This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH] Fix gdb crash with tui
- From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- To: Hui Zhu <teawater at gmail dot com>
- Cc: gdb-patches ml <gdb-patches at sourceware dot org>, Joel Brobecker <brobecker at adacore dot com>
- Date: Mon, 11 Mar 2013 20:25:21 +0100
- Subject: Re: [PATCH] Fix gdb crash with tui
- References: <CANFwon2Ko8+1eseqi4YS-xvD+b-YFvfAN1USz31eymd9WJT5hw@mail.gmail.com>
On Sat, 09 Mar 2013 15:13:34 +0100, Hui Zhu wrote:
> I got crash when I use tui. The steps to reproduce is:
> gdb gdb
> b gdb_main
> r
> Ctrl-x A change to TUI mode.
> Keep click <UP> some times.
> Keep click <Down> some times.
> Then you can get "---Type <return> to continue, or q <return> to quit---"
> Click <return>.
> Then the GDB crash.
>
> I think this issue is this part should not output "---Type <return> to
> continue, or q <return> to quit---".
The patch is really not acceptable, there may be some memory corruption which
gets only hidden by the patch.
I do not get a crash and not even that prompt. Could you provide a backtrace?
Or even to run parent GDB under valgrind?
When I ran it under valgrind I got:
==22920== Source and destination overlap in strcpy(0xefbaed0, 0xefbaed0)
==22920== at 0x4C2B322: strcpy (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22920== by 0x653E33: tui_set_source_content (tui-source.c:225)
==22920== by 0x6582C3: tui_update_source_window_as_is (tui-winsource.c:99)
==22920== by 0x658276: tui_update_source_window (tui-winsource.c:81)
==22920== by 0x654E47: tui_show_frame_info (tui-stack.c:406)
==22920== by 0x659ABF: tui_enable (tui.c:423)
With the debug hook below showing strcpy(sameptr,sameptr).
Couldn't this patch (best without the 3rd debug hunk) fix your problem?
But maybe it is really unrelated.
Thanks,
Jan
gdb/
2013-03-11 Jan Kratochvil <jan.kratochvil@redhat.com>
* tui/tui-source.c (tui_set_source_content): Allocate and free SRC_LINE
always.
diff --git a/gdb/tui/tui-source.c b/gdb/tui/tui-source.c
index e599382..41e7aa6 100644
--- a/gdb/tui/tui-source.c
+++ b/gdb/tui/tui-source.c
@@ -116,9 +116,7 @@ tui_set_source_content (struct symtab *s,
src->gdbarch = get_objfile_arch (s->objfile);
src->start_line_or_addr.loa = LOA_LINE;
cur_line_no = src->start_line_or_addr.u.line_no = line_no;
- if (offset > 0)
- src_line = (char *) xmalloc (
- (threshold + 1) * sizeof (char));
+ src_line = xmalloc (threshold + 1);
while (cur_line < nlines)
{
struct tui_win_element *element
@@ -128,10 +126,6 @@ tui_set_source_content (struct symtab *s,
/* Get the first character in the line. */
c = fgetc (stream);
- if (offset == 0)
- src_line = ((struct tui_win_element *)
- TUI_SRC_WIN->generic.content[
- cur_line])->which_element.source.line;
/* Init the line with the line number. */
sprintf (src_line, "%-6d", cur_line_no);
cur_len = strlen (src_line);
@@ -222,9 +216,20 @@ tui_set_source_content (struct symtab *s,
/* Now copy the line taking the offset into
account. */
if (strlen (src_line) > offset)
+{
+char *a=((struct tui_win_element *)
+ TUI_SRC_WIN->generic.content[cur_line])->which_element.source.line;
+char *b=&src_line[offset];
+size_t l=strlen(b)+1;
+if (a==b
+||(a<b&&a+l>b)
+||(b<a&&b+l>a)
+)
+sleep(0);
strcpy (((struct tui_win_element *)
TUI_SRC_WIN->generic.content[cur_line])->which_element.source.line,
&src_line[offset]);
+}
else
((struct tui_win_element *)
TUI_SRC_WIN->generic.content[
@@ -232,8 +237,7 @@ tui_set_source_content (struct symtab *s,
cur_line++;
cur_line_no++;
}
- if (offset > 0)
- xfree (src_line);
+ xfree (src_line);
fclose (stream);
TUI_SRC_WIN->generic.content_size = nlines;
ret = TUI_SUCCESS;