On Tue, Sep 6, 2011 at 16:50, Jan Kratochvil wrote: > On Tue, 06 Sep 2011 10:21:53 +0200, Hui Zhu wrote: >> +            if (TYPE_CODE (check_typedef (value_type (val_args[i]))) >> +                 == TYPE_CODE_ARRAY) >> +           fprintf_filtered (stream, current_substring, >> +                             (char *) value_contents (val_args[i])); > > (gdb) set $a={'a','b'} > (gdb) printf "%s\n",$a > ==23392== Invalid read of size 1 > ==23392==    at: vfprintf (vfprintf.c:1568) > ==23392==    by: vasprintf (vasprintf.c:64) > ==23392==    by: xstrvprintf (common-utils.c:131) > ==23392==    by: vfprintf_maybe_filtered (utils.c:2379) > ==23392==    by: vfprintf_filtered (utils.c:2389) > ==23392==    by: fprintf_filtered (utils.c:2441) > ==23392==    by: ui_printf (printcmd.c:2348) > [...] > ==23392==  Address 0xd24bb82 is 0 bytes after a block of size 2 alloc'd > ==23392==    at: calloc (vg_replace_malloc.c:467) > ==23392==    by: xcalloc (common-utils.c:92) > ==23392==    by: xzalloc (common-utils.c:102) > ==23392==    by: allocate_value_contents (value.c:690) > ==23392==    by: allocate_value (value.c:700) > ==23392==    by: value_copy (value.c:1299) > ==23392==    by: value_of_internalvar (value.c:1725) > ==23392==    by: evaluate_subexp_standard (eval.c:903) > ==23392==    by: evaluate_subexp_c (c-lang.c:720) > ==23392==    by: evaluate_subexp (eval.c:76) > ==23392==    by: evaluate_expression (eval.c:151) > ==23392==    by: parse_to_comma_and_eval (eval.c:136) > ==23392==    by: ui_printf (printcmd.c:2328) > [...] > > The original code was not completely correct in such cases but GDB could not > crash, now it can, I find it as a regression. > > I would welcome a testcase. > > > Thanks, > Jan > Thanks for remind me about it. I make a patch add a test for it. Please help me review it. Best, Hui 2011-09-07 Hui Zhu * gdb.base/printcmds.exp: Add test for printing internal var values with printf.