This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug server/21321] New: AddressSanitizer: heap-use-after-free in gdbserver/linux-low.c
- From: "qiyao at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: Tue, 28 Mar 2017 11:46:23 +0000
- Subject: [Bug server/21321] New: AddressSanitizer: heap-use-after-free in gdbserver/linux-low.c
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=21321
Bug ID: 21321
Summary: AddressSanitizer: heap-use-after-free in
gdbserver/linux-low.c
Product: gdb
Version: HEAD
Status: NEW
Severity: normal
Priority: P2
Component: server
Assignee: unassigned at sourceware dot org
Reporter: qiyao at gcc dot gnu.org
Target Milestone: ---
I build GDBserver with CXXFLAGS='-O0 -g3 -fsanitize=address', and run GDB tests
with GDBserver like this,
$ make check RUNTESTFLAGS="--target_board='native-gdbserver'
process-dies-while-detaching.exp"
I get the asan error,
(gdb) FAIL: gdb.threads/process-dies-while-detaching.exp: single-process:
continue: killed outside: continue
Remote debugging from host 127.0.0.1^M
=================================================================^M
^[[1m^[[31m==26184==ERROR: AddressSanitizer: heap-use-after-free on address
0x611000020b10 at pc 0x48026c bp 0x7fff34b15a20 sp 0x7fff34b15a18^M
^[[1m^[[0m^[[1m^[[34mWRITE of size 4 at 0x611000020b10 thread T0^[[1m^[[0m^M
#0 0x48026b in linux_wait_1
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:3845^M
#1 0x4811ea in linux_wait
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:3990^M
#2 0x453fea in target_wait(ptid, target_waitstatus*, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/target.c:268^M
#3 0x453a8a in mywait(ptid, target_waitstatus*, int, int)
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/target.c:214^M
#4 0x44b53b in resume
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/server.c:2786^M
.......
^M
^[[1m^[[32m0x611000020b10 is located 80 bytes inside of 216-byte region
[0x611000020ac0,0x611000020b98)^M
^[[1m^[[0m^[[1m^[[35mfreed by thread T0 here:^[[1m^[[0m^M
#0 0x2b1500432631 in __interceptor_free
(/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54631)^M
#1 0x4722e8 in delete_lwp
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:415^M
#2 0x47a7ed in linux_low_filter_event
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:2504^M
#3 0x47bdc0 in linux_wait_for_event_filtered
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:2800^M
#4 0x481c1f in wait_for_sigstop
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:4150^M
#5 0x482660 in stop_all_lwps
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:4287^M
#6 0x48018b in linux_wait_1
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:3813^M
#7 0x4811ea in linux_wait
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:3990^M
...^M
^[[1m^[[35mpreviously allocated by thread T0 here:^[[1m^[[0m^M
#0 0x2b15004329a1 in __interceptor_calloc
(/usr/lib/x86_64-linux-gnu/libasan.so.1+0x549a1)^M
#1 0x4147b6 in xcalloc
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/../common/common-utils.c:83^M
#2 0x4748c0 in add_lwp
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:937^M
#3 0x4731a3 in handle_extended_wait
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:624^M
#4 0x47ac69 in linux_low_filter_event
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:2568^M
#5 0x47bdc0 in linux_wait_for_event_filtered
/home/yao/SourceCode/gnu/gdb/git/gdb/gdbserver/linux-low.c:2800^.
--
You are receiving this mail because:
You are on the CC list for the bug.