From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20133 invoked by alias); 21 Jan 2009 22:57:54 -0000 Received: (qmail 20122 invoked by uid 22791); 21 Jan 2009 22:57:54 -0000 X-SWARE-Spam-Status: No, hits=-1.4 required=5.0 tests=AWL,BAYES_00,MSGID_FROM_MTA_HEADER,SPF_SOFTFAIL X-Spam-Check-By: sourceware.org Received: from mtagate8.de.ibm.com (HELO mtagate8.de.ibm.com) (195.212.29.157) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 21 Jan 2009 22:57:50 +0000 Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate8.de.ibm.com (8.13.8/8.13.8) with ESMTP id n0LMvkCZ106656 for ; Wed, 21 Jan 2009 22:57:46 GMT Received: from d12av02.megacenter.de.ibm.com (d12av02.megacenter.de.ibm.com [9.149.165.228]) by d12nrmr1607.megacenter.de.ibm.com (8.13.8/8.13.8/NCO v9.1) with ESMTP id n0LMvk7M3301480 for ; Wed, 21 Jan 2009 23:57:46 +0100 Received: from d12av02.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av02.megacenter.de.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id n0LMvknA029043 for ; Wed, 21 Jan 2009 23:57:46 +0100 Received: from tuxmaker.boeblingen.de.ibm.com (tuxmaker.boeblingen.de.ibm.com [9.152.85.9]) by d12av02.megacenter.de.ibm.com (8.12.11.20060308/8.12.11) with SMTP id n0LMvkTQ029040; Wed, 21 Jan 2009 23:57:46 +0100 Message-Id: <200901212257.n0LMvkTQ029040@d12av02.megacenter.de.ibm.com> Received: by tuxmaker.boeblingen.de.ibm.com (sSMTP sendmail emulation); Wed, 21 Jan 2009 23:57:46 +0100 Subject: [rfa/gdbserver] Fix crash in thread_db_get_tls_address To: gdb-patches@sourceware.org Date: Wed, 21 Jan 2009 22:57:00 -0000 From: "Ulrich Weigand" Cc: drow@false.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2009-01/txt/msg00441.txt.bz2 Hello, when debugging remotely using a GDB with private modifcations, I'm running into a crash in gdbserver, which I believe to be a real bug (even if latent with mainline GDB). The problem occurs when the thread_db_get_tls_address routine is invoked (as a result of processing a qGetTLSAddr: query) on an inferior that actually has no threads (or where the thread layer is not initialized yet). This is caused by thread_db_get_tls_address calling find_one_thread, which in the end calls down into the libthread_db td_ta_map_lwp2thr routine -- at a time libthread_db is not yet initialized, and in fact the "thread_agent" handle passed to td_ta_map_lwp2thr was not yet set up. This results in a segfault within libthread_db. Now I guess it is debatable whether or not sending a qGetTLSAddr: query in this situation is a useful thing, but it seems to me that gdbserver shouldn't just *crash* ... The following patch fixes this by returning failure from thread_db_get_tls_address if called before the thread layer is properly initialized. Tested on powerpc64-linux (64-bit / 32-bit) using local gdbserver. OK for mainline? Bye, Ulrich ChangeLog: * thread-db.c (thread_db_get_tls_address): Do not crash if called when thread layer is not yet initialized. Index: src/gdb/gdbserver/thread-db.c =================================================================== --- src.orig/gdb/gdbserver/thread-db.c +++ src/gdb/gdbserver/thread-db.c @@ -388,6 +388,10 @@ thread_db_get_tls_address (struct thread td_err_e err; struct process_info *process; + /* If the thread layer is not (yet) initialized, fail. */ + if (!all_symbols_looked_up) + return -1; + process = get_thread_process (thread); if (!process->thread_known) find_one_thread (process->lwpid); -- Dr. Ulrich Weigand GNU Toolchain for Linux on System z and Cell BE Ulrich.Weigand@de.ibm.com