[gdb/f14/master] - Workaround librpm BZ 643031 due to its unexpected exit() calls (BZ 642879). - Fix crash on CTRL-C

Jan Kratochvil jkratoch at fedoraproject.org
Thu Oct 14 15:15:48 UTC 2010 

commit 93f3b46c0df7c2186e4e845d9a2fd1482775ba4f
Author: Jan Kratochvil <jan.kratochvil at redhat.com>
Date:   Thu Oct 14 17:15:35 2010 +0200

    - Workaround librpm BZ 643031 due to its unexpected exit() calls (BZ 642879).
    - Fix crash on CTRL-C while reading an ELF symbol file (BZ 642879).

 gdb-6.6-buildid-locate-rpm-librpm-workaround.patch |   31 +++++++
 gdb-bz642879-elfread-sigint-stale.patch            |   85 ++++++++++++++++++++
 gdb.spec                                           |   13 +++-
 3 files changed, 128 insertions(+), 1 deletions(-)
---
diff --git a/gdb-6.6-buildid-locate-rpm-librpm-workaround.patch b/gdb-6.6-buildid-locate-rpm-librpm-workaround.patch
new file mode 100644
index 0000000..5807ace
--- /dev/null
+++ b/gdb-6.6-buildid-locate-rpm-librpm-workaround.patch
@@ -0,0 +1,31 @@
+--- ./gdb/elfread.c	2010-10-14 17:07:45.000000000 +0200
++++ ./gdb/elfread.c	2010-10-14 17:06:30.000000000 +0200
+@@ -1382,6 +1382,18 @@ build_id_to_filename (struct build_id *b
+ #include <dlfcn.h>
+ #endif
+ 
++/* Workarodun https://bugzilla.redhat.com/show_bug.cgi?id=643031
++   librpm must not exit() an application on SIGINT
++
++   Enable or disable a signal handler.  SIGNUM: signal to enable (or disable
++   if negative).  HANDLER: sa_sigaction handler (or NULL to use
++   rpmsqHandler()).  Returns: no. of refs, -1 on error.  */
++int
++rpmsqEnable (int signum, /* rpmsqAction_t handler */ void *handler)
++{
++  return 0;
++}
++
+ /* This MISSING_RPM_HASH tracker is used to collect all the missing rpm files
+    and avoid their duplicities during a single inferior run.  */
+ 
+--- ./gdb/proc-service.list	2010-05-28 20:50:30.000000000 +0200
++++ ./gdb/proc-service.list	2010-10-14 17:06:30.000000000 +0200
+@@ -37,4 +37,7 @@
+   ps_pstop;
+   ps_ptread;
+   ps_ptwrite;
++
++  /* gdb-6.6-buildid-locate-rpm.patch */
++  rpmsqEnable;
+ };
diff --git a/gdb-bz642879-elfread-sigint-stale.patch b/gdb-bz642879-elfread-sigint-stale.patch
new file mode 100644
index 0000000..5a079ef
--- /dev/null
+++ b/gdb-bz642879-elfread-sigint-stale.patch
@@ -0,0 +1,85 @@
+http://sourceware.org/ml/gdb-patches/2010-09/msg00192.html
+Subject: [patch] Fix ELF stale reference  [Re: [patch] .gdb_index: Do not crash on NOBITS]
+
+On Wed, 08 Sep 2010 21:40:12 +0200, Tom Tromey wrote:
+> >>>>> "Jan" == Jan Kratochvil <jan.kratochvil at redhat.com> writes:
+> 
+> Jan> which should not be fatal but due to some other bugs therein it can
+> Jan> crash GDB.
+> 
+> I am curious about these other bugs.
+
++      /* Memory gets permanently referenced from ABFD after
++	 bfd_get_synthetic_symtab so it must not get freed before ABFD gets.
++	 It happens only in the case when elf_slurp_reloc_table sees
++	 asection->relocation NULL.  Determining which section is asection is
++	 done by _bfd_elf_get_synthetic_symtab which is all a bfd
++	 implementation detail, though.  */
+
+That is from:
+
+#0  in elf_slurp_reloc_table_from_section (abfd, asect, rel_hdr, reloc_count=1170, relents, symbols, dynamic=1) at elfcode.h:1482
+#1  in bfd_elf64_slurp_reloc_table (abfd, asect, symbols, dynamic=1) at elfcode.h:1563
+#2  in _bfd_elf_get_synthetic_symtab (abfd, symcount=0, syms, dynsymcount=1792, dynsyms, ret) at elf.c:9269
+#3  in elf_symfile_read (objfile, symfile_flags=6) at elfread.c:809
+
+Where
+	  elfcode.h:elf_slurp_reloc_table_from_section
+contains
+          ps = symbols + ELF_R_SYM (rela.r_info) - 1;
+          relent->sym_ptr_ptr = ps;
+
+`symbols' here is elf_symfile_read's `dyn_symbol_table'.  `dyn_symbol_table'
+got immediately xfree'd but the freed memory remained referenced by
+asect->relocation (containing the RELENT memory above, stored there by
+elf_slurp_reloc_table).
+
+asect->relocation probably does not get used if ABFD is not being read-in the
+second time, which happens only if OBJFILE is being created the second time,
+which happens due to the error call in the previous mail.
+
+
+I was curious there elf_symfile_read uses 0 for COPY_NAMES in a similar case:
+      elf_symtab_read (objfile, ST_REGULAR, symcount, symbol_table, 0);
+where SYMBOL_TABLE is also immediately xfreed.  But that seems to be correct as
+elf_slurp_symbol_table uses 
+      symbase = (elf_symbol_type *) bfd_zalloc (abfd, amt);
+for the content where later elfread.c's SYMBOL_TABLE points to.  Only the
+pointers get xfreed which is OK.
+
+
+No regressions on {x86_64,x86_64-m32,i686}-fedora14snapshot-linux-gnu.
+
+
+Thanks,
+Jan
+
+
+gdb/
+2010-09-09  Jan Kratochvil  <jan.kratochvil at redhat.com>
+
+	Fix stale memory references.
+	* elfread.c: Include libbfd.h.
+	(elf_symfile_read): Replace xmalloc by bfd_alloc, drop xfree, new
+	comment.
+
+--- a/gdb/elfread.c
++++ b/gdb/elfread.c
+@@ -792,8 +793,14 @@ elf_symfile_read (struct objfile *objfile, int symfile_flags)
+ 
+   if (storage_needed > 0)
+     {
+-      dyn_symbol_table = (asymbol **) xmalloc (storage_needed);
+-      make_cleanup (xfree, dyn_symbol_table);
++      /* Memory gets permanently referenced from ABFD after
++	 bfd_get_synthetic_symtab so it must not get freed before ABFD gets.
++	 It happens only in the case when elf_slurp_reloc_table sees
++	 asection->relocation NULL.  Determining which section is asection is
++	 done by _bfd_elf_get_synthetic_symtab which is all a bfd
++	 implementation detail, though.  */
++
++      dyn_symbol_table = bfd_alloc (abfd, storage_needed);
+       dynsymcount = bfd_canonicalize_dynamic_symtab (objfile->obfd,
+ 						     dyn_symbol_table);
+ 
+
diff --git a/gdb.spec b/gdb.spec
index 26fa7ce..0571480 100644
--- a/gdb.spec
+++ b/gdb.spec
@@ -27,7 +27,7 @@ Version: 7.2
 
 # The release always contains a leading reserved number, start it at 1.
 # `upstream' is not a part of `name' to stay fully rpm dependencies compatible for the testing.
-Release: 22%{?_with_upstream:.upstream}%{dist}
+Release: 23%{?_with_upstream:.upstream}%{dist}
 
 License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ and GPLv2+ with exceptions and GPL+ and LGPLv2+ and GFDL and BSD and Public Domain
 Group: Development/Debuggers
@@ -260,6 +260,8 @@ Patch271: gdb-6.5-bz243845-stale-testing-zombie-test.patch
 Patch274: gdb-6.6-buildid-locate.patch
 Patch353: gdb-6.6-buildid-locate-rpm.patch
 Patch415: gdb-6.6-buildid-locate-core-as-arg.patch
+# Workaround librpm BZ 643031 due to its unexpected exit() calls (BZ 642879).
+Patch519: gdb-6.6-buildid-locate-rpm-librpm-workaround.patch
 
 # Fix displaying of numeric char arrays as strings (BZ 224128).
 Patch282: gdb-6.7-charsign-test.patch
@@ -466,6 +468,9 @@ Patch516: gdb-python-error-state.patch
 # Fix inferior exec of new PIE x86_64 (BZ 638979).
 Patch517: gdb-exec-pie-amd64.patch
 
+# Fix crash on CTRL-C while reading an ELF symbol file (BZ 642879).
+Patch520: gdb-bz642879-elfread-sigint-stale.patch
+
 BuildRequires: ncurses-devel%{?_isa} texinfo gettext flex bison expat-devel%{?_isa}
 Requires: readline%{?_isa}
 BuildRequires: readline-devel%{?_isa}
@@ -713,6 +718,7 @@ rm -f gdb/jv-exp.c gdb/m2-exp.c gdb/objc-exp.c gdb/p-exp.c
 # This patch should be applied to gcc-4.5+.src.rpm:
 #patch487 -p1
 %patch415 -p1
+%patch519 -p1
 %patch489 -p1
 %patch491 -p1
 %patch493 -p1
@@ -737,6 +743,7 @@ rm -f gdb/jv-exp.c gdb/m2-exp.c gdb/objc-exp.c gdb/p-exp.c
 %patch516 -p1
 %patch517 -p1
 %patch518 -p1
+%patch520 -p1
 
 %patch393 -p1
 %patch335 -p1
@@ -1107,6 +1114,10 @@ fi
 %endif
 
 %changelog
+* Thu Oct 14 2010 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.2-23.fc14
+- Workaround librpm BZ 643031 due to its unexpected exit() calls (BZ 642879).
+- Fix crash on CTRL-C while reading an ELF symbol file (BZ 642879).
+
 * Tue Oct 12 2010 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.2-22.fc14
 - testsuite: Provide missing lib/gdb-python.exp (for BZ 639089).

More information about the scm-commits mailing list