This is the mail archive of the gdb-prs@sources.redhat.com mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: gdb/340: Bad remote packets crash gdb

From: Daniel Jacobowitz <drow at mvista dot com>
To: nobody at sources dot redhat dot com
Cc: gdb-prs at sources dot redhat dot com,
Date: 5 Feb 2002 03:28:02 -0000
Subject: Re: gdb/340: Bad remote packets crash gdb
Reply-to: Daniel Jacobowitz <drow at mvista dot com>

The following reply was made to PR gdb/340; it has been noted by GNATS.

From: Daniel Jacobowitz <drow@mvista.com>
To: gdb-gnats@sources.redhat.com
Cc:  
Subject: Re: gdb/340: Bad remote packets crash gdb
Date: Mon, 4 Feb 2002 22:26:17 -0500

 On Tue, Feb 05, 2002 at 03:17:05AM -0000, drow@mvista.com wrote:
 > 
 > >Number:         340
 > >Category:       gdb
 > >Synopsis:       Bad remote packets crash gdb
 > >Confidential:   no
 > >Severity:       serious
 > >Priority:       medium
 > >Responsible:    unassigned
 > >State:          open
 > >Class:          sw-bug
 > >Submitter-Id:   net
 > >Arrival-Date:   Mon Feb 04 19:18:01 PST 2002
 > >Closed-Date:
 > >Last-Modified:
 > >Originator:     drow@mvista.com
 > >Release:        CVS 2002-02-04
 > >Organization:
 > >Environment:
 > 
 > >Description:
 > In remote.c, packet_reg_from_* can return NULL.  This is
 > detected, and warnings are issued, but then we attempt to
 > dereference it immediately anyway.
 > 
 > I'm not sure what we should do to abort properly.
 
 Right, more information.  I can't provide a testcase - it only showed
 up with my broken gdbserver.  The debug output looked like this:
 
 (gdb) ta re :1234
 Remote debugging using :1234
 Sending packet: $Hc-1#09...Ack
 Packet received: OK
 Sending packet: $qC#b4...Ack
 Packet received:
 Sending packet: $qOffsets#4b...Ack
 Packet received:
 Sending packet: $?#3f...Ack
 Packet received: T0505:000000002b0000002b00000000000000000000000b000000001f004023000000;04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;
 warning: Remote register badly formatted: T0505:000000002b0000002b00000000000000000000000b000000001f004023000000;04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;
 warning:             here: b0000002b00000000000000000000000b000000001f004023000000;04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;
 warning: Malformed packet(b) (missing colon): 04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;
 Packet: 'T0505:000000002b0000002b00000000000000000000000b000000001f004023000000;04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;'
 
 warning: Remote sent bad register number 7fffffff: 04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;
 Packet: 'T0505:000000002b0000002b00000000000000000000000b000000001f004023000000;04:000000002b0000002b00000000000000000000000b000000001f004023000000;08:000000002b0000002b00000000000000000000000b000000001f004023000000;'
 
 zsh: segmentation fault (core dumped)  ../gdb ./gdbserver
 
 The packets are far too long (gdbserver's fault).  But gdb panicked.
 
 
 -- 
 Daniel Jacobowitz                           Carnegie Mellon University
 MontaVista Software                         Debian GNU/Linux Developer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]