This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[patch] Fix a crash due to a VALUE double free
- From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- To: gdb-patches at sources dot redhat dot com
- Date: Mon, 7 Jul 2008 23:18:19 +0200
- Subject: [patch] Fix a crash due to a VALUE double free
Hi,
it crashes if you call an inferior function right after a watchpoint hit.
Bugreported with a reproducer by Jakub Jelinek.
Regards,
Jan
gdb/
2008-07-07 Jan Kratochvil <jan.kratochvil@redhat.com>
* breakpoint.c (bpstat_copy): Call RELEASE_VALUE on the new OLD_VAL.
gdb/testsuite/
2008-07-07 Jan Kratochvil <jan.kratochvil@redhat.com>
* gdb.base/value-double-free.exp, gdb.base/value-double-free.c: New.
--- gdb/breakpoint.c 28 Jun 2008 09:42:15 -0000 1.327
+++ gdb/breakpoint.c 7 Jul 2008 21:12:14 -0000
@@ -1996,7 +1996,10 @@ bpstat_copy (bpstat bs)
if (bs->commands != NULL)
tmp->commands = copy_command_lines (bs->commands);
if (bs->old_val != NULL)
- tmp->old_val = value_copy (bs->old_val);
+ {
+ tmp->old_val = value_copy (bs->old_val);
+ release_value (tmp->old_val);
+ }
if (p == NULL)
/* This is the first thing in the chain. */
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gdb/testsuite/gdb.base/value-double-free.c 7 Jul 2008 21:12:17 -0000
@@ -0,0 +1,36 @@
+/* This testcase is part of GDB, the GNU debugger.
+
+ Copyright 2008 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ Please email any bugs, comments, and/or additions to this file to:
+ bug-gdb@prep.ai.mit.edu */
+
+volatile int var;
+
+void
+empty (void)
+{
+}
+
+int
+main (void)
+{
+ var = 1;
+ /* Workaround PR 38: We may miss the first watchpoint hit as we stop on the
+ exact instruction which would cause the watchpoint hit. */
+ var = 2;
+ return 0;
+}
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gdb/testsuite/gdb.base/value-double-free.exp 7 Jul 2008 21:12:17 -0000
@@ -0,0 +1,38 @@
+# Copyright 2008 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set testfile value-double-free
+set srcfile ${testfile}.c
+set binfile ${objdir}/${subdir}/${testfile}
+if { [gdb_compile "${srcdir}/${subdir}/${srcfile}" "${binfile}" executable {debug}] != "" } {
+ untested "Couldn't compile test program"
+ return -1
+}
+
+# Get things started.
+
+gdb_exit
+gdb_start
+gdb_reinitialize_dir $srcdir/$subdir
+gdb_load ${binfile}
+
+if ![runto_main] {
+ return -1
+}
+gdb_test "watch var" "atchpoint \[0-9\]+: var"
+gdb_test "continue" "atchpoint \[0-9\]+: var.*Old value = 0.*New value = \[12\].*"
+gdb_test "print empty()" " = void"
+# We did segfault here.
+gdb_test "help help"