From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 576 invoked by alias); 21 May 2013 22:23:53 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 566 invoked by uid 89); 21 May 2013 22:23:53 -0000 X-Spam-SWARE-Status: No, score=-4.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,RP_MATCHES_RCVD,SPF_PASS autolearn=ham version=3.3.1 Received: from mail-ve0-f202.google.com (HELO mail-ve0-f202.google.com) (209.85.128.202) by sourceware.org (qpsmtpd/0.84/v0.84-167-ge50287c) with ESMTP; Tue, 21 May 2013 22:23:52 +0000 Received: by mail-ve0-f202.google.com with SMTP id m1so131747ves.3 for ; Tue, 21 May 2013 15:23:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:mime-version:content-type :x-gm-message-state; bh=/EVD3GFbb/u50BRnHKE/DTFj2h7BmOQIrrCWctIbMeE=; b=ZcPVFk+V7D7P3xbDNsvlvirDKpo9LG2t93uc1XZyI0mh4EhX/vHpqXEmW6Xqn7PYvP VN+dFqoOXk+vAXHw4C/8rshPIU1VLgb9NSebjgmCPdGHYVWqKcnqWQPHxNoLo0sScaYe JxMmJCLp8GzQFNTr5pf3N4Qsb+GqJSCIeY5PsdjMVWan/mQMR9cNihm9FzWUl3R6gSFv Q/KRyOh/H9WHz8Zz4AmHS1X7R5Epey3SmPb5KDvxM9yPTYwJSn/NUj/eRjCVkpnapW1Z xV66ULVNSYk07jiPyHq985uajsk4xUwrmB1C6E8WrLd9zp7NKVzvUKE5uaCxxI85Q5ZH DiAw== X-Received: by 10.236.15.34 with SMTP id e22mr2060108yhe.16.1369175030696; Tue, 21 May 2013 15:23:50 -0700 (PDT) Received: from corp2gmr1-2.hot.corp.google.com (corp2gmr1-2.hot.corp.google.com [172.24.189.93]) by gmr-mx.google.com with ESMTPS id n78si408062yhh.1.2013.05.21.15.23.50 for (version=TLSv1.1 cipher=AES128-SHA bits=128/128); Tue, 21 May 2013 15:23:50 -0700 (PDT) Received: from elbrus2.mtv.corp.google.com (elbrus2.mtv.corp.google.com [172.17.128.95]) by corp2gmr1-2.hot.corp.google.com (Postfix) with ESMTP id 8A8775A42E5; Tue, 21 May 2013 15:23:50 -0700 (PDT) Received: by elbrus2.mtv.corp.google.com (Postfix, from userid 74925) id 1D5031C0879; Tue, 21 May 2013 15:23:49 -0700 (PDT) From: Paul Pluzhnikov To: gdb-patches@sourceware.org Cc: ppluzhnikov@google.com Subject: [patch] Fix crash in svr4_clear_so Date: Tue, 21 May 2013 22:23:00 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Gm-Message-State: ALoCoQkax1ItndvU9TU9+2xyfBeualbeaECnoUpC80PLhEih8RRwxzLPIRWcYSABsNpfKeLkbtIcJOpqIKem4uTsMfsorneAoiNZXNu0UCFCAo8hCqa/98ol0WAbg0E2Vpd7BjEXllPvEla2MbsWxFGWE7ItUGiaQU405XEl/zKwJDeVGyf9VodxHj3+twYaC2Tvq7PKys4aXH0VzEg5AsHztBNjMRqdiA== X-SW-Source: 2013-05/txt/msg00792.txt.bz2 Greetings, Using current trunk, I've got a GDB core dump when I tried to analyze mis-matched binary and core: gdb a.out core GNU gdb (GDB) 7.6.50.20130521-cvs ... warning: core file may not match specified executable file. [New LWP 29265] ... [New LWP 27085] [New LWP 27052] warning: Error reading shared library list entry at 0x3b48104f8b480000 Segmentation fault The actual crash is happening here: Program received signal SIGSEGV, Segmentation fault. 0x0000000000481376 in svr4_clear_so (so=0xc833490) at ../../src/gdb/solib-svr4.c:974 974 so->lm_info->l_addr_p = 0; #0 0x0000000000481376 in svr4_clear_so (so=0xc833490) at ../../src/gdb/solib-svr4.c:974 #1 0x0000000000708bc4 in clear_so (so=0xc833490) at ../../src/gdb/solib.c:537 #2 0x0000000000708bef in free_so (so=0xc833490) at ../../src/gdb/solib.c:556 #3 0x00000000006ee328 in do_free_so (arg=0xc833490) at ../../src/gdb/utils.c:492 #4 0x0000000000573474 in do_my_cleanups (pmy_chain=0xc5c1f0 , old_chain=0x35232410) at ../../src/gdb/cleanups.c:155 #5 0x00000000005734e1 in do_cleanups (old_chain=0x35232410) at ../../src/gdb/cleanups.c:177 #6 0x00000000004817e0 in svr4_read_so_list (lm=4271682180386127872, link_ptr_ptr=0x7fff7fc37c58, ignore_first=1) at ../../src/gdb/solib-svr4.c:1195 #7 0x0000000000481b01 in svr4_current_sos () at ../../src/gdb/solib-svr4.c:1311 #8 0x0000000000708eea in update_solib_list (from_tty=0, target=0xc724c0 ) at ../../src/gdb/solib.c:674 ... Attached patch fixes the GDB crash. Ok for trunk? Thanks, -- 2013-05-21 Paul Pluzhnikov * solib-svr4.c (svr4_free_so): Protect against NULL dereference. Index: solib-svr4.c =================================================================== RCS file: /cvs/src/src/gdb/solib-svr4.c,v retrieving revision 1.177 diff -p -u -r1.177 solib-svr4.c --- solib-svr4.c 6 May 2013 22:18:38 -0000 1.177 +++ solib-svr4.c 21 May 2013 22:19:09 -0000 @@ -971,7 +971,8 @@ svr4_free_so (struct so_list *so) static void svr4_clear_so (struct so_list *so) { - so->lm_info->l_addr_p = 0; + if (so->lm_info != NULL) + so->lm_info->l_addr_p = 0; } /* Free so_list built so far (called via cleanup). */