This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
server/2239: gdbserver 6.6 reproducible SEGV killing nonexistent inferior
- From: mat at lcs dot mit dot edu
- To: gdb-gnats at sources dot redhat dot com
- Date: 8 Mar 2007 22:51:14 -0000
- Subject: server/2239: gdbserver 6.6 reproducible SEGV killing nonexistent inferior
- Reply-to: mat at lcs dot mit dot edu
>Number: 2239
>Category: server
>Synopsis: gdbserver 6.6 reproducible SEGV killing nonexistent inferior
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Thu Mar 08 22:58:01 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: mat@lcs.mit.edu
>Release: GNU gdb 6.6
>Organization:
>Environment:
Linux ld-1 2.6.9-42.0.8.ELsmp #1 SMP Tue Jan 30 12:18:01 EST 2007 x86_64 x86_64 x86_64 GNU/Linux
ld-1:~$ gcc -v
Using built-in specs.
Target: x86_64-unknown-linux-gnu
Configured with: ../../src/gcc-4.0.2/configure --prefix=/home/global/Linux-x86_64-rhel3/encap/gcc-4.0.2 --disable-libgcj --enable-languages=c,c++
Thread model: posix
gcc version 4.0.2
This GDB was configured as "x86_64-unknown-linux-gnu".
>Description:
A trivial use of gdb+gdbserver SEGVs gdbserver with this backtrace, trying to kill a NULL inferior:
#0 0x0000000000403ca3 in inferior_target_data (inferior=0x0) at inferiors.c:228
#1 0x0000000000408fd8 in linux_kill () at linux-low.c:258
#2 0x0000000000407866 in main (argc=3, argv=0x7fbffff738) at server.c:897
>How-To-Repeat:
1) Compile this program with "gcc -g death.c -o death"
int
main()
{
sleep(3);
return 0;
}
2) Run gdbserver listening on port 34567 (or pick another, but then update
the 34567 in step (3)):
gdbserver :34567 death
3) Create a "commands" text file containing the following gdb commands:
target extended-remote localhost:34567
b main
cont
cont
quit
(using "extended-remote" instead of "remote" is important!)
4) In another window, run gdb, using the commands file to make it
talk to the gdbserver:
gdb -x commands death
5) Watch the gdbserver process SEGV. Specifically it dies here:
(gdb) bt
#0 0x0000000000403ca3 in inferior_target_data (inferior=0x0) at inferiors.c:228
#1 0x0000000000408fd8 in linux_kill () at linux-low.c:258
#2 0x0000000000407866 in main (argc=3, argv=0x7fbffff738) at server.c:897
That's in this call to kill_inferior() in main() when there is
no inferior to kill, hence the SEGV:
if (status == 'W' || status == 'X')
{
if (extended_protocol)
{
fprintf (stderr, "Killing inferior\n");
kill_inferior ();
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: