[Bug breakpoints/27313] New: Segfault in insert_catch_syscall

[Bug breakpoints/27313] New: Segfault in insert_catch_syscall

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27313

            Bug ID: 27313
           Summary: Segfault in insert_catch_syscall
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: breakpoints
          Assignee: unassigned at sourceware dot org
          Reporter: vries at gcc dot gnu.org
  Target Milestone: ---

I did a testsuite run with target board fission-dwp and this patch:
...
diff --git a/gdb/contrib/cc-with-tweaks.sh b/gdb/contrib/cc-with-tweaks.sh
index 2eda76a89c2..f097c70a265 100755
--- a/gdb/contrib/cc-with-tweaks.sh
+++ b/gdb/contrib/cc-with-tweaks.sh
@@ -230,7 +230,7 @@ if [ "$want_dwp" = true ]; then
        $DWP -o "${output_file}.dwp" ${dwo_files} > /dev/null
        rc=$?
        [ $rc != 0 ] && exit $rc
-       rm -f ${dwo_files}
+       rm -f ${dwo_files} ${output_file}.dwp
     fi
 fi

...
to test behaviour of gdb when it cannot find the debug info package.

I ran into this:
...
ERROR: GDB process no longer exists
GDB process exited with wait status 31362 exp9 0 0 CHILDKILLED SIGABRT SIGABRT
UNRESOLVED: gdb.base/catch-syscall.exp: with args noxml: program has called -1
...
which is reproducible on the command line like this:
...
$ gdb -batch outputs/gdb.base/catch-syscall/catch-syscall  -ex start -ex "catch
syscall -1" -ex continue

warning: Could not find DWO CU
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.base/catch-syscall/catch-syscall0.dwo(0x3879e0cb34736ded)
referenced by CU at offset 0xc7 [in module
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.base/catch-syscall/catch-syscall]
Temporary breakpoint 1 at 0x4007e6: file
/home/vries/gdb_versions/devel/src/gdb/testsuite/gdb.base/catch-syscall.c, line
49.

Temporary breakpoint 1, main () at
/home/vries/gdb_versions/devel/src/gdb/testsuite/gdb.base/catch-syscall.c:49
49              char buf1[2] = "a";
Catchpoint 2 (syscall -1)
Aborted (core dumped)
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug breakpoints/27313] Segfault in insert_catch_syscall

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27313

--- Comment #1 from Tom de Vries <vries at gcc dot gnu.org> ---
In more detail:
...
Thread 1 "gdb" received signal SIGSEGV, Segmentation fault.
0x00000000004ce250 in insert_catch_syscall (bl=0x2133960)
    at /home/vries/gdb_versions/devel/src/gdb/break-catch-syscall.c:98
98                ++inf_data->syscalls_counts[iter];
...
and the segfault happens because:
...
(gdb) p iter
$1 = -1
(gdb) p inf_data->syscalls_counts
$2 = std::vector of length 0, capacity 0
...

Tentative patch:
...
diff --git a/gdb/break-catch-syscall.c b/gdb/break-catch-syscall.c
index 9772ac01497..7335377f899 100644
--- a/gdb/break-catch-syscall.c
+++ b/gdb/break-catch-syscall.c
@@ -390,6 +390,8 @@ catch_syscall_split_args (const char *arg)
       syscall_number = (int) strtol (cur_name, &endptr, 0);
       if (*endptr == '\0')
        {
+         if (syscall_number < 0)
+           error (_("Unknown syscall number '%d'."), syscall_number);
          get_syscall_by_number (gdbarch, syscall_number, &s);
          result.push_back (s.number);
        }
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug breakpoints/27313] Segfault in insert_catch_syscall

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27313

--- Comment #2 from Tom de Vries <vries at gcc dot gnu.org> ---
https://sourceware.org/pipermail/gdb-patches/2021-February/175691.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug breakpoints/27313] Segfault in insert_catch_syscall

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27313

--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Tom de Vries <vries@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0e857c82883cff04ccc8868762c78b0e94ccde91

commit 0e857c82883cff04ccc8868762c78b0e94ccde91
Author: Tom de Vries <tdevries@suse.de>
Date:   Fri Feb 5 17:47:07 2021 +0100

    [gdb/breakpoints] Fix segfault for catch syscall -1

    Using a hello world a.out, I run into a segfault:
    ...
    $ gcc hello.c
    $ gdb -batch a.out -ex "catch syscall -1" -ex r
    Catchpoint 1 (syscall -1)
    Aborted (core dumped)
    ...

    Fix this by erroring out if a negative syscall number is used in the
    catch syscall command.

    Tested on x86_64-linux.

    gdb/ChangeLog:

    2021-02-05  Tom de Vries  <tdevries@suse.de>

            PR breakpoints/27313
            * break-catch-syscall.c (catch_syscall_split_args): Reject negative
            syscall numbers.

    gdb/testsuite/ChangeLog:

    2021-02-05  Tom de Vries  <tdevries@suse.de>

            PR breakpoints/27313
            * gdb.base/catch-syscall.exp: Check that "catch syscall -1" is
            rejected.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug breakpoints/27313] Segfault in insert_catch_syscall

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27313

Tom de Vries <vries at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED
   Target Milestone|---                         |11.1

--- Comment #4 from Tom de Vries <vries at gcc dot gnu.org> ---
Patch with test-case committed, marking resolved-fixed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.