This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch] Fix a crash due to a VALUE double free
- From: Luis Machado <luisgpm at linux dot vnet dot ibm dot com>
- To: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- Cc: gdb-patches at sources dot redhat dot com
- Date: Mon, 14 Jul 2008 12:11:56 -0300
- Subject: Re: [patch] Fix a crash due to a VALUE double free
- References: <20080707211819.GA26204@host0.dyn.jankratochvil.net>
- Reply-to: luisgpm at linux dot vnet dot ibm dot com
Hi Jan,
This testcase is currently failing for PPC64.
Running /home/luis/src/gdb/gdb-head/HEAD/gdb/testsuite/gdb.base/value-double-free.exp ...
FAIL: gdb.base/value-double-free.exp: continue
FAIL: gdb.base/value-double-free.exp: print empty()
More complete log:
(gdb) run ^M
Starting
program: /home/luis/builds/gdb-head/DFP/gdb/testsuite/gdb.base/value-double-free ^M
^M
Breakpoint 1, main ()
at /home/luis/src/gdb/gdb-head/HEAD/gdb/testsuite/gdb.base/value-double-free.c:31^M
31 var = 1;^M
(gdb) watch var^M
Hardware watchpoint 2: var^M
(gdb) PASS: gdb.base/value-double-free.exp: watch var
continue^M
Continuing.^M
Target is executing.^M
(gdb) FAIL: gdb.base/value-double-free.exp: continue
print empty()^M
Target is executing.^M
(gdb) FAIL: gdb.base/value-double-free.exp: print empty()
help help^M
Print list of commands.^M
(gdb) PASS: gdb.base/value-double-free.exp: help help
testcase /home/luis/src/gdb/gdb-head/HEAD/gdb/testsuite/gdb.base/value-double-free.exp completed in 1 seconds
On Mon, 2008-07-07 at 23:18 +0200, Jan Kratochvil wrote:
> Hi,
>
> it crashes if you call an inferior function right after a watchpoint hit.
>
> Bugreported with a reproducer by Jakub Jelinek.
>
>
> Regards,
> Jan
> plain text document attachment (gdb-value-double-free.patch)
> gdb/
> 2008-07-07 Jan Kratochvil <jan.kratochvil@redhat.com>
>
> * breakpoint.c (bpstat_copy): Call RELEASE_VALUE on the new OLD_VAL.
>
> gdb/testsuite/
> 2008-07-07 Jan Kratochvil <jan.kratochvil@redhat.com>
>
> * gdb.base/value-double-free.exp, gdb.base/value-double-free.c: New.
>
> --- gdb/breakpoint.c 28 Jun 2008 09:42:15 -0000 1.327
> +++ gdb/breakpoint.c 7 Jul 2008 21:12:14 -0000
> @@ -1996,7 +1996,10 @@ bpstat_copy (bpstat bs)
> if (bs->commands != NULL)
> tmp->commands = copy_command_lines (bs->commands);
> if (bs->old_val != NULL)
> - tmp->old_val = value_copy (bs->old_val);
> + {
> + tmp->old_val = value_copy (bs->old_val);
> + release_value (tmp->old_val);
> + }
>
> if (p == NULL)
> /* This is the first thing in the chain. */
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ gdb/testsuite/gdb.base/value-double-free.c 7 Jul 2008 21:12:17 -0000
> @@ -0,0 +1,36 @@
> +/* This testcase is part of GDB, the GNU debugger.
> +
> + Copyright 2008 Free Software Foundation, Inc.
> +
> + This program is free software; you can redistribute it and/or modify
> + it under the terms of the GNU General Public License as published by
> + the Free Software Foundation; either version 3 of the License, or
> + (at your option) any later version.
> +
> + This program is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + GNU General Public License for more details.
> +
> + You should have received a copy of the GNU General Public License
> + along with this program. If not, see <http://www.gnu.org/licenses/>.
> +
> + Please email any bugs, comments, and/or additions to this file to:
> + bug-gdb@prep.ai.mit.edu */
> +
> +volatile int var;
> +
> +void
> +empty (void)
> +{
> +}
> +
> +int
> +main (void)
> +{
> + var = 1;
> + /* Workaround PR 38: We may miss the first watchpoint hit as we stop on the
> + exact instruction which would cause the watchpoint hit. */
> + var = 2;
> + return 0;
> +}
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ gdb/testsuite/gdb.base/value-double-free.exp 7 Jul 2008 21:12:17 -0000
> @@ -0,0 +1,38 @@
> +# Copyright 2008 Free Software Foundation, Inc.
> +
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 3 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +
> +set testfile value-double-free
> +set srcfile ${testfile}.c
> +set binfile ${objdir}/${subdir}/${testfile}
> +if { [gdb_compile "${srcdir}/${subdir}/${srcfile}" "${binfile}" executable {debug}] != "" } {
> + untested "Couldn't compile test program"
> + return -1
> +}
> +
> +# Get things started.
> +
> +gdb_exit
> +gdb_start
> +gdb_reinitialize_dir $srcdir/$subdir
> +gdb_load ${binfile}
> +
> +if ![runto_main] {
> + return -1
> +}
> +gdb_test "watch var" "atchpoint \[0-9\]+: var"
> +gdb_test "continue" "atchpoint \[0-9\]+: var.*Old value = 0.*New value = \[12\].*"
> +gdb_test "print empty()" " = void"
> +# We did segfault here.
> +gdb_test "help help"
--
Luis Machado
Software Engineer
IBM Linux Technology Center