From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-100808-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 4354 invoked by alias); 24 Apr 2013 13:30:12 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 4343 invoked by uid 89); 24 Apr 2013 13:30:12 -0000
X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,SPF_PASS autolearn=ham version=3.3.1
Received: from mail-oa0-f51.google.com (HELO mail-oa0-f51.google.com) (209.85.219.51)    by sourceware.org (qpsmtpd/0.84/v0.84-167-ge50287c) with ESMTP; Wed, 24 Apr 2013 13:30:11 +0000
Received: by mail-oa0-f51.google.com with SMTP id k14so1648952oag.38        for <gdb-patches@sourceware.org>; Wed, 24 Apr 2013 06:30:09 -0700 (PDT)
X-Received: by 10.60.84.33 with SMTP id v1mr6039244oey.36.1366810209585; Wed, 24 Apr 2013 06:30:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.60.13.133 with HTTP; Wed, 24 Apr 2013 06:29:29 -0700 (PDT)
From: Hui Zhu <teawater@gmail.com>
Date: Wed, 24 Apr 2013 15:35:00 -0000
Message-ID: <CANFwon0RCwi1CQepWnZuuPvXUNVHXJU-UbknXaR_U3h8shUc8g@mail.gmail.com>
Subject: [PATCH/7.6] Fix wrong release (maybe crash GDB) in build_target_command_list
To: gdb-patches ml <gdb-patches@sourceware.org>, Joel Brobecker <brobecker@adacore.com>
Content-Type: text/plain; charset=ISO-8859-1
X-SW-Source: 2013-04/txt/msg00734.txt.bz2

Hi,

I found this bug when I try to fix 15180.
In function build_target_command_list:
When it try to release the loc->cmd_bytecode in the first loop, it try
to release loc->cond_bytecode:
  /* If anything failed, then we're not doing target-side commands,
     and so clean up.  */
  if (null_command_or_parse_error)
    {
      ALL_BP_LOCATIONS_AT_ADDR (loc2p, locp, bl->address)
	{
	  loc = (*loc2p);
	  if (is_breakpoint (loc->owner)
	      && loc->pspace->num == bl->pspace->num)
	    {
	      /* Only go as far as the first NULL bytecode is
		 located.  */
	      if (!loc->cond_bytecode)
		return;

	      free_agent_expr (loc->cond_bytecode);
	      loc->cond_bytecode = NULL;
	    }
	}
    }

I think it will crash GDB something.  So I suggest fix it before 7.6 release.

Thanks,
Hui

2013-04-24  Hui Zhu  <hui@codesourcery.com>

	* breakpoint.c (build_target_command_list): Change loc->cond_bytecode
	to loc->cmd_bytecode.

--- a/gdb/breakpoint.c
+++ b/gdb/breakpoint.c
@@ -2343,11 +2343,11 @@ build_target_command_list (struct bp_loc
 	    {
 	      /* Only go as far as the first NULL bytecode is
 		 located.  */
-	      if (!loc->cond_bytecode)
+	      if (!loc->cmd_bytecode)
 		return;

-	      free_agent_expr (loc->cond_bytecode);
-	      loc->cond_bytecode = NULL;
+	      free_agent_expr (loc->cmd_bytecode);
+	      loc->cmd_bytecode = NULL;
 	    }
 	}
     }