[commit] Fix .gdb_index memory corruption

Jan Kratochvil jan.kratochvil@redhat.com
Tue Nov 16 22:09:00 GMT 2010 

Hi,

since glibc-2.12.90-19.x86_64 (Fedora 14) GDB started crashing
on gdb.base/completion.exp and valgrind reports (split/diffed):

-Invalid free() / delete / delete[]
+ Address 0x80aca60 is 0 bytes inside a block of size 53 free'd
    at: free (vg_replace_malloc.c:325)
    by: xfree (utils.c:1525)
    by: dw2_forget_cached_source_info (dwarf2read.c:2131)
    by: forget_cached_source_info (source.c:366)
-   by: directory_command (source.c:400)
+   by: cd_command (cli-cmds.c:458)
    by: do_cfunc (cli-decode.c:67)
    by: cmd_func (cli-decode.c:1771)
    by: execute_command (top.c:423)
    by: command_handler (event-top.c:498)
    by: command_line_handler (event-top.c:702)
    by: rl_callback_read_char (callback.c:205)
    by: rl_callback_read_char_wrapper (event-top.c:178)
    by: stdin_event_handler (event-top.c:433)
    by: handle_file_event (event-loop.c:817)
    by: process_event (event-loop.c:399)
    by: gdb_do_one_event (event-loop.c:452)
    by: catch_errors (exceptions.c:518)
    by: tui_command_loop (tui-interp.c:171)
    by: current_interp_command_loop (interps.c:291)
    by: captured_command_loop (main.c:228)
    by: catch_errors (exceptions.c:518)
    by: captured_main (main.c:912)
    by: catch_errors (exceptions.c:518)
    by: gdb_main (main.c:921)
    by: main (gdb.c:34)

Checked-in.


Thanks,
Jan


http://sourceware.org/ml/gdb-cvs/2010-11/msg00080.html

--- src/gdb/ChangeLog	2010/11/16 17:38:34	1.12313
+++ src/gdb/ChangeLog	2010/11/16 22:04:51	1.12314
@@ -1,3 +1,8 @@
+2010-11-16  Jan Kratochvil  <jan.kratochvil@redhat.com>
+
+	* dwarf2read.c (dw2_forget_cached_source_info): Clear the FULL_NAMES
+	elements after xfree.
+
 2010-11-16  Tom Tromey  <tromey@redhat.com>
 
 	* gdb-add-index.sh: Really remove.
--- src/gdb/dwarf2read.c	2010/11/16 04:36:26	1.476
+++ src/gdb/dwarf2read.c	2010/11/16 22:04:52	1.477
@@ -2128,7 +2128,10 @@
 	  int j;
 
 	  for (j = 0; j < per_cu->v.quick->lines->num_file_names; ++j)
-	    xfree ((void *) per_cu->v.quick->full_names[j]);
+	    {
+	      xfree ((void *) per_cu->v.quick->full_names[j]);
+	      per_cu->v.quick->full_names[j] = NULL;
+	    }
 	}
     }
 }

More information about the Gdb-patches mailing list