Bug 20946 - lookup_mach_via_bfd_name aborts
Summary: lookup_mach_via_bfd_name aborts
Alias: None
Product: binutils
Classification: Unclassified
Component: binutils (show other bugs)
Version: 2.28
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
Depends on:
Reported: 2016-12-07 17:16 UTC by Yao Qi
Modified: 2017-01-05 09:16 UTC (History)
1 user (show)

See Also:
Last reconfirmed:

Proposed patch (380 bytes, patch)
2017-01-04 16:54 UTC, Nick Clifton
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yao Qi 2016-12-07 17:16:40 UTC
I configured gdb with all targets enabled "--enable-targets=all --enable-64-bit-bfd --disable-binutils --disable-gprof --disable-gold --disable-gas --disable-ld".

If I change arch to "fr300", and do disassembly, lookup_mach_via_bfd_name aborts.

(gdb) set architecture fr300
The target architecture is assumed to be fr300
(gdb) disassemble 0x0,+4
Dump of assembler code from 0x0 to 0x4:
Program received signal SIGABRT, Aborted.
0x00007ffff63c3cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56	../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt 20
#0  0x00007ffff63c3cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff63c70d8 in __GI_abort () at abort.c:89
#2  0x000000000088bbad in lookup_mach_via_bfd_name (table=0x1472ee8 <frv_cgen_mach_table+168>, name=0x17afc51 "fr300")
    at /home/yao/SourceCode/gnu/gdb/git/opcodes/frv-desc.c:6176
#3  0x000000000088c2df in frv_cgen_cpu_open (arg_type=CGEN_CPU_OPEN_BFDMACH) at /home/yao/SourceCode/gnu/gdb/git/opcodes/frv-desc.c:6387
#4  0x0000000000811c72 in print_insn_frv (pc=0, info=0x7fffffffd940) at /home/yao/SourceCode/gnu/gdb/git/opcodes/frv-dis.c:784
#5  0x0000000000679e87 in gdb_pretty_print_insn (gdbarch=0x26cb970, uiout=0x21a2700, di=0x7fffffffd940, insn=0x7fffffffd850, flags=0, stb=0x26ccef0)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/disasm.c:281
#6  0x000000000067a0ae in dump_insns (gdbarch=0x26cb970, uiout=0x21a2700, di=0x7fffffffd940, low=0, high=4, how_many=-1, flags=0, stb=0x26ccef0, end_pc=0x0)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/disasm.c:347
#7  0x000000000067b3d3 in do_assembly_only (gdbarch=0x26cb970, uiout=0x21a2700, di=0x7fffffffd940, low=0, high=4, how_many=-1, flags=0, stb=0x26ccef0)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/disasm.c:789
#8  0x000000000067b67f in gdb_disassembly (gdbarch=0x26cb970, uiout=0x21a2700, file_string=0x0, flags=0, how_many=-1, low=0, high=4)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/disasm.c:855
#9  0x00000000005965bb in print_disassembly (gdbarch=0x26cb970, name=<optimised out>, low=0, high=4, flags=0)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-cmds.c:1151
#10 0x0000000000597516 in print_disassembly (flags=0, high=4, low=0, name=0x0, gdbarch=0x26cb970) at /home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-cmds.c:1140
#11 disassemble_command (arg=<optimised out>, from_tty=<optimised out>) at /home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-cmds.c:1303
#12 0x000000000059ac33 in cmd_func (cmd=0x20cb600, args=0x26becfc "0x0,+4", from_tty=1) at /home/yao/SourceCode/gnu/gdb/git/gdb/cli/cli-decode.c:1913
#13 0x000000000078a3f6 in execute_command (p=<optimised out>, p@entry=0x26becf0 "disassemble 0x0,+4", from_tty=1)
    at /home/yao/SourceCode/gnu/gdb/git/gdb/top.c:674
#14 0x00000000006b538c in command_handler (command=0x26becf0 "disassemble 0x0,+4") at /home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:550
#15 0x00000000006b5688 in command_line_handler (rl=<optimised out>) at /home/yao/SourceCode/gnu/gdb/git/gdb/event-top.c:740

... because it can't find "fr300" in frv_cgen_mach_table,

(gdb) p frv_cgen_mach_table
$1 = {{name = 0x1471cd5 "frv", bfd_name = 0x1471cd5 "frv", num = 1, insn_chunk_bitsize = 0}, {name = 0x1471cd9 "fr550", bfd_name = 0x1471cd9 "fr550", 
    num = 2, insn_chunk_bitsize = 0}, {name = 0x1471cdf "fr500", bfd_name = 0x1471cdf "fr500", num = 3, insn_chunk_bitsize = 0}, {name = 0x1471cf1 "tomcat", 
    bfd_name = 0x1471cf1 "tomcat", num = 6, insn_chunk_bitsize = 0}, {name = 0x1471ceb "fr400", bfd_name = 0x1471ceb "fr400", num = 5, 
    insn_chunk_bitsize = 0}, {name = 0x1471ce5 "fr450", bfd_name = 0x1471ce5 "fr450", num = 4, insn_chunk_bitsize = 0}, {name = 0x1471cf8 "simple", 
    bfd_name = 0x1471cf8 "simple", num = 7, insn_chunk_bitsize = 0}, {name = 0x0, bfd_name = 0x0, num = 0, insn_chunk_bitsize = 0}}
Comment 1 Nick Clifton 2017-01-04 16:54:56 UTC
Created attachment 9740 [details]
Proposed patch

Hi Yao,

  Please could you try out this patch and let me know if it works for you.

Comment 2 Yao Qi 2017-01-04 21:11:55 UTC
Hi Nick,
the patch works!

(gdb) set architecture fr300 
The target architecture is assumed to be fr300
(gdb) disassemble 0,+4
Dump of assembler code from 0x0 to 0x4:
   0x00000000:  Cannot access memory at address 0x0
Comment 3 cvs-commit@gcc.gnu.org 2017-01-05 09:13:00 UTC
The master branch has been updated by Nick Clifton <nickc@sourceware.org>:


commit 0ae60c3ef45d41b34d40ed5c7b4fdfea289530de
Author: Nick Clifton <nickc@redhat.com>
Date:   Thu Jan 5 09:11:47 2017 +0000

    Prevent an abort in the FRV disassembler if the target bfd name is unknown.
    	PR 20946
    	* frv-desc.c (lookup_mach_via_bfd_name): Return NULL if the name
    	could not be matched.
    	(frv_cgen_cpu_open): Allow for lookup_mach_via_bfd_name returning
Comment 4 Nick Clifton 2017-01-05 09:16:01 UTC
Excellent - patch applied.