From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 13955 invoked by alias); 13 Aug 2010 21:21:32 -0000 Received: (qmail 13931 invoked by uid 22791); 13 Aug 2010 21:21:31 -0000 X-SWARE-Spam-Status: No, hits=-6.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Fri, 13 Aug 2010 21:21:24 +0000 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o7DLLN8x010267 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 13 Aug 2010 17:21:23 -0400 Received: from host1.dyn.jankratochvil.net (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o7DLLL1V002039 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 13 Aug 2010 17:21:22 -0400 Received: from host1.dyn.jankratochvil.net (localhost [127.0.0.1]) by host1.dyn.jankratochvil.net (8.14.4/8.14.4) with ESMTP id o7DLLKQ9021392; Fri, 13 Aug 2010 23:21:20 +0200 Received: (from jkratoch@localhost) by host1.dyn.jankratochvil.net (8.14.4/8.14.4/Submit) id o7DLLK9t021391; Fri, 13 Aug 2010 23:21:20 +0200 Date: Fri, 13 Aug 2010 21:21:00 -0000 From: Jan Kratochvil To: Tom Tromey Cc: gdb-patches@sourceware.org Subject: Re: RFA: implement "watch -location" Message-ID: <20100813212120.GA20999@host1.dyn.jankratochvil.net> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-12-10) X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2010-08/txt/msg00200.txt.bz2 On Fri, 13 Aug 2010 20:25:14 +0200, Tom Tromey wrote: > Jan> this patch has a regression (guessing due to -lmcheck) on > > The bug was that watch_maybe_just_location did not check for arg==NULL. > So, a plain "watch" crashed gdb. There is still a crash: (gdb) watch -location gdb_stdin == Invalid read of size 4 == at 0x6420E3: can_use_hardware_watchpoint (breakpoint.c:8295) == by 0x641AE2: watch_command_1 (breakpoint.c:8140) == by 0x642342: watch_maybe_just_location (breakpoint.c:8376) == by 0x64236C: watch_command (breakpoint.c:8382) == by 0x5F0B04: do_cfunc (cli-decode.c:67) == by 0x5F3B72: cmd_func (cli-decode.c:1771) == by 0x48A9ED: execute_command (top.c:422) == Address 0xcee60a0 is 0 bytes inside a block of size 144 free'd == at 0x4C25D72: free (vg_replace_malloc.c:325) == by 0x48E6D3: xfree (utils.c:1505) == by 0x6554CD: value_free (value.c:687) == by 0x655503: value_free_to_mark (value.c:701) == by 0x641950: watch_command_1 (breakpoint.c:8101) == by 0x642342: watch_maybe_just_location (breakpoint.c:8376) == by 0x64236C: watch_command (breakpoint.c:8382) == by 0x5F0B04: do_cfunc (cli-decode.c:67) == by 0x5F3B72: cmd_func (cli-decode.c:1771) == by 0x48A9ED: execute_command (top.c:422) The problem is: release_value (val); value_free_to_mark (mark); should also have some: val->next = NULL; as later mem_cnt = can_use_hardware_watchpoint (val); will otherwise jump into the stale value_next pointer. Just it cannot be implemented this way due to: breakpoint.c:8101:10: error: dereferencing pointer to incomplete type While trying to fix it one could simplify the code as since cc7cc38174cfc79e75ea92a00b48591f90c83ea5 http://sourceware.org/ml/gdb-cvs/2009-11/msg00184.html the result of can_use_hardware_watchpoint() mostly gets immediately dropped as it all gets recalculated in update_watchpoint again. Still bp_read_watchpoint/bp_access_watchpoint are not checked in update_watchpoint so one cannot just drop the can_use_hardware_watchpoint call from watch_command_1. Thanks, Jan