$ ./gdb/gdbserver/gdbserver localhost:1201 /usr/bin/look                                                                                
warning: Found custom handler for signal 8 (Floating point exception) preinstalled.
warning: Found custom handler for signal 10 (Bus error) preinstalled.
warning: Found custom handler for signal 11 (Segmentation fault) preinstalled.
Some signal dispositions inherited from the environment (SIG_DFL/SIG_IGN)
won't be propagated to spawned programs.
DEBUG(netbsd): netbsd_create_inferior ()
args: 
DEBUG(netbsd): [3028] PTRACE (PT_TRACE_ME, pid=0, addr=0x0, data=0)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): Registering thread (pid=3028, lwpid=1)

DEBUG(netbsd): netbsd_wait (pid = -1, )
DEBUG(netbsd): [2672] PTRACE (PT_GET_SIGINFO, pid=3028, addr=0x7f7fffffc910, data=0x88)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd):           -> (pid=3028, status->kind = TARGET_WAITKIND_EXECD)
DEBUG(netbsd): [2672] PTRACE (PT_LWPINFO, pid=3028, addr=0x7f7fffffd360, data=0x8)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): [2672] PTRACE (PT_CLEARSTEP, pid=3028, addr=0x0, data=0x1)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): [2672] PTRACE (PT_RESUME, pid=3028, addr=0x0, data=0x1)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): [2672] PTRACE (PT_LWPINFO, pid=3028, addr=0x7f7fffffd360, data=0x8)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): [2672] PTRACE (PT_CONTINUE, pid=3028, addr=0x1, data=0)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd): netbsd_wait (pid = -1, )
DEBUG(netbsd): [2672] PTRACE (PT_GET_SIGINFO, pid=3028, addr=0x7f7fffffc910, data=0x88)
DEBUG(netbsd):  -> 0 (=0 errno=0)

DEBUG(netbsd):           -> (pid=3028, status->kind = TARGET_WAITKIND_EXECD)
Process /usr/bin/look created; pid = 3028
Listening on port 1201
handling possible accept event
Remote debugging from host ::1, port 65535
handling possible serial event
[getpkt: discarding char '+']
getpkt ("qSupported:multiprocess+;swbreak+;hwbreak+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+;xmlRegisters=i386");  [sending ack] 
[sent ack]
putpkt ("$PacketSize=47ff;QPassSignals+;QProgramSignals+;QStartupWithShell+;QEnvironmentHexEncoded+;QEnvironmentReset+;QEnvironmentUnset+;QSetWorkingDir+;QCatchSyscalls+;qXfer:libraries-svr4:read+;augmented-libraries-svr4-read+;qXfer:auxv:read+;qXfer:features:read+;QStartNoAckMode+;fork-events+;vfork-events+;exec-events+;qXfer:threads:read+;ConditionalBreakpoints+;BreakpointCommands+;Qbtrace:bts+;Qbtrace-conf:bts:size+;Qbtrace:pt+;Qbtrace-conf:pt:size+;Qbtrace:off+;qXfer:btrace:read+;qXfer:btrace-conf:read+;swbreak+;vContSupported+;QThreadEvents+;no-resumed+#02"); [looking for ack]
[received '+' (0x2b)]
handling possible serial event
getpkt ("vMustReplyEmpty");  [sending ack] 
[sent ack]
putpkt ("$#00"); [looking for ack]
[received '+' (0x2b)]
handling possible serial event
getpkt ("QStartNoAckMode");  [sending ack] 
[sent ack]
[noack mode enabled]
putpkt ("$OK#9a"); [noack mode]
handling possible serial event
[getpkt: discarding char '+']
getpkt ("QProgramSignals:0;1;3;4;6;7;8;9;a;b;c;d;e;f;10;11;12;13;14;15;16;17;18;19;1a;1b;1c;1d;1e;1f;20;21;22;23;24;25;26;27;28;29;2a;2b;2c;2d;2e;2f;30;31;32;33;34;35;36;37;38;39;3a;3b;3c;3d;3e;3f;40;41;42;43;44;45;46;47;48;49;4a;4b;4c;4d;4e;4f;50;51;52;53;54;55;56;57;58;59;5a;5b;5c;5d;5e;5f;60;61;62;63;64;65;66;67;68;69;6a;6b;6c;6d;6e;6f;70;71;72;73;74;75;76;77;78;79;7a;7b;7c;7d;7e;7f;80;81;82;83;84;85;86;87;88;89;8a;8b;8c;8d;8e;8f;90;91;92;93;94;95;96;97;");  [no ack sent] 
putpkt ("$OK#9a"); [noack mode]
handling possible serial event
getpkt ("Hg0");  [no ack sent] 
putpkt ("$OK#9a"); [noack mode]
handling possible serial event
getpkt ("qXfer:features:read:target.xml:0,1000");  [no ack sent] 
putpkt ("$m<?xml version="1.0"?>
<!DOCTYPE target SYSTEM "gdb-target.dtd">
<target>
<architecture>i386:x86-64</architecture>
<feature name="org.gnu.gdb.i386.core">
<flags id="i386_eflags" size="4">
  <field name="CF" start="0" end="0"/>
  <field name="" start="1" end="1"/>
  <field name="PF" start="2" end="2"/>
  <field name="AF" start="4" end="4"/>
  <field name="ZF" start="6" end="6"/>
  <field name="SF" start="7" end="7"/>
  <field name="TF" start="8" end="8"/>
  <field name="IF" start="9" end="9"/>
  <field name="DF" start="10" end="10"/>
  <field name="OF" start="11" end="11"/>
  <field name="NT" start="14" end="14"/>
  <field name="RF" start="16" end="16"/>
  <field name="VM" start="17" end="17"/>
  <field name="AC" start="18" end="18"/>
  <field name="VIF" start="19" end="19"/>
  <field name="VIP" start="20" end="20"/>
  <field name="ID" start="21" end="21"/>
</flags>
<reg name="rax" bitsize="64" type="int64" regnum="0"/>
<reg name="rbx" bitsize="64" type="int64" regnum="1"/>
<reg name="rcx" bitsize="64" type="int64" regnum="2"/>
<reg name="rdx" bitsize="64" type="int64" regnum="3"/>
<reg name="rsi" bitsize="64" type="int64" regnum="4"/>
<reg name="rdi" bitsize="64" type="int64" regnum="5"/>
<reg name="rbp" bitsize="64" type="data_ptr" regnum="6"/>
<reg name="rsp" bitsize="64" type="data_ptr" regnum="7"/>
<reg name="r8" bitsize="64" type="int64" regnum="8"/>
<reg name="r9" bitsize="64" type="int64" regnum="9"/>
<reg name="r10" bitsize="64" type="int64" regnum="10"/>
<reg name="r11" bitsize="64" type="int64" regnum="11"/>
<reg name="r12" bitsize="64" type="int64" regnum="12"/>
<reg name="r13" bitsize="64" type="int64" regnum="13"/>
<reg name="r14" bitsize="64" type="int64" regnum="14"/>
<reg name="r15" bitsize="64" type="int64" regnum="15"/>
<reg name="rip" bitsize="64" type="code_ptr" regnum="16"/>
<reg name="eflags" bitsize="32" type="i386_eflags" regnum="17"/>
<reg name="cs" bitsize="32" type="int32" regnum="18"/>
<reg name="ss" bitsize="32" type="int32" regnum="19"/>
<reg name="ds" bitsize="32" type="int32" regnum="20"/>
<reg name="es" bitsize="32" type="int32" regnum="21"/>
<reg name="fs" bitsize="32" type="int32" regnum="22"/>
<reg name="gs" bitsize="32" type="int32" regnum="23"/>
<reg name="st0" bitsize="80" type="i387_ext" regnum="24"/>
<reg name="st1" bitsize="80" type="i387_ext" regnum="25"/>
<reg name="st2" bitsize="80" type="i387_ext" regnum="26"/>
<reg name="st3" bitsize="80" type="i387_ext" regnum="27"/>
<reg name="st4" bitsize="80" type="i387_ext" regnum="28"/>
<reg name="st5" bitsize="80" type="i387_ext" regnum="29"/>
<reg name="st6" bitsize="80" type="i387_ext" regnum="30"/>
<reg name="st7" bitsize="80" type="i387_ext" regnum="31"/>
<reg name="fctrl" bitsize="32" type="int" regnum="32" group="float"/>
<reg name="fstat" bitsize="32" type="int" regnum="33" group="float"/>
<reg name="ftag" bitsize="32" type="int" regnum="34" group="float"/>
<reg name="fiseg" bitsize="32" type="int" regnum="35" group="float"/>
<reg name="fioff" bitsize="32" type="int" regnum="36" group="float"/>
<reg name="foseg" bitsize="32" type="int" regnum="37" group="float"/>
<reg name="fooff" bitsize="32" type="int" regnum="38" group="float"/>
<reg name="fop" bitsize="32" type="int" regnum="39" group="float"/>
</feature>
<feature name="org.gnu.gdb.i386.sse">
<vector id="v4f" type="ieee_single" count="4"/>
<vector id="v2d" type="ieee_double" count="2"/>
<vector id="v16i8" type="int8" count="16"/>
<vector id="v8i16" type="int16" count="8"/>
<vector id="v4i32" type="int32" count="4"/>
<vector id="v2i64" type="int64" count="2"/>
<union id="vec128">
  <field name="v4_float" type="v4f"/>
  <field name="v2_double" type="v2d"/>
  <field name="v16_int8" type="v16i8"/>
  <field name="v8_int16" type="v8i16"/>
  <field name="v4_int32" type="v4i32"/>
  <field name="v2_int64" type="v2i64"/>
  <field name="uint128" type="uint128"/>
</union>
<flags id="i386_mxcsr" size="4">
  <field name="IE" start="0" end="0"/>
  <field name="DE" start="1" end="1"/>
  <field name="ZE" start="2" end="2"/>
  <field name="OE" start="3" end="3"/>
  <field name="UE" start="4" #26"); [noack mode]
handling possible serial event
getpkt ("qXfer:features:read:target.xml:1000,1000");  [no ack sent] 
putpkt ("$lend="4"/>
  <field name="PE" start="5" end="5"/>
  <field name="DAZ" start="6" end="6"/>
  <field name="IM" start="7" end="7"/>
  <field name="DM" start="8" end="8"/>
  <field name="ZM" start="9" end="9"/>
  <field name="OM" start="10" end="10"/>
  <field name="UM" start="11" end="11"/>
  <field name="PM" start="12" end="12"/>
  <field name="FZ" start="15" end="15"/>
</flags>
<reg name="xmm0" bitsize="128" type="vec128" regnum="40"/>
<reg name="xmm1" bitsize="128" type="vec128" regnum="41"/>
<reg name="xmm2" bitsize="128" type="vec128" regnum="42"/>
<reg name="xmm3" bitsize="128" type="vec128" regnum="43"/>
<reg name="xmm4" bitsize="128" type="vec128" regnum="44"/>
<reg name="xmm5" bitsize="128" type="vec128" regnum="45"/>
<reg name="xmm6" bitsize="128" type="vec128" regnum="46"/>
<reg name="xmm7" bitsize="128" type="vec128" regnum="47"/>
<reg name="xmm8" bitsize="128" type="vec128" regnum="48"/>
<reg name="xmm9" bitsize="128" type="vec128" regnum="49"/>
<reg name="xmm10" bitsize="128" type="vec128" regnum="50"/>
<reg name="xmm11" bitsize="128" type="vec128" regnum="51"/>
<reg name="xmm12" bitsize="128" type="vec128" regnum="52"/>
<reg name="xmm13" bitsize="128" type="vec128" regnum="53"/>
<reg name="xmm14" bitsize="128" type="vec128" regnum="54"/>
<reg name="xmm15" bitsize="128" type="vec128" regnum="55"/>
<reg name="mxcsr" bitsize="32" type="i386_mxcsr" regnum="56" group="vector"/>
</feature>
</target>
#db"); [noack mode]
handling possible serial event
getpkt ("qTStatus");  [no ack sent] 
putpkt ("$#00"); [noack mode]
handling possible serial event
getpkt ("?");  [no ack sent] 
Writing resume reply for LWP 3028.1:6
=================================================================
==2672==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000000790 at pc 0x00000051518a bp 0x7f7fffffc290 sp 0x7f7fffffba50
READ of size 2 at 0x602000000790 thread T0
    #0 0x515189 in strlen /public/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:365:5
    #1 0x4773a3 in prepare_resume_reply(char*, ptid_t, target_waitstatus*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/remote-utils.c:1182:8
    #2 0x495991 in handle_status(char*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3401:4
    #3 0x485437 in process_serial_event() /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:4072:7
    #4 0x484dfd in handle_serial_event(int, void*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:4400:7
    #5 0x456e90 in handle_file_event(int) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/event-loop.c:418:12
    #6 0x455b6f in process_event() /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/event-loop.c:174:11
    #7 0x4558dc in start_event_loop() /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/event-loop.c:537:17
    #8 0x4848c0 in captured_main(int, char**) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3873:4
    #9 0x481bb4 in main /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3959:7
    #10 0x422fec in ___start (/public/binutils-gdb-netbsd/build/./gdb/gdbserver/gdbserver+0x422fec)

0x602000000790 is located 0 bytes inside of 14-byte region [0x602000000790,0x60200000079e)
freed by thread T0 here:
    #0 0x59f2cd in free /public/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:123:3
    #1 0x4df38f in void xfree<char>(char*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/../gdbsupport/common-utils.h:60:5
    #2 0x4df02e in startup_inferior(int, int, target_waitstatus*, ptid_t*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/../nat/fork-inferior.c:528:6
    #3 0x4dc8a6 in post_fork_inferior(int, char const*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/fork-child.c:110:3
    #4 0x4cdc9c in netbsd_create_inferior(char const*, std::vector<char*, std::allocator<char*> > const&) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/netbsd-low.c:357:3
    #5 0x484029 in captured_main(int, char**) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3816:7
    #6 0x481bb4 in main /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3959:7
    #7 0x422fec in ___start (/public/binutils-gdb-netbsd/build/./gdb/gdbserver/gdbserver+0x422fec)

previously allocated by thread T0 here:
    #0 0x575684 in strdup /public/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:446:3
    #1 0x4ccff4 in xstrdup /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/utils.c:46:15
    #2 0x4d6ba3 in netbsd_wait_1(ptid_t, target_waitstatus*, int) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/netbsd-low.c:662:49
    #3 0x4cf690 in netbsd_wait(ptid_t, target_waitstatus*, int) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/netbsd-low.c:763:14
    #4 0x4a2907 in target_wait(ptid_t, target_waitstatus*, int) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/target.c:243:10
    #5 0x4deb49 in startup_inferior(int, int, target_waitstatus*, ptid_t*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/../nat/fork-inferior.c:485:20
    #6 0x4dc8a6 in post_fork_inferior(int, char const*) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/fork-child.c:110:3
    #7 0x4cdc9c in netbsd_create_inferior(char const*, std::vector<char*, std::allocator<char*> > const&) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/netbsd-low.c:357:3
    #8 0x484029 in captured_main(int, char**) /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3816:7
    #9 0x481bb4 in main /public/binutils-gdb-netbsd/build/gdb/gdbserver/../../../gdb/gdbserver/server.c:3959:7
    #10 0x422fec in ___start (/public/binutils-gdb-netbsd/build/./gdb/gdbserver/gdbserver+0x422fec)

SUMMARY: AddressSanitizer: heap-use-after-free /public/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:365:5 in strlen
Shadow bytes around the buggy address:
  0x4c04000000a0: fa fa 00 02 fa fa 00 07 fa fa 00 03 fa fa 00 03
  0x4c04000000b0: fa fa 00 06 fa fa fd fa fa fa 00 04 fa fa fd fa
  0x4c04000000c0: fa fa 00 fa fa fa fd fa fa fa fd fd fa fa 00 00
  0x4c04000000d0: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fd
  0x4c04000000e0: fa fa fd fd fa fa 00 06 fa fa 00 fa fa fa fd fd
=>0x4c04000000f0: fa fa[fd]fd fa fa fd fd fa fa fd fd fa fa fd fa
  0x4c0400000100: fa fa 00 06 fa fa fd fd fa fa fd fd fa fa fd fd
  0x4c0400000110: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x4c0400000120: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x4c0400000130: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fd
  0x4c0400000140: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==2672==ABORTING
[ 207.3909835] sorry, pid 3028 was killed: orphaned traced process




$ ./gdb/gdb 
warning: Found custom handler for signal 8 (Floating point exception) preinstalled.
warning: Found custom handler for signal 10 (Bus error) preinstalled.
warning: Found custom handler for signal 11 (Segmentation fault) preinstalled.
Some signal dispositions inherited from the environment (SIG_DFL/SIG_IGN)
won't be propagated to spawned programs.
_initialize_infrun() ../../gdb/infrun.c:9168 inferior_ptid=(0, 0, 0)
GNU gdb (GDB) 8.3.50.20190716-git
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-unknown-netbsd8.99".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
(gdb) target remote localhost:1201
Remote debugging using localhost:1201
close() ../../gdb/remote.c:4019 inferior_ptid=(0, 0, 0)
Remote connection closed


commit 9da4d81367176eb27dc1e0a4940a5faf1f8b0a6e
Author: Kamil Rytarowski <n54@gmx.com>
Date:   Tue Jul 23 04:58:09 2019 +0200

    fix

diff --git a/gdb/nat/fork-inferior.c b/gdb/nat/fork-inferior.c
index 68b51aa814..7ce5630252 100644
--- a/gdb/nat/fork-inferior.c
+++ b/gdb/nat/fork-inferior.c
@@ -525,7 +525,7 @@ startup_inferior (pid_t pid, int ntraps,
 
          case TARGET_WAITKIND_EXECD:
            /* Handle EXEC signals as if they were SIGTRAP signals.  */
-           xfree (ws.value.execd_pathname);
+//         xfree (ws.value.execd_pathname);
            resume_signal = GDB_SIGNAL_TRAP;
            switch_to_thread (event_ptid);
            break;