Bug 10884 - division by zero in value.c:1892
Summary: division by zero in value.c:1892
Status: RESOLVED FIXED
Alias: None
Product: gdb
Classification: Unclassified
Component: gdb (show other bugs)
Version: 7.0
: P2 critical
Target Milestone: 7.1
Assignee: Not yet assigned to anyone
URL:
Keywords:
: 10758 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-11-02 08:41 UTC by Andre'
Modified: 2009-12-21 09:53 UTC (History)
2 users (show)

See Also:
Host: i686-pc-linux-gnu
Target: i686-pc-linux-gnu
Build: i686-pc-linux-gnu
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andre' 2009-11-02 08:41:30 UTC 
I keep getting a division by zero with the following backtrace:


Program received signal SIGFPE, Arithmetic exception.
[Switching to Thread 0xb7ab68d0 (LWP 3375)]
0x08130839 in value_primitive_field (arg1=0xa812a18, offset=0, fieldno=4, 
    arg_type=0x90007c0) at value.c:1892
1892          if ((bitpos % container_bitsize) + v->bitsize <= container_bitsize


#0  0x08130839 in value_primitive_field (arg1=0xa812a18, offset=0, fieldno=4, 
    arg_type=0x90007c0) at value.c:1892
        bitpos = 128
        container_bitsize = 0
        v = (struct value *) 0xaa554b0
        type = (struct type *) 0x9000844
#1  0x081ddf41 in value_struct_element_index (value=0xa812a18, type_index=4)
    at varobj.c:2747
        result = (struct value *) 0x0
        e = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
        type = (struct type *) 0x90007c0
        __PRETTY_FUNCTION__ = "value_struct_element_index"
#2  0x081de6c0 in cplus_describe_child (parent=<value optimized out>, index=-1, 
    cname=0x0, cvalue=0xbfd5eae4, ctype=0x0, cfull_expression=0x0) at varobj.c:3222
        type_index = 4
        acc = <value optimized out>andre.poenitz@nokia.com
        join = 0x82fea65 "."
        value = (struct value *) 0xa812a18
        type = (struct type *) 0x90007c0
        was_ptr = 0
        parent_expression = 0x0
        __PRETTY_FUNCTION__ = "cplus_describe_child"
#3  0x081de7d0 in cplus_value_of_child (parent=0xaa553c0, index=4) at varobj.c:3344
        value = (struct value *) 0x0
#4  0x081e1b50 in varobj_list_children (var=0xaa553c0, from=0xbfd5eb58, 
    to=0xbfd5eb54) at varobj.c:2429
        existing = <value optimized out>
        name = 0xaa55600 "sharable"
        i = 4
        children_changed = 2300
#5  0x080f2dab in mi_cmd_var_list_children (command=0xab318d8 "var-list-children", 
    argv=0xab3bc38, argc=2) at ./mi/mi-cmd-var.c:423
        var = (struct varobj *) 0xaa553c0
        children = <value optimized out>
        child = <value optimized out>
        print_values = <value optimized out>
        ix = <value optimized out>
        from = -1
        to = -1
        display_hint = <value optimized out>
#6  0x080f6523 in captured_mi_execute_command (uiout=0x8b6ab40, data=0x9f55918)
    at ./mi/mi-main.c:1388
        cleanup = (struct cleanup *) 0x0
#7  0x081713ca in catch_exception (uiout=0x8b6ab40, 
    func=0x80f63e0 <captured_mi_execute_command>, func_args=0x9f55918, mask=6)
    at exceptions.c:462
        exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#8  0x080f608b in mi_execute_command (
    cmd=0xab31b78 "116-var-list-children --all-values \"local.list.@.d.*.public\"", 
    from_tty=1) at ./mi/mi-main.c:1288
        result = {reason = 80, error = 179510136, sage = 0xbfd5ec38
"X&#65533;&#65533;\004i\027\bx\033&#65533;\n"}
        previous_ptid = {pid = 3377, lwp = 3377, tid = 0}
        command = (struct mi_parse *) 0x9f55918
#9  0x080f5006 in mi_execute_command_wrapper (
    cmd=0xab31b78 "116-var-list-children --all-values \"local.list.@.d.*.public\"")
    at ./mi/mi-interp.c:251
No locals.
#10 0x08176904 in handle_file_event (data={ptr = 0x0, integer = 0})
    at event-loop.c:812
        file_ptr = (file_handler *) 0x8bd5c00
        mask = <value optimized out>
        error_mask_returned = 0
#11 0x081760cb in process_event () at event-loop.c:394
        event_ptr = <value optimized out>
        proc = (event_handler_func *) 0x8176880 <handle_file_event>
        data = {ptr = 0x0, integer = 0}
#12 0x08176fe4 in gdb_do_one_event (data=0x0) at event-loop.c:459
        current = 3
        event_source_head = 0
#13 0x0817119b in catch_errors (func=0x8176d90 <gdb_do_one_event>, func_args=0x0, 
    errstring=0x82dc69d "", mask=6) at exceptions.c:510
        val = 0
        exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#14 0x0817683c in start_event_loop () at event-loop.c:483
        gdb_result = 128
#15 0x0808e97b in captured_command_loop (data=0x0) at ./main.c:226
No locals.
#16 0x0817119b in catch_errors (func=0x808e970 <captured_command_loop>, 
    func_args=0x0, errstring=0x82dc69d "", mask=6) at exceptions.c:510
        val = 0
        exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#17 0x0808f5ec in captured_main (data=0xbfd5ee24) at ./main.c:902
        argc = 4
        ...
#18 0x0817119b in catch_errors (func=0x808eaf0 <captured_main>, 
    func_args=0xbfd5ee24, errstring=0x82dc69d "", mask=6) at exceptions.c:510
        val = 0
        exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#19 0x0808e8b1 in gdb_main (args=0xbfd5ee24) at ./main.c:911
No locals.
#20 0x0808e875 in main (argc=Cannot access memory at address 0x1
) at gdb.c:33
        args = {argc = 4, argv = 0xbfd5eed4, use_windows = 0, 
  interpreter_p = 0x82cc8c8 "console"}



(gdb) p container_bitsize
$1 = 0
Comment 1 Andre' 2009-11-02 09:08:22 UTC 
The struct being examined at the time of the crash is

struct myns::QListData::Data {
    myns::QBasicAtomicInt ref;
    int alloc;
    int begin;
    int end;
    uint sharable : 1;
    void *array[1];
}
Comment 2 Andre' 2009-12-02 12:22:34 UTC 
checking for  container_bitsize (!= 0) in the same condition fixes the problem
for me without any visible side effects.
Comment 3 Tom Tromey 2009-12-02 20:35:36 UTC 
*** Bug 10758 has been marked as a duplicate of this bug. ***
Comment 4 Vladimir Prus 2009-12-18 12:42:03 UTC 
Patch posted at http://sourceware.org/ml/gdb-patches/2009-12/msg00250.html
Comment 6 Vladimir Prus 2009-12-21 09:53:07 UTC 
Fixed.
Comment 7 Sourceware Commits 2009-12-21 13:18:41 UTC 
Subject: Bug 10884

CVSROOT:	/cvs/src
Module name:	src
Branch: 	gdb_7_0-branch
Changes by:	brobecke@sourceware.org	2009-12-21 13:18:21

Modified files:
	gdb            : value.c ChangeLog 

Log message:
	PR gdb/10884
	
	* value.c (value_primitive_field): Call check_typedef
	on the type.

Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/src/gdb/value.c.diff?cvsroot=src&only_with_tag=gdb_7_0-branch&r1=1.96&r2=1.96.2.1
http://sources.redhat.com/cgi-bin/cvsweb.cgi/src/gdb/ChangeLog.diff?cvsroot=src&only_with_tag=gdb_7_0-branch&r1=1.10874.2.58&r2=1.10874.2.59
Comment 8 Sourceware Commits 2009-12-21 13:22:00 UTC 
Subject: Bug 10884

CVSROOT:	/cvs/src
Module name:	src
Branch: 	gdb_7_0-branch
Changes by:	brobecke@sourceware.org	2009-12-21 13:21:44

Modified files:
	gdb/testsuite/gdb.mi: var-cmd.c mi-var-cmd.exp 
	gdb/testsuite  : ChangeLog 

Log message:
	PR gdb/10884
	
	* gdb.mi/var-cmd.c (do_bitfield_tests): New
	(main): Call do_bitfield_tests.
	* gdb.mi/mi-var-cmd.exp: Run the 'bitfield' testcase.

Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/src/gdb/testsuite/gdb.mi/var-cmd.c.diff?cvsroot=src&only_with_tag=gdb_7_0-branch&r1=1.19&r2=1.19.4.1
http://sources.redhat.com/cgi-bin/cvsweb.cgi/src/gdb/testsuite/gdb.mi/mi-var-cmd.exp.diff?cvsroot=src&only_with_tag=gdb_7_0-branch&r1=1.45&r2=1.45.2.1
http://sources.redhat.com/cgi-bin/cvsweb.cgi/src/gdb/testsuite/ChangeLog.diff?cvsroot=src&only_with_tag=gdb_7_0-branch&r1=1.1960.2.14&r2=1.1960.2.15