This is the mail archive of the gdb-prs@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug gdb/15714] New: gdb 7.5 crash with a double-free when trying to attach to a daemon


http://sourceware.org/bugzilla/show_bug.cgi?id=15714

            Bug ID: 15714
           Summary: gdb 7.5 crash with a double-free when trying to attach
                    to a daemon
           Product: gdb
           Version: 7.5
            Status: NEW
          Severity: minor
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: devillers.nicolas at gmail dot com

I'm having a crash with double-free detected by glibc when trying to attach to
the pid of a running daemon in gdb 7.5 as shipped with ubuntu x86.

Ubuntu is in version 12.10, kernel 3.5.0-17-generic

my gdb is using .gdbinit from http://reverse.put.as revision 8.0.3 (21/03/2013)
futhermore it's including last version of peda as taken from
https://github.com/longld/peda, by just adding source ~/peda/peda.py at the end
of the .gdbinit

Here is the stacktrace :

nicolas@nicolas-VirtualBox:~$ sudo gdb --pid 13442  
GNU gdb (GDB) 7.5-ubuntu
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.

warning: not using untrusted file "/home/nicolas/.gdbinit"
*** glibc detected *** gdb: double free or corruption (!prev): 0x08653f40 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x75ee2)[0xb7ab7ee2]
/lib/i386-linux-gnu/libc.so.6(fclose+0x154)[0xb7aa7424]
gdb[0x82b2475]
gdb[0x816f576]
gdb(do_cleanups+0x19)[0x816f5d1]
gdb[0x80f43e4]
gdb(source_script+0x20)[0x80f4437]
gdb(catch_command_errors+0x42)[0x81d4a7f]
gdb[0x81d6fcb]
gdb(catch_errors+0x4c)[0x81d49a9]
gdb(gdb_main+0x34)[0x81d752a]
gdb(main+0x4f)[0x80880eb]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb7a5b4d3]
gdb[0x8087fd1]
======= Memory map: ========
08048000-0852b000 r-xp 00000000 08:01 268141     /usr/bin/gdb
0852b000-0852c000 r--p 004e2000 08:01 268141     /usr/bin/gdb
0852c000-08536000 rw-p 004e3000 08:01 268141     /usr/bin/gdb
08536000-08673000 rw-p 00000000 00:00 0          [heap]
b7733000-b7777000 rw-p 00000000 00:00 0 
b7777000-b779c000 r--p 00000000 08:01 42090     
/usr/share/locale-langpack/fr/LC_MESSAGES/libc.mo
b779c000-b781e000 rw-p 00000000 00:00 0 
b781e000-b7a1e000 r--p 00000000 08:01 402149     /usr/lib/locale/locale-archive
b7a1e000-b7a20000 rw-p 00000000 00:00 0 
b7a20000-b7a3c000 r-xp 00000000 08:01 262876    
/lib/i386-linux-gnu/libgcc_s.so.1
b7a3c000-b7a3d000 r--p 0001b000 08:01 262876    
/lib/i386-linux-gnu/libgcc_s.so.1
b7a3d000-b7a3e000 rw-p 0001c000 08:01 262876    
/lib/i386-linux-gnu/libgcc_s.so.1
b7a3e000-b7a40000 r-xp 00000000 08:01 268964    
/lib/i386-linux-gnu/libutil-2.15.so
b7a40000-b7a41000 r--p 00001000 08:01 268964    
/lib/i386-linux-gnu/libutil-2.15.so
b7a41000-b7a42000 rw-p 00002000 08:01 268964    
/lib/i386-linux-gnu/libutil-2.15.so
b7a42000-b7be5000 r-xp 00000000 08:01 268327    
/lib/i386-linux-gnu/libc-2.15.so
b7be5000-b7be6000 ---p 001a3000 08:01 268327    
/lib/i386-linux-gnu/libc-2.15.so
b7be6000-b7be8000 r--p 001a3000 08:01 268327    
/lib/i386-linux-gnu/libc-2.15.so
b7be8000-b7be9000 rw-p 001a5000 08:01 268327    
/lib/i386-linux-gnu/libc-2.15.so
b7be9000-b7bec000 rw-p 00000000 00:00 0 
b7bec000-b7c11000 r-xp 00000000 08:01 262871    
/lib/i386-linux-gnu/libexpat.so.1.6.0
b7c11000-b7c13000 r--p 00025000 08:01 262871    
/lib/i386-linux-gnu/libexpat.so.1.6.0
b7c13000-b7c14000 rw-p 00027000 08:01 262871    
/lib/i386-linux-gnu/libexpat.so.1.6.0
b7c14000-b7e7c000 r-xp 00000000 08:01 394926     /usr/lib/libpython2.7.so.1.0
b7e7c000-b7e7d000 ---p 00268000 08:01 394926     /usr/lib/libpython2.7.so.1.0
b7e7d000-b7e7e000 r--p 00268000 08:01 394926     /usr/lib/libpython2.7.so.1.0
b7e7e000-b7ed4000 rw-p 00269000 08:01 394926     /usr/lib/libpython2.7.so.1.0
b7ed4000-b7ee1000 rw-p 00000000 00:00 0 
b7ee1000-b7ef8000 r-xp 00000000 08:01 304503    
/lib/i386-linux-gnu/libpthread-2.15.so
b7ef8000-b7ef9000 r--p 00016000 08:01 304503    
/lib/i386-linux-gnu/libpthread-2.15.so
b7ef9000-b7efa000 rw-p 00017000 08:01 304503    
/lib/i386-linux-gnu/libpthread-2.15.so
b7efa000-b7efc000 rw-p 00000000 00:00 0 
b7efc000-b7f26000 r-xp 00000000 08:01 304757    
/lib/i386-linux-gnu/libm-2.15.so
b7f26000-b7f27000 r--p 00029000 08:01 304757    
/lib/i386-linux-gnu/libm-2.15.so
b7f27000-b7f28000 rw-p 0002a000 08:01 304757    
/lib/i386-linux-gnu/libm-2.15.so
b7f28000-b7f3f000 r-xp 00000000 08:01 262985    
/lib/i386-linux-gnu/libz.so.1.2.7
b7f3f000-b7f40000 r--p 00016000 08:01 262985    
/lib/i386-linux-gnu/libz.so.1.2.7
b7f40000-b7f41000 rw-p 00017000 08:01 262985    
/lib/i386-linux-gnu/libz.so.1.2.7
b7f41000-b7f5d000 r-xp 00000000 08:01 262968    
/lib/i386-linux-gnu/libtinfo.so.5.9
b7f5d000-b7f5f000 r--p 0001b000 08:01 262968    
/lib/i386-linux-gnu/libtinfo.so.5.9
b7f5f000-b7f60000 rw-p 0001d000 08:01 262968    
/lib/i386-linux-gnu/libtinfo.so.5.9
b7f60000-b7f80000 r-xp 00000000 08:01 262899    
/lib/i386-linux-gnu/libncurses.so.5.9
b7f80000-b7f81000 r--p 0001f000 08:01 262899    
/lib/i386-linux-gnu/libncurses.so.5.9
b7f81000-b7f82000 rw-p 00020000 08:01 262899    
/lib/i386-linux-gnu/libncurses.so.5.9
b7f82000-b7f83000 rw-p 00000000 00:00 0 
b7f83000-b7f86000 r-xp 00000000 08:01 269144    
/lib/i386-linux-gnu/libdl-2.15.so
b7f86000-b7f87000 r--p 00002000 08:01 269144    
/lib/i386-linux-gnu/libdl-2.15.so
b7f87000-b7f88000 rw-p 00003000 08:01 269144    
/lib/i386-linux-gnu/libdl-2.15.so
b7f88000-b7fbd000 r-xp 00000000 08:01 262952    
/lib/i386-linux-gnu/libreadline.so.6.2
b7fbd000-b7fbe000 r--p 00035000 08:01 262952    
/lib/i386-linux-gnu/libreadline.so.6.2
b7fbe000-b7fc1000 rw-p 00036000 08:01 262952    
/lib/i386-linux-gnu/libreadline.so.6.2
b7fc1000-b7fc2000 rw-p 00000000 00:00 0 
b7fcd000-b7fd4000 r--s 00000000 08:01 393861    
/usr/lib/i386-linux-gnu/gconv/gconv-modules.cache
b7fd4000-b7fda000 r--p 00000000 08:01 42177     
/usr/share/locale-langpack/fr/LC_MESSAGES/gdb.mo
b7fda000-b7fdb000 r--p 00858000 08:01 402149     /usr/lib/locale/locale-archive
b7fdb000-b7fdd000 rw-p 00000000 00:00 0 
b7fdd000-b7fde000 r-xp 00000000 00:00 0          [vdso]
b7fde000-b7ffe000 r-xp 00000000 08:01 307500     /lib/i386-linux-gnu/ld-2.15.so
b7ffe000-b7fff000 r--p 0001f000 08:01 307500     /lib/i386-linux-gnu/ld-2.15.so
b7fff000-b8000000 rw-p 00020000 08:01 307500     /lib/i386-linux-gnu/ld-2.15.so
bffdf000-c0000000 rw-p 00000000 00:00 0          [stack]


I'm able to reproduce this bug by trying to attach to any running process.
However, I'm not able to reproduce it with gdb-7.6 compiled from the source.

I didn't find a related fix in the changelog so I'm really sorry if this is
something already fixed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]