[Bug remote/28360] New: segfault in bfd_get_elf_phdr_upper_bound

public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed

From: "vries at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug remote/28360] New: segfault in bfd_get_elf_phdr_upper_bound
Date: Tue, 21 Sep 2021 11:18:35 +0000	[thread overview]
Message-ID: <bug-28360-4717@http.sourceware.org/bugzilla/> (raw)

https://sourceware.org/bugzilla/show_bug.cgi?id=28360

            Bug ID: 28360
           Summary: segfault in bfd_get_elf_phdr_upper_bound
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: remote
          Assignee: unassigned at sourceware dot org
          Reporter: vries at gcc dot gnu.org
  Target Milestone: ---

While investigating PR28355, I decided to emulate the gdbserver internal error
by doing:
...
diff --git a/gdbserver/regcache.cc b/gdbserver/regcache.cc
index 312f14ee9dd..de664cfc987 100644
--- a/gdbserver/regcache.cc
+++ b/gdbserver/regcache.cc
@@ -252,7 +252,7 @@ find_regno (const struct target_desc *tdesc, const char
*name)
   for (int i = 0; i < tdesc->reg_defs.size (); ++i)
     {
       if (strcmp (name, find_register_by_number (tdesc, i).name) == 0)
-       return i;
+       {}
     }
   internal_error (__FILE__, __LINE__, "Unknown register %s requested",
                  name);
...
and ran gdb.server/*.exp.

Annoyingly, a few times we report "ERROR: GDB process no longer exists" while
in fact GDB is alive, and it's just the gdbserver that crashed.

This is due to running gdb_test_multiple with the gdb_spawn_id set to the
spawn_id of the gdbserver, which looks wrong.

Anyway, there is an actual gdb crash in test-case
gdb.server/server-exec-info.exp:
...
(gdb) builtin_spawn
/home/vries/gdb_versions/devel/build/gdb/testsuite/../../gdb/../gdbserver/gdbserver
--once localhost:2403
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.server/server-exec-info/server-exec-info^M
Process
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.server/server-exec-info/server-exec-info
created; pid = 2570^M
Listening on port 2403^M
target remote localhost:2403^M
Remote debugging using localhost:2403^M
Remote connection closed^M
(gdb) set sysroot remote:^M
warning: "remote:" is deprecated, use "target:" instead.^M
warning: sysroot set to "target:".^M
^M
^M
Fatal signal: Segmentation fault^M
...

In more detail:
...
Thread 1 "gdb" received signal SIGSEGV, Segmentation fault.
0x0000000000e89dcc in bfd_get_elf_phdr_upper_bound (abfd=0x0)
    at /home/vries/gdb_versions/devel/src/bfd/elf.c:12299
12299     if (abfd->xvec->flavour != bfd_target_elf_flavour)
...

backtrace:
...
(gdb) bt
#0  0x0000000000e89dcc in bfd_get_elf_phdr_upper_bound (abfd=0x0)
    at /home/vries/gdb_versions/devel/src/bfd/elf.c:12299
#1  0x000000000084c371 in linux_vsyscall_range_raw (gdbarch=0x358a400,
range=0x2b32000)
    at /home/vries/gdb_versions/devel/src/gdb/linux-tdep.c:2335
#2  0x000000000084c70d in linux_vsyscall_range (gdbarch=0x358a400,
range=0x7fffffffd070)
    at /home/vries/gdb_versions/devel/src/gdb/linux-tdep.c:2412
#3  0x0000000000768c0e in gdbarch_vsyscall_range (gdbarch=0x358a400,
range=0x7fffffffd070)
    at /home/vries/gdb_versions/devel/src/gdb/gdbarch.c:5233
#4  0x0000000000abf5f0 in svr4_current_sos ()
    at /home/vries/gdb_versions/devel/src/gdb/solib-svr4.c:1373
#5  0x0000000000ac7e35 in update_solib_list (from_tty=0)
    at /home/vries/gdb_versions/devel/src/gdb/solib.c:722
#6  0x0000000000ac8419 in solib_add (pattern=0x0, from_tty=0, readsyms=1)
    at /home/vries/gdb_versions/devel/src/gdb/solib.c:959
#7  0x0000000000ac96ed in reload_shared_libraries (ignored=0x0, from_tty=0,
e=0x2acdd20)
    at /home/vries/gdb_versions/devel/src/gdb/solib.c:1377
#8  0x0000000000ac981d in gdb_sysroot_changed (ignored=0x0, from_tty=0,
e=0x2acdd20)
    at /home/vries/gdb_versions/devel/src/gdb/solib.c:1416
#9  0x00000000005cf349 in do_set_command (arg=0x7fffffffe131 "remote:",
from_tty=0, 
    c=0x2acdd20) at
/home/vries/gdb_versions/devel/src/gdb/cli/cli-setshow.c:521
#10 0x0000000000b77f04 in execute_command (p=0x7fffffffe131 "remote:",
from_tty=0)
    at /home/vries/gdb_versions/devel/src/gdb/top.c:666
#11 0x000000000087c5da in catch_command_errors (
    command=0xb779cd <execute_command(char const*, int)>, 
    arg=0x7fffffffe125 "set sysroot remote:", from_tty=0, do_bp_actions=true)
    at /home/vries/gdb_versions/devel/src/gdb/main.c:523
#12 0x000000000087c7b2 in execute_cmdargs (cmdarg_vec=0x7fffffffd760,
file_type=CMDARG_FILE, 
    cmd_type=CMDARG_COMMAND, ret=0x7fffffffd73c)
    at /home/vries/gdb_versions/devel/src/gdb/main.c:618
#13 0x000000000087db9d in captured_main_1 (context=0x7fffffffd9a0)
    at /home/vries/gdb_versions/devel/src/gdb/main.c:1322
#14 0x000000000087ddce in captured_main (data=0x7fffffffd9a0)
    at /home/vries/gdb_versions/devel/src/gdb/main.c:1343
#15 0x000000000087de39 in gdb_main (args=0x7fffffffd9a0)
    at /home/vries/gdb_versions/devel/src/gdb/main.c:1368
#16 0x0000000000417c6e in main (argc=15, argv=0x7fffffffdaa8)
    at /home/vries/gdb_versions/devel/src/gdb/gdb.c:32
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

next             reply	other threads:[~2021-09-21 11:18 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-21 11:18 vries at gcc dot gnu.org [this message]
2021-09-21 11:31 ` [Bug remote/28360] " vries at gcc dot gnu.org
2021-09-21 12:34 ` vries at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-28360-4717@http.sourceware.org/bugzilla/ \
    --to=sourceware-bugzilla@sourceware.org \
    --cc=gdb-prs@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).