From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 21407 invoked by alias); 2 Aug 2012 16:12:06 -0000 Received: (qmail 21366 invoked by uid 22791); 2 Aug 2012 16:12:03 -0000 X-SWARE-Spam-Status: No, hits=-6.5 required=5.0 tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 02 Aug 2012 16:11:49 +0000 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q72GBm4V032276 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 2 Aug 2012 12:11:49 -0400 Received: from barimba (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q72GBl8x012752 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Thu, 2 Aug 2012 12:11:48 -0400 From: Tom Tromey To: gdb-patches@sourceware.org Subject: RFC: one approach to fixing PR 14100 Date: Thu, 02 Aug 2012 16:12:00 -0000 Message-ID: <87r4rpqnng.fsf@fleche.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-08/txt/msg00075.txt.bz2 PR 14100 concerns a way to crash gdb by C-c during a 'bt'. The way this happens is that dwarf2_frame_cache initializes the frame's prologue_cache. Then, it continues to do some more work, including (indirectly) reading target memory. Then, target_read invokes QUIT, throwing an exception. The cleanups are run, and eventually we get to frame_cleanup_after_sniffer, which asserts that prologue_cache==NULL. This fix assumes that what dwarf2_frame_cache is doing is not unreasonable, and simply clears the prologue_cache field. I am not sure whether this is really correct. Another approach would be to change dwarf2_frame_cache to set the prologue_cache at the end of its work rather than at the beginning. Then, I suppose, we'd have to document this restriction and audit all the other sniffers. Thoughts? This built and regtested on x86-64 Fedora 16. Also I tried it by hand and couldn't reproduce the crash. Tom * frame.c (frame_cleanup_after_sniffer): Remove assert. Clear frame's prologue_cache. --- gdb/frame.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/gdb/frame.c b/gdb/frame.c index e012f2d..edb379c 100644 --- a/gdb/frame.c +++ b/gdb/frame.c @@ -2392,8 +2392,11 @@ frame_cleanup_after_sniffer (void *arg) struct frame_info *frame = arg; /* The sniffer should not allocate a prologue cache if it did not - match this frame. */ - gdb_assert (frame->prologue_cache == NULL); + match this frame. We used to assert that prologue_cache was NULL + here -- however, that ran afoul of code paths where the + prologue_cache was set by the sniffer, but some later processing + called QUIT. */ + frame->prologue_cache = NULL; /* No sniffer should extend the frame chain; sniff based on what is already certain. */ -- 1.7.7.6