This is the mail archive of the gdb-prs@sources.redhat.com mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

gdb/417: GDB crashes when source path has few links



>Number:         417
>Category:       gdb
>Synopsis:       GDB crashes when source path has few links
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Mar 14 01:58:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     veksler@il.ibm.com
>Release:        gdb 5.1.90_20020313
>Organization:
>Environment:
Linux: RedHat-7.0, 
Kernel-2.2.16-22.c4eb,
glibc-2.2-9
>Description:
Sometimes gdb crashes when it tries to display sources.

open_source_file() calls openp() which assumes that if open() succeeds so does canonicalize_file_name(). After openp() succeeded to open the file, open_source_file() assumes that it has a canonic file name. But this assumption is incorrect.

Here is why success of open_source_file() and open() is not related:
Linux limits recursive symlinks to 5 (a->b->c->d->e).
Linux-2.2 does not limit num of consecutive sym-links.
Linux-2.4 the limit for consecutive links is 40.

On the other hand, glibc's canonicalize_file_name limits all kinds of symlinks (consecutive and recursive)to MAXSYMLINKS (it's 5 in glibc-2.2, and is 20 in glibc-2.2.4).

This means that in glibc-2.2.4 it is possible to have open fail on a->b->c->d->e->f, and get canonicalize_file_name() to succeed.
This also means that in glibc-2.2 for "mkdir t ; cd t ; ln -s ../t", open("t/t/t/t/t/t/t/t") succeeds while canonicalize_file_name fails.


>How-To-Repeat:
mkdir t ; cd t ; ln -s ../t
echo "int main() {}" > test.c
gcc -g t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/test.c
gdb a.out
(gdb) b main
(gdb) r
Starting program: /home2/veksler/a.out 
Breakpoint 1, main (argc=1, argv=0x7ffff3f4)
    at t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/t/test.c:9
Segmentation fault (core dumped)
>Fix:
Work-around: use cannonic paths when compiling, to avoid links (especially with glibc-2.2).

Fix:
--- gdb+dejagnu-5.1.90_20020313/gdb/utils.c.orig        Thu Mar 14 10:06:02 2002
+++ gdb+dejagnu-5.1.90_20020313/gdb/utils.c     Thu Mar 14 10:07:56 2002
@@ -2533,7 +2533,8 @@
 gdb_realpath (const char *filename)
 {
 #ifdef HAVE_CANONICALIZE_FILE_NAME
-  return canonicalize_file_name (filename);
+  char *canonic= canonicalize_file_name (filename);
+  return (canonic ? canonic : xstrdup(filename));
 #elif defined (HAVE_REALPATH)
 #if defined (PATH_MAX)
   char buf[PATH_MAX];
>Release-Note:
>Audit-Trail:
>Unformatted:


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]