This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
symtab/2185: Crash (and fix) reading dwarf with missing DW_LNE_end_sequence opcode
- From: apratt at us dot ibm dot com
- To: gdb-gnats at sources dot redhat dot com
- Date: 16 Oct 2006 22:02:22 -0000
- Subject: symtab/2185: Crash (and fix) reading dwarf with missing DW_LNE_end_sequence opcode
- Reply-to: apratt at us dot ibm dot com
>Number: 2185
>Category: symtab
>Synopsis: Crash (and fix) reading dwarf with missing DW_LNE_end_sequence opcode
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Oct 16 22:08:01 UTC 2006
>Closed-Date:
>Last-Modified:
>Originator: apratt@us.ibm.com
>Release: unknown-1.0
>Organization:
>Environment:
Solaris x86_64
>Description:
In some (unknown) circumstances, the Sun "cc" compiler version 5.8 can produce dwarf line tables with no DW_LNE_end_sequence opcode at the end of the line table data. The loop in dwarf_decode_lines() in src/gdb/dwarf2read.c expects that opcode to appear, as demanded by the DWARF specification. When the opcode does not appear, gdb crashes after reading garbage as line-table-program opcodes.
The attached patch causes the line-data loop to terminate when the end_sequence opcode is seen OR when the pointer reaches the end of the table, as specified in lh->statement_program_end. This prevents the crash described here.
>How-To-Repeat:
Build gimp-2.2.11 on Solaris x86_64 with "cc -xarch=amd64 -g" using Sun cc 5.8. Try to debug the resulting gimp-2.2 executable. See crash. Dump dwarf data, see missing DW_LNE_end_sequence in some line data sections.
>Fix:
See the patch. Exit the line data loop if the pointer falls off the end of the line data, whether or not a DW_LNE_end_sequence opcode has been seen.
>Release-Note:
>Audit-Trail:
>Unformatted:
----gnatsweb-attachment----
Content-Type: application/octet-stream; name="patch"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="patch"
LS0tIG9sZC9nZGItNi41L2dkYi9kd2FyZjJyZWFkLmMJU2F0IE1heSAxMyAwODo0NjozOCAyMDA2
CisrKyBuZXcvZ2RiLTYuNS9nZGIvZHdhcmYycmVhZC5jCU1vbiBPY3QgMTYgMTQ6MTM6NTMgMjAw
NgpAQCAtNjU2Miw3ICs2NTYyLDcgQEAKIAl9CiAKICAgICAgIC8qIERlY29kZSB0aGUgdGFibGUu
ICAqLwotICAgICAgd2hpbGUgKCFlbmRfc2VxdWVuY2UpCisgICAgICB3aGlsZSAoIWVuZF9zZXF1
ZW5jZSAmJiBsaW5lX3B0ciA8IGxpbmVfZW5kKQogCXsKIAkgIG9wX2NvZGUgPSByZWFkXzFfYnl0
ZSAoYWJmZCwgbGluZV9wdHIpOwogCSAgbGluZV9wdHIgKz0gMTsK