diff options
| author | Antoine Tremblay <antoine.tremblay@ericsson.com> | 2017-01-26 10:47:27 -0500 |
|---|---|---|
| committer | Antoine Tremblay <antoine.tremblay@ericsson.com> | 2017-01-26 10:47:27 -0500 |
| commit | 874a1c8c32036f790fa527acfab3f6f18740f089 (patch) | |
| tree | be2f4ea77f43b64780a1da05989977f6e3a9f95e /gdb | |
| parent | d8b49cf0c891d09dd58de05ad5cfe396b612cf3b (diff) | |
| download | gdb-874a1c8c32036f790fa527acfab3f6f18740f089.zip gdb-874a1c8c32036f790fa527acfab3f6f18740f089.tar.gz gdb-874a1c8c32036f790fa527acfab3f6f18740f089.tar.bz2 | |
Fix crash when loading a core with unexpected register section size
When loading a core without an executable like so:
$ gdb --core core
for example often the gdbarch won't contain the
iterate_over_regset_sections method. For example on ARM.
This will generate a call to get_core_register_section with a NULL regset
like at corelow.c:628
get_core_register_section (regcache, NULL, ".reg", 0, 0, "general-purpose", 1);
However a check for REGSET_VARIABLE_SIZE in get_core_register_section
assumes that regset is != NULL thus leading to a crash with this backtrace:
(gdb) bt
#0 0x000000000065907b in get_core_register_section
(regcache=regcache@entry=0x2c26260, regset=regset@entry=0x0,
name=name@entry=0xdbf7b2 ".reg", min_size=min_size@entry=0,
which=which@entry=0, human_name=human_name@entry=0xdbac28
"general-purpose", required=1)
at ../../gdb/corelow.c:542
#1 0x0000000000659b70 in get_core_registers (ops=<optimized out>,
regcache=0x2c26260, regno=<optimized out>) at ../../gdb/corelow.c:628
#2 0x000000000076e5fb in target_fetch_registers
(regcache=regcache@entry=0x2c26260, regno=regno@entry=15)
at ../../gdb/target.c:3590
Note that commit: f962539ad23759 ("Warn if core file register
section is larger than expected") introduced this issue.
Thus releases > 7.8.2 are affected.
Also, this would have been caught by gdb.base/corefile.exp but the
problem is that this triggers only if the core dump is missing some data
so that it's not recognized as a linux core dump, or it's not a linux core
dump and the core file register section is larger than expected.
So if you just create a core and read it on linux with ARM the osabi is
detected properly and iterate_over_regset_sections is present and so the
problem is not triggered.
Thus creating a linux test for this with a crafted core that meets the
problem requirements is non-trivial.
This patch fixes this crash by adding a check for regset existence before
running the condition.
gdb/ChangeLog:
* corelow.c (get_core_register_section): Check for regset
existence before checking for REGSET_VARIABLE_SIZE.
Diffstat (limited to 'gdb')
| -rw-r--r-- | gdb/ChangeLog | 5 | ||||
| -rw-r--r-- | gdb/corelow.c | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/gdb/ChangeLog b/gdb/ChangeLog index 4e85fcd..ce3f317 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,8 @@ +2017-01-26 Antoine Tremblay <antoine.tremblay@ericsson.com> + + * corelow.c (get_core_register_section): Check for regset + existence before checking for REGSET_VARIABLE_SIZE. + 2017-01-26 Yao Qi <yao.qi@linaro.org> Pedro Alves <palves@redhat.com> diff --git a/gdb/corelow.c b/gdb/corelow.c index a075d9e..ecde954 100644 --- a/gdb/corelow.c +++ b/gdb/corelow.c @@ -515,6 +515,8 @@ get_core_register_section (struct regcache *regcache, struct bfd_section *section; bfd_size_type size; char *contents; + bool variable_size_section = (regset != NULL + && regset->flags & REGSET_VARIABLE_SIZE); xfree (section_name); @@ -539,7 +541,7 @@ get_core_register_section (struct regcache *regcache, warning (_("Section `%s' in core file too small."), section_name); return; } - if (size != min_size && !(regset->flags & REGSET_VARIABLE_SIZE)) + if (size != min_size && !variable_size_section) { warning (_("Unexpected size of section `%s' in core file."), section_name); |