From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11722 invoked by alias); 20 Oct 2011 19:16:53 -0000 Received: (qmail 11704 invoked by uid 22791); 20 Oct 2011 19:16:51 -0000 X-SWARE-Spam-Status: No, hits=1.2 required=5.0 tests=AWL,BAYES_00,KAM_STOCKTIP,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS,TW_BJ,TW_QN X-Spam-Check-By: sourceware.org Received: from lo.gmane.org (HELO lo.gmane.org) (80.91.229.12) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 20 Oct 2011 19:16:27 +0000 Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1RGy6L-0007S9-78 for gdb-patches@sources.redhat.com; Thu, 20 Oct 2011 21:16:25 +0200 Received: from 209.226.137.108 ([209.226.137.108]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Oct 2011 21:16:25 +0200 Received: from aristovski by 209.226.137.108 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Oct 2011 21:16:25 +0200 To: gdb-patches@sources.redhat.com From: Aleksandar Ristovski Subject: [patch] gdb crash in cp_scan_for_anonymous_namespace Date: Thu, 20 Oct 2011 19:33:00 -0000 Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------030502000907030803070000" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0) Gecko/20110923 Thunderbird/7.0 X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2011-10/txt/msg00571.txt.bz2 This is a multi-part message in MIME format. --------------030502000907030803070000 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-length: 1296 Hello, I have encountered a gdb crash (gdb 7.3.1 based qnx gdb) in function cp_scan_for_anonymous_namespace. What happens is that we get into 'define_symbol' function having an objfile without any symtabs. cp_scan_for_anonymous_namespaces dereferences symbol->symtab and crashes gdb. This is all observed/debugged on gdb7.3.1 code base, but from looking at HEAD code, the possibility still exists. I haven't created a testcase yet (the case I have is quite complicated with numerous shared objects involved and a core). There are no regressions in existing test suite, tested on "x86_64-unknown-linux-gnu". Thanks, Aleksandar Ristovski ChangeLog: 2011-10-20 Aleksandar Ristovski * cp-namespace.c (cp_scan_for_anonymous_namespaces): Changed function arguments by adding OBJFILE. Instead of getting objfile from symbol's symtab, use new argument OBJFILE. * cp-support.h (cp_scan_for_anonymous_namespaces): Changed function arguments by adding OBJFILE. * gdb/dwarf2read.c (new_symbol_full): Change call to cp_scan_for_anonymous_namespaces to match new signature. * gdb/stabsread.c (define_symbol): Change call to cp_scan_for_anonymous_namespaces to match new signature. --------------030502000907030803070000 Content-Type: text/x-patch; name="GDBCRASH-no-symtab-201110201358.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="GDBCRASH-no-symtab-201110201358.patch" Content-length: 3052 Index: gdb/cp-namespace.c =================================================================== RCS file: /cvs/src/src/gdb/cp-namespace.c,v retrieving revision 1.54 diff -u -p -r1.54 cp-namespace.c --- gdb/cp-namespace.c 29 Jun 2011 22:05:15 -0000 1.54 +++ gdb/cp-namespace.c 20 Oct 2011 18:26:22 -0000 @@ -53,7 +53,8 @@ static struct type *cp_lookup_transparen anonymous namespace; if so, add an appropriate using directive. */ void -cp_scan_for_anonymous_namespaces (const struct symbol *symbol) +cp_scan_for_anonymous_namespaces (const struct symbol *const symbol, + struct objfile *const objfile) { if (SYMBOL_DEMANGLED_NAME (symbol) != NULL) { @@ -96,7 +97,7 @@ cp_scan_for_anonymous_namespaces (const namespace given by the previous component if there is one, or to the global namespace if there isn't. */ cp_add_using_directive (dest, src, NULL, NULL, NULL, - &SYMBOL_SYMTAB (symbol)->objfile->objfile_obstack); + &objfile->objfile_obstack); } /* The "+ 2" is for the "::". */ previous_component = next_component + 2; Index: gdb/cp-support.h =================================================================== RCS file: /cvs/src/src/gdb/cp-support.h,v retrieving revision 1.45 diff -u -p -r1.45 cp-support.h --- gdb/cp-support.h 18 Aug 2011 16:17:38 -0000 1.45 +++ gdb/cp-support.h 20 Oct 2011 18:26:22 -0000 @@ -197,7 +197,8 @@ extern void cp_set_block_scope (const st const char *processing_current_prefix, int processing_has_namespace_info); -extern void cp_scan_for_anonymous_namespaces (const struct symbol *symbol); +extern void cp_scan_for_anonymous_namespaces (const struct symbol *symbol, + struct objfile *objfile); extern struct symbol *cp_lookup_symbol_nonlocal (const char *name, const struct block *block, Index: gdb/dwarf2read.c =================================================================== RCS file: /cvs/src/src/gdb/dwarf2read.c,v retrieving revision 1.574 diff -u -p -r1.574 dwarf2read.c --- gdb/dwarf2read.c 17 Oct 2011 12:57:14 -0000 1.574 +++ gdb/dwarf2read.c 20 Oct 2011 18:26:23 -0000 @@ -11936,7 +11936,7 @@ new_symbol_full (struct die_info *die, s namespaces based on the demangled name. */ if (!processing_has_namespace_info && cu->language == language_cplus) - cp_scan_for_anonymous_namespaces (sym); + cp_scan_for_anonymous_namespaces (sym, objfile); } return (sym); } Index: gdb/stabsread.c =================================================================== RCS file: /cvs/src/src/gdb/stabsread.c,v retrieving revision 1.138 diff -u -p -r1.138 stabsread.c --- gdb/stabsread.c 18 May 2011 16:30:36 -0000 1.138 +++ gdb/stabsread.c 20 Oct 2011 18:26:23 -0000 @@ -729,7 +729,7 @@ define_symbol (CORE_ADDR valu, char *str SYMBOL_SET_NAMES (sym, string, p - string, 1, objfile); if (SYMBOL_LANGUAGE (sym) == language_cplus) - cp_scan_for_anonymous_namespaces (sym); + cp_scan_for_anonymous_namespaces (sym, objfile); } p++; --------------030502000907030803070000--