From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 22922 invoked by alias); 23 Aug 2002 01:37:58 -0000 Mailing-List: contact gdb-patches-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sources.redhat.com Received: (qmail 22862 invoked from network); 23 Aug 2002 01:37:57 -0000 Received: from unknown (HELO cygnus.com) (205.180.83.203) by sources.redhat.com with SMTP; 23 Aug 2002 01:37:57 -0000 Received: from redhat.com (reddwarf.sfbay.redhat.com [172.16.24.50]) by runyon.cygnus.com (8.8.7-cygnus/8.8.7) with ESMTP id SAA11069; Thu, 22 Aug 2002 18:32:02 -0700 (PDT) Message-ID: <3D6591F3.F61C8E8@redhat.com> Date: Thu, 22 Aug 2002 18:53:00 -0000 From: Michael Snyder Organization: Red Hat, Inc. X-Accept-Language: en MIME-Version: 1.0 To: Joel Brobecker CC: gdb-patches@sources.redhat.com Subject: Re: [RFA] GDB/622 - clear current breakpoint in commands causes trouble References: <20020731195012.GK683@gnat.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-SW-Source: 2002-08/txt/msg00745.txt.bz2 Joel Brobecker wrote: > > As described in PR GDB/622: > > Using the program in the gdb.base/commands.exp testcase, the following > session shows that clearing the current breakpoint inside its commands > list causes a memory-corruption problem: > > (gdb) b factorial > Breakpoint 1 at 0x8048582: file ./gdb.base/run.c, line 77. > (gdb) commands > Type commands for when breakpoint 1 is hit, one per line. > End with a line saying just "end". > >silent > >printf "factorial command-list executed\n" > >clear factorial > >cont > >end > (gdb) run 1 > Starting program: [...]/gdb.base/commands 1 > factorial command-list executed > warning: Invalid control type in command structure. <<<--- (1) > (gdb) > > (1) shows that the command-list becomes corrupted, and as a consequence, > the execution is not resumed. Instead, the expected output from the run > command is: > > Starting program: [...]/gdb.base/run 1 > factorial command-list executed > 1 > > Program exited normally. > (gdb) > > The fix consists into executing a copy of the commands list, to protect > this execution from using a list that has been freed. The attached patch > introduces no regression. A new test has also been added to commands.exp. > > Ok to apply? > > 2002-07-31 Joel Brobecker > > * cli/cli-scripts.c (copy_command_lines): New function. > (make_cleanup_free_command_lines): Make this function non static. > > * defs.h (copy_command_lines): Add definition. > (make_cleanup_free_command_lines): Add definition. > > * breakpoint.c (bpstat_do_actions): Execute a temporary copy of > the command-list associated to each breakpoint hit, in order to > avoid accessing a dangling pointer, in case one of the commands > in the list causes the breakpoint to be deleted. > > Thanks, > -- > Joel Hey Joel, I've discovered a slight problem in this patch. Your clean-ups are never being called. Look at the bottom of bpstat_do_actions. They're just discarded. The second problem is that, if they ever WERE called, they would probably cause a heap corruption error, because the value of &cmd is always the same. Michael