[Bug gdb/26863] New: GDB crash when opening PowerPC core on x86-64 machine

[Bug gdb/26863] New: GDB crash when opening PowerPC core on x86-64 machine

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=26863

            Bug ID: 26863
           Summary: GDB crash when opening PowerPC core on x86-64 machine
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: simark at simark dot ca
  Target Milestone: ---

Created attachment 12950
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12950&action=edit
Executable + core

I generated a core on a PowerPC machine (gcc203), moved it to my local
development machine, and I see this crash using the attached files:

$ ./gdb -q -nx --data-directory=data-directory repro/var-access
repro/core.3710702
Reading symbols from repro/var-access...

warning: Can't open file
/home/simark/build/binutils-gdb/gdb/testsuite/outputs/gdb.dwarf2/var-access/var-access
during file-backed mapping note processing

warning: Can't open file /lib/powerpc64-linux-gnu/libc-2.31.so during
file-backed mapping note processing

warning: Can't open file /lib/powerpc64-linux-gnu/ld-2.31.so during file-backed
mapping note processing

warning: core file may not match specified executable file.
[New LWP 3710702]

warning: Could not load shared library symbols for 2 libraries, e.g.
/lib/powerpc64-linux-gnu/libc.so.6.
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
Core was generated by
`/home/simark/build/binutils-gdb/gdb/testsuite/outputs/gdb.dwarf2/var-access/var-'.
Program terminated with signal SIGTRAP, Trace/breakpoint trap.
/home/simark/src/binutils-gdb/gdb/solib.c:1116:36: runtime error: reference
binding to null pointer of type 'struct vector'

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/26863] GDB crash when opening PowerPC core on x86-64 machine

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=26863

--- Comment #1 from Simon Marchi <simark at simark dot ca> ---
This started to fail at commit bb2a67773c5e06545c39a6373be720c7d3d9eeb5        
                                                                               
                                                           ("Use a std::vector
in target_section_table").

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/26863] GDB crash when opening PowerPC core on x86-64 machine

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=26863

--- Comment #2 from Simon Marchi <simark at simark dot ca> ---
The backtrace is the following:

(top-gdb) bt
#0  __sanitizer::internal__exit (exitcode=1) at
/build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_linux.cpp:431
#1  0x00007f9cee1f6c79 in __sanitizer::Die () at
/build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_flags.h:38
#2  0x00007f9cee1da1f7 in __ubsan::__ubsan_handle_type_mismatch_v1_abort
(Data=<optimized out>, Pointer=<optimized out>) at
/build/gcc/src/gcc/libsanitizer/ubsan/ubsan_handlers.cpp:105
#3  0x00005592534e60b1 in solib_contains_address_p (solib=0x6190000ba980,
address=0x100000940) at /home/simark/src/binutils-gdb/gdb/solib.c:1116
#4  0x00005592534e652f in solib_name_from_address (pspace=0x61200001e1c0,
address=0x100000940) at /home/simark/src/binutils-gdb/gdb/solib.c:1140
#5  0x00005592535c4f4e in print_frame (fp_opts=..., frame=0x6210001c71e0,
print_level=1, print_what=SRC_AND_LOC, print_args=1, sal=...) at
/home/simark/src/binutils-gdb/gdb/stack.c:1433
#6  0x00005592535c1cde in print_frame_info (fp_opts=..., frame=0x6210001c71e0,
print_level=1, print_what=SRC_AND_LOC, print_args=1, set_current_sal=1) at
/home/simark/src/binutils-gdb/gdb/stack.c:1119
#7  0x00005592535b93ee in print_stack_frame (frame=0x6210001c71e0,
print_level=1, print_what=SRC_AND_LOC, set_current_sal=1) at
/home/simark/src/binutils-gdb/gdb/stack.c:366
#8  0x0000559251cd70dc in core_target_open (arg=0x6030000cb710
"~/repro/core.3710702", from_tty=1) at
/home/simark/src/binutils-gdb/gdb/corelow.c:563
#9  0x0000559251cd5b5c in core_file_command (filename=0x6030000cb710
"~/repro/core.3710702", from_tty=1) at
/home/simark/src/binutils-gdb/gdb/corelow.c:376

The solib variable is:

(top-gdb) p *solib
$2 = {
  next = 0x6190000bae80,
  lm_info = 0x606000099620,
  so_original_name = "/lib/powerpc64-linux-gnu/libc.so.6", '\000' <repeats 477
times>,
  so_name = "/lib/powerpc64-linux-gnu/libc.so.6", '\000' <repeats 477 times>,
  pspace = 0x61200001e1c0,
  abfd = 0x0,
  symbols_loaded = 0 '\000',
  objfile = 0x0,
  sections = 0x0,
  addr_low = 0x0,
  addr_high = 0x0
}

I don't have the shared libraries of the target, so it's expected that GDB
hasn't opened it.  So it's probably expected that it didn't create any sections
in the `sections` vector.

The previous code probably handled the `sections == NULL` case properly, in
which case we can just do this change:

diff --git a/gdb/solib.c b/gdb/solib.c
index b4864429e9aa..28f6a4ecbfbc 100644
--- a/gdb/solib.c
+++ b/gdb/solib.c
@@ -1113,6 +1113,9 @@ bool
 solib_contains_address_p (const struct so_list *const solib,
                          CORE_ADDR address)
 {
+  if (solib->sections == nullptr)
+    return false;
+
   for (target_section &p : *solib->sections)
     if (p.addr <= address && address < p.endaddr)
       return true;


But we need to make sure that this doesn't just paper over another problem.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/26863] GDB crash when opening PowerPC core on x86-64 machine

[tromey at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=26863

Tom Tromey <tromey at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tromey at sourceware dot org

--- Comment #3 from Tom Tromey <tromey at sourceware dot org> ---
It's difficult to know if this papers over anything.

The old code probably just worked by mistake:

-  struct target_section *p;
-
-  for (p = solib->sections; p < solib->sections_end; p++)
-    if (p->addr <= address && address < p->endaddr)

The loop will presumably not run because both pointers are null.

Tom de Vries checked in the null check a while back.

commit 76547ab31b16b521e29892cab5a29b60b52291a5
Author: Tom de Vries <tdevries@suse.de>
Date:   Wed Oct 14 12:24:42 2020 +0200

    [gdb] Fix segfault in solib_contains_address_p

So maybe this is just a dup of PR 26733.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/26863] GDB crash when opening PowerPC core on x86-64 machine

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=26863

Simon Marchi <simark at simark dot ca> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #4 from Simon Marchi <simark at simark dot ca> ---
Ah you're right, it's most certainly that.  I am testing a patch series that is
based on a older revision (that doesn't include Tom de Vries' fix), my mistake.

-- 
You are receiving this mail because:
You are on the CC list for the bug.