru
Target Milestone: ---
Created attachment 8583
--> https://sourceware.org/bugzilla/attachment.cgi?id=8583&action=edit
Patch
I think i found a bug
gdb-7.10/gdb/cp-valprint.c:316
struct value *v = NULL;
TRY { v = value_static_field (type, i); }
CATCH ...
END_CATCH
cp_print_static_field (TYPE_FIELD_TYPE (type, i),
v, stream, recurse + 1,
options);
Assume that throw happend in value_static_field, then "v" would still
be NULL, but cp_print_static_field expects "v" to be non-zero. This
situation would lead to SEGFAULT
Propose to place "v" and cp_print_static_field call into TRY block
Digging in git history, I found out that, if v == NULL before
cp_print_static_field call, then val_print_optimized_out happend
(commit 686d4defdf4a343d4b700b8b544cd40c4f16b0d1). But in my case
variable was not optimized out, and value_static_field throws.
P.S.: I was debugging remote linux application from windows host.
Patch to 7.10 attached
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread* [Bug gdb/18929] NULL deref on throw in cp_print_value_fields 2015-09-07 1:41 [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields anton_nix at mail dot ru @ 2015-09-07 1:45 ` anton_nix at mail dot ru 2015-09-07 1:51 ` anton_nix at mail dot ru 2015-10-02 7:07 ` matteo.settenvini at yatta dot de 2 siblings, 0 replies; 4+ messages in thread From: anton_nix at mail dot ru @ 2015-09-07 1:45 UTC (permalink / raw) To: gdb-prs https://sourceware.org/bugzilla/show_bug.cgi?id=18929 Anton Mamontov <anton_nix at mail dot ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Target| |x86_64-linux-gnu Host| |x86_64-w64-mingw32 Build| |x86_64-w64-mingw32 -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug gdb/18929] NULL deref on throw in cp_print_value_fields 2015-09-07 1:41 [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields anton_nix at mail dot ru 2015-09-07 1:45 ` [Bug gdb/18929] " anton_nix at mail dot ru @ 2015-09-07 1:51 ` anton_nix at mail dot ru 2015-10-02 7:07 ` matteo.settenvini at yatta dot de 2 siblings, 0 replies; 4+ messages in thread From: anton_nix at mail dot ru @ 2015-09-07 1:51 UTC (permalink / raw) To: gdb-prs https://sourceware.org/bugzilla/show_bug.cgi?id=18929 Anton Mamontov <anton_nix at mail dot ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #8583|0 |1 is obsolete| | --- Comment #1 from Anton Mamontov <anton_nix at mail dot ru> --- Created attachment 8584 --> https://sourceware.org/bugzilla/attachment.cgi?id=8584&action=edit PatchFixed -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug gdb/18929] NULL deref on throw in cp_print_value_fields 2015-09-07 1:41 [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields anton_nix at mail dot ru 2015-09-07 1:45 ` [Bug gdb/18929] " anton_nix at mail dot ru 2015-09-07 1:51 ` anton_nix at mail dot ru @ 2015-10-02 7:07 ` matteo.settenvini at yatta dot de 2 siblings, 0 replies; 4+ messages in thread From: matteo.settenvini at yatta dot de @ 2015-10-02 7:07 UTC (permalink / raw) To: gdb-prs https://sourceware.org/bugzilla/show_bug.cgi?id=18929 Matteo Settenvini <matteo.settenvini at yatta dot de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |matteo.settenvini at yatta dot de --- Comment #2 from Matteo Settenvini <matteo.settenvini at yatta dot de> --- Confirming. I independently reached the same conclusion after seeing gdb segfaulting reproducibly when printing values from a binary compiled with -fvisibility=hidden. I was going to submit exactly the same patch, so I would be glad if this fix could be included in next gdb's release. Without it, gdb crashes almost in every session, especially when using it in concert with an IDE which attempts to print all local variables. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-10-02 7:07 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2015-09-07 1:41 [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields anton_nix at mail dot ru 2015-09-07 1:45 ` [Bug gdb/18929] " anton_nix at mail dot ru 2015-09-07 1:51 ` anton_nix at mail dot ru 2015-10-02 7:07 ` matteo.settenvini at yatta dot de
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).