From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 19564 invoked by alias); 11 Jul 2007 14:19:18 -0000 Received: (qmail 19556 invoked by uid 22791); 11 Jul 2007 14:19:17 -0000 X-Spam-Check-By: sourceware.org Received: from NaN.false.org (HELO nan.false.org) (208.75.86.248) by sourceware.org (qpsmtpd/0.31) with ESMTP; Wed, 11 Jul 2007 14:19:15 +0000 Received: from nan.false.org (localhost [127.0.0.1]) by nan.false.org (Postfix) with ESMTP id 0659A982C6 for ; Wed, 11 Jul 2007 14:19:14 +0000 (GMT) Received: from caradoc.them.org (22.svnf5.xdsl.nauticom.net [209.195.183.55]) by nan.false.org (Postfix) with ESMTP id E113D982C4 for ; Wed, 11 Jul 2007 14:19:13 +0000 (GMT) Received: from drow by caradoc.them.org with local (Exim 4.67) (envelope-from ) id 1I8d28-0003FM-DD for gdb-patches@sourceware.org; Wed, 11 Jul 2007 10:19:12 -0400 Date: Wed, 11 Jul 2007 14:19:00 -0000 From: Daniel Jacobowitz To: gdb-patches@sourceware.org Subject: [rfc] Detect dwarf address size mismatch Message-ID: <20070711141912.GA12298@caradoc.them.org> Mail-Followup-To: gdb-patches@sourceware.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.15 (2007-04-09) X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2007-07/txt/msg00174.txt.bz2 I just fixed a gas bug which caused MIPS64 Linux kernels to have corrupt DWARF information. The .debug_info compilation unit header listed the address size as 4, but the .debug_line section used 64-bit addresses. This caused GDB to parse the last four bits of each address as if they were instructions in the line number program. That version of GDB crashed when it got a bogus DW_LNS_set_file with an out-of-bounds file number (which has already been fixed in HEAD). But I think this patch is still useful, to detect the mismatch promptly instead of going off into the woods parsing bad data. I think I did get HEAD to crash once while testing. A more intrusive patch could let GDB handle the bad files as their producer intended, by reading an address of size extended_len - 1, but I don't think it's worth it when we can fix gas. Any comments on this patch, or shall I commit it? -- Daniel Jacobowitz CodeSourcery 2007-07-11 Daniel Jacobowitz * dwarf2read.c (dwarf_decode_lines): Detect address size mismatches. --- gdb/dwarf2read.c | 10 ++++++++-- 1 files changed, 8 insertions(+), 2 deletions(-) Index: gdb-6.6.50/gdb/dwarf2read.c =================================================================== --- gdb-6.6.50.orig/gdb/dwarf2read.c 2007-07-10 13:25:33.000000000 -0700 +++ gdb-6.6.50/gdb/dwarf2read.c 2007-07-11 07:09:17.000000000 -0700 @@ -6660,7 +6660,7 @@ dwarf_decode_lines (struct line_header * { gdb_byte *line_ptr; gdb_byte *line_end; - unsigned int bytes_read; + unsigned int bytes_read, extended_len; unsigned char op_code, extended_op, adj_opcode; CORE_ADDR baseaddr; struct objfile *objfile = cu->objfile; @@ -6730,7 +6730,7 @@ dwarf_decode_lines (struct line_header * else switch (op_code) { case DW_LNS_extended_op: - read_unsigned_leb128 (abfd, line_ptr, &bytes_read); + extended_len = read_unsigned_leb128 (abfd, line_ptr, &bytes_read); line_ptr += bytes_read; extended_op = read_1_byte (abfd, line_ptr); line_ptr += 1; @@ -6746,6 +6746,12 @@ dwarf_decode_lines (struct line_header * address = read_address (abfd, line_ptr, cu, &bytes_read); line_ptr += bytes_read; address += baseaddr; + if (bytes_read + 1 != extended_len) + { + complaint (&symfile_complaints, + _("bad address size in .debug_line section")); + return; + } break; case DW_LNE_define_file: {