[RFA] Copy the command lines and value when copying a bpstat.

Klee Dienes klee@apple.com
Wed Oct 30 01:27:00 GMT 2002


If you try to call a function in the inferior from user-defined 
breakpoint commands, GDB crashes:

$ ./gdb -nx -q ./gdb
(gdb) break main
Breakpoint 1 at 0x8074686: file 
../../../source/cygnus.cygnus/gdb/gdb.c, line 29.
(gdb) commands
Type commands for when breakpoint 1 is hit, one per line.
End with a line saying just "end".
 >print (int) printf ("bobo\n")
 >end
(gdb) run
Starting program: /home/klee/build/cygnus.cygnus/gdb/gdb

Breakpoint 1, main (argc=1, argv=0xbfffea34) at 
../../../source/cygnus.cygnus/gdb/gdb.c:29
29        memset (&args, 0, sizeof args);

Program received signal SIGSEGV, Segmentation fault.
0x0807a246 in free_command_lines (lptr=0x18) at 
../../../source/cygnus.cygnus/gdb/cli/cli-script.c:983

I believe this problem was introduced in the changes to breakpoint.c on 
2002-08-26 --- the problem is that stop_bpstat gets cleared as part of 
the cleanup after hand_function_call, which now includes removing the 
commands data.  But unfortunately, it's restored by 
restore_inferior_status, including a pointer to now-obsolete commands, 
which eventually causes the crash in free_command_lines.
save_inferior_status tries to "do the right thing," by making a copy of 
stop_bpstat, but unfortunately, stop_bpstat only does a shallow copy, 
not a deep one.

The following patch updates stop_bpstat to do a deep copy of the 
commands and the old watchpoint value.  It doesn't copy the breakpoint, 
since I suspect this is supposed to just be a reference, and it's not 
freed in clear_bpstat.

2002-10-29  Klee Dienes  <kdienes@apple.com>

         * breakpoint.c (bpstat_copy): Copy the command lines as well
          as the old value, to match what is freed in bpstat_clear.


         * Makefile.in: Rename INTL_DEPS to INTL_DEP, to match other 
variable names.
Index: breakpoint.c
===================================================================
RCS file: /cvs/Darwin/src/live/cygnus/src/gdb/breakpoint.c,v
retrieving revision 1.48
diff -u -r1.48 breakpoint.c
--- breakpoint.c        2002/10/26 09:20:12     1.48
+++ breakpoint.c        2002/10/30 09:01:01
@@ -1844,6 +1844,10 @@
      {
        tmp = (bpstat) xmalloc (sizeof (*tmp));
        memcpy (tmp, bs, sizeof (*tmp));
+      if (bs->commands != NULL)
+       tmp->commands = copy_command_lines (bs->commands);
+      if (bs->old_val != NULL)
+       tmp->old_val = value_copy (bs->old_val);
        if (p == NULL)
         /* This is the first thing in the chain.  */
         retval = tmp;

This patch adds a check for calls to the inferior to the testsuite.  
The first part is straightforward --- it adds a call to the inferior to 
the initial "silent" breakpoint check, and checks for the correct 
output from it.  The second part, I'm less sure about:  it makes a 
second call to marker2(), after setting breakpoint commands on it to 
call the inferior as well.  Currently, these commands aren't hit (and 
the test fails).  I'm appending the test-suite part of the patch as an 
attachment, because, as you all know, my mailer is officially weird.

2002-10-29  Klee Dienes  <kdienes@apple.com>

        * gdb.base/break.exp: Add multiple calls to the inferior in
         the user-commands for 'break 79'.  Add a check for the calls
         to the inferior in the check for the result.  Add new test, to
         check that user-defined breakpoint commands are called for 
functions
        called by the user (currently fails).

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: testsuite-diffs.txt
URL: <http://sourceware.org/pipermail/gdb-patches/attachments/20021030/d2b709d4/attachment.txt>
-------------- next part --------------





More information about the Gdb-patches mailing list