From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 119393 invoked by alias); 13 Feb 2017 12:10:03 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 119319 invoked by uid 89); 13 Feb 2017 12:10:02 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 13 Feb 2017 12:10:00 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 81DC24E336 for ; Mon, 13 Feb 2017 12:10:00 +0000 (UTC) Received: from blade.nx ([10.33.36.39]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1DC9xBX012778; Mon, 13 Feb 2017 07:10:00 -0500 Received: by blade.nx (Postfix, from userid 1000) id 5CB1E80B72E1; Mon, 13 Feb 2017 12:09:57 +0000 (GMT) Date: Mon, 13 Feb 2017 12:10:00 -0000 From: Gary Benson To: Pedro Alves Cc: gdb-patches@sourceware.org Subject: Re: [OB PATCH] Fix NULL pointer dereference Message-ID: <20170213120957.GA25595@blade.nx> References: <1486654779-20073-1-git-send-email-gbenson@redhat.com> <84176f49-455d-06ff-6be5-ae50dda14b65@redhat.com> <20170210111927.GA11874@blade.nx> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-IsSubscribed: yes X-SW-Source: 2017-02/txt/msg00324.txt.bz2 Pedro Alves wrote: > So we reach this call of the 'expansion_notify' function pointer: > > if (recursively_search_psymtabs (ps, objfile, kind, symbol_matcher, data)) > { > struct compunit_symtab *symtab = > psymtab_to_symtab (objfile, ps); > > if (expansion_notify != NULL) > expansion_notify (symtab, data); > } > } > > So why can recursively_search_psymtabs find a matching partial > symbol and thus return true, and then psymtab_to_symtab returns > NULL, indicating the symtab is empty? That sounds like a bug? So the first time psymtab_to_symtab returns NULL, ps->filename is "src/basic/string-util.h"; the only string-util.h on my system is /usr/src/debug/systemd-231/src/basic/string-util.h from systemd-debuginfo-231-10.fc25.x86_64 so I'm assuming it's that. But, recursively_search_psymtabs is returning 1 not for that psymtab but for one of its dependencies (the first, as it happens). That has no filename, and its user->filename is "". So recursively_search_psymtabs is saying string-util.h matches because it matches because of some (shared?) symbol table it references, but psymtab_to_symtab is being called on the string-util.h psymtab which doesn't match (or exist?!) I have no idea what I'm looking at here :( Thanks, Gary -- http://gbenson.net/