This is the mail archive of the gdb-patches@sources.redhat.com mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[RFA] Copy the command lines and value when copying a bpstat.


If you try to call a function in the inferior from user-defined breakpoint commands, GDB crashes:

$ ./gdb -nx -q ./gdb
(gdb) break main
Breakpoint 1 at 0x8074686: file ../../../source/cygnus.cygnus/gdb/gdb.c, line 29.
(gdb) commands
Type commands for when breakpoint 1 is hit, one per line.
End with a line saying just "end".
>print (int) printf ("bobo\n")
>end
(gdb) run
Starting program: /home/klee/build/cygnus.cygnus/gdb/gdb

Breakpoint 1, main (argc=1, argv=0xbfffea34) at ../../../source/cygnus.cygnus/gdb/gdb.c:29
29 memset (&args, 0, sizeof args);

Program received signal SIGSEGV, Segmentation fault.
0x0807a246 in free_command_lines (lptr=0x18) at ../../../source/cygnus.cygnus/gdb/cli/cli-script.c:983

I believe this problem was introduced in the changes to breakpoint.c on 2002-08-26 --- the problem is that stop_bpstat gets cleared as part of the cleanup after hand_function_call, which now includes removing the commands data. But unfortunately, it's restored by restore_inferior_status, including a pointer to now-obsolete commands, which eventually causes the crash in free_command_lines.
save_inferior_status tries to "do the right thing," by making a copy of stop_bpstat, but unfortunately, stop_bpstat only does a shallow copy, not a deep one.

The following patch updates stop_bpstat to do a deep copy of the commands and the old watchpoint value. It doesn't copy the breakpoint, since I suspect this is supposed to just be a reference, and it's not freed in clear_bpstat.

2002-10-29 Klee Dienes <kdienes@apple.com>

* breakpoint.c (bpstat_copy): Copy the command lines as well
as the old value, to match what is freed in bpstat_clear.


* Makefile.in: Rename INTL_DEPS to INTL_DEP, to match other variable names.
Index: breakpoint.c
===================================================================
RCS file: /cvs/Darwin/src/live/cygnus/src/gdb/breakpoint.c,v
retrieving revision 1.48
diff -u -r1.48 breakpoint.c
--- breakpoint.c 2002/10/26 09:20:12 1.48
+++ breakpoint.c 2002/10/30 09:01:01
@@ -1844,6 +1844,10 @@
{
tmp = (bpstat) xmalloc (sizeof (*tmp));
memcpy (tmp, bs, sizeof (*tmp));
+ if (bs->commands != NULL)
+ tmp->commands = copy_command_lines (bs->commands);
+ if (bs->old_val != NULL)
+ tmp->old_val = value_copy (bs->old_val);
if (p == NULL)
/* This is the first thing in the chain. */
retval = tmp;

This patch adds a check for calls to the inferior to the testsuite. The first part is straightforward --- it adds a call to the inferior to the initial "silent" breakpoint check, and checks for the correct output from it. The second part, I'm less sure about: it makes a second call to marker2(), after setting breakpoint commands on it to call the inferior as well. Currently, these commands aren't hit (and the test fails). I'm appending the test-suite part of the patch as an attachment, because, as you all know, my mailer is officially weird.

2002-10-29 Klee Dienes <kdienes@apple.com>

* gdb.base/break.exp: Add multiple calls to the inferior in
the user-commands for 'break 79'. Add a check for the calls
to the inferior in the check for the result. Add new test, to
check that user-defined breakpoint commands are called for functions
called by the user (currently fails).

Attachment: testsuite-diffs.txt
Description: Text document




Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]