[Bug python/11914] Multiple call to inferior function can leed to segfault

[Bug python/11914] Multiple call to inferior function can leed to segfault

[joachim.protze at zih dot tu-dresden.de]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

--- Comment #1 from Joachim Protze <joachim.protze at zih dot tu-dresden.de> 2011-02-11 12:09:09 UTC ---
The bug is still reproducible in current weekly snapshot:

$ gdb a.out
GNU gdb (GDB) 7.2.50.20110208
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/jprotze/pptest/a.out...done.
(gdb) source pptest.py
(gdb) b 30
Breakpoint 1 at 0x4004ac: file pptest.c, line 30.
(gdb) r
Starting program: /home/jprotze/pptest/a.out 

Breakpoint 1, main (argc=1, argv=0x7fffffffe198) at pptest2.c:30
30        f=5;
(gdb) python
>for i in range(10000):
>  gdb.execute("info locals", False, True)
>end
Segmentation fault

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[pmuldoon at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Phil Muldoon <pmuldoon at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
                 CC|                            |pmuldoon at redhat dot com
         Resolution|                            |WORKSFORME

--- Comment #2 from Phil Muldoon <pmuldoon at redhat dot com> 2011-06-30 12:00:50 UTC ---
On Fedora 15, and upstream GDB I cannot replicate this.  There have been
substantial number of bugfixes since 7.2.  Fedora 15 contains 7.2 with lots of
additional material for 7.3.

My results:


$ gcc -g3 -O0 ~/pptest.c -o ~/pptest
./gdb ~/pptest

(gdb) start

Temporary breakpoint 1 at 0x40048b: file /home/pmuldoon/pptest.c, line 19.

Temporary breakpoint 1, main (argc=
During symbol reading, incomplete CFI data; unspecified registers (e.g., rax)
at 0x4004e5.
1, argv=0x7fffffffe1a8) at /home/pmuldoon/pptest.c:19
19      testint arr[]={0,1,2,3,4,5};

(gdb) python
>for i in range(10000):
>  gdb.execute("info locals", False, True)
>end
(gdb)

I also tried the pretty-printer example, and tried with/without optimization,
with/without debuginfo.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[joachim.protze at zih dot tu-dresden.de]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Joachim Protze <joachim.protze at zih dot tu-dresden.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
   Last reconfirmed|                            |2011.07.19 15:26:15
         Resolution|WORKSFORME                  |
     Ever Confirmed|0                           |1

--- Comment #3 from Joachim Protze <joachim.protze at zih dot tu-dresden.de> 2011-07-19 15:26:15 UTC ---
I have no idea, what patches are applied for Fedora release (can u tell me the
git? repositories?). In my eyes, gdb is not a special Fedora product. When the
bug is fixed there, it is fine for Fedora, but the fix should go back to trunk.
In the current gdb-cvs trunk the bug still exists.

I just checked out the current cvs version and tried my testcase again. My
current system is Ubuntu/natty. As you can see below, the outer gdb is the
distros gdb, the inner gdb is the one from cvs.

----

As mentioned in my initial posting, i tried this also on a machine with ia64
cores (and SUSE SLES10SP3 with SGI ProPack 6SP6).
There i just got a surprising result while running the test with current cvs
version:

(gdb) source pptest.py 
(gdb) python 
>for i in range(10000):
>  gdb.execute("info locals", False, True)
>end
[Inferior 1 (process 115483) exited with code 01]
(gdb) 

where the last (gdb) prompt is of the outer gdb instance. This behaviour is
reproducable on this machine. As the inner gdb instanc dies quiet, i get no
backtrace.

When i run the "info locals" manually and press the return-key, after about
40-50 executions of "info locals" i get the segfault - the backtrace is listed
below.

For me it seems like the rollback of fast repeated function calls from inferior
fails and overwrites gdb-own datastructures - this is not reproducible when i
hit the return key after each execution of "info locals".


------------- backtrace on the Ubuntu/x86_64 machine ---------------

GNU gdb (Ubuntu/Linaro 7.2-1ubuntu11) 7.2
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/jprotze/.root/usr/bin/gdb...done.
(gdb) r
Starting program: /home/jprotze/.root/usr/bin/gdb a.out
[Thread debugging using libthread_db enabled]
GNU gdb (GDB) 7.2.91.20110718-cvs
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/jprotze/workdir/pptest/a.out...done.
(gdb) b 26
Breakpoint 1 at 0x400518: file pptest.c, line 26.
(gdb) r
Starting program: /home/jprotze/workdir/pptest/a.out 

Breakpoint 1, main (argc=1, argv=0x7fffffffe228) at pptest.c:26
26        f=5;
(gdb) python 
>for i in range(10000):
>  gdb.execute("info locals", False, True)
>end
(gdb) source pptest.py 
(gdb) python 
>for i in range(10000):
>  gdb.execute("info locals", False, True)
>end

Program received signal SIGSEGV, Segmentation fault.
0x0000000000510f37 in regcache_cooked_read (regcache=0xef3770, regnum=6,
buf=0xef3970 "") at regcache.c:693
693       gdb_assert (regnum < regcache->descr->nr_cooked_registers);
(gdb) bt 
#0  0x0000000000510f37 in regcache_cooked_read (regcache=0xef3770, regnum=6,
buf=0xef3970 "") at regcache.c:693
#1  0x00000000005ea7b0 in sentinel_frame_prev_register (this_frame=0xef03b0,
this_prologue_cache=<value optimized out>, regnum=6) at sentinel-frame.c:65
#2  0x000000000046177f in frame_unwind_register_value (frame=0xef03b0,
regnum=6) at frame.c:953
#3  0x0000000000461a29 in frame_register_unwind (frame=<value optimized out>,
regnum=<value optimized out>, optimizedp=0x7fffffffd48c, 
    unavailablep=0x7fffffffd488, lvalp=0x7fffffffd3ac, addrp=0x7fffffffd3a0,
realnump=0x7fffffffd3a8, bufferp=0xddee20 "") at frame.c:859
#4  0x0000000000462edc in get_frame_register_bytes (frame=0xef0470,
regnum=<value optimized out>, offset=<value optimized out>, len=8, 
    myaddr=<value optimized out>, optimizedp=0x7fffffffd48c,
unavailablep=0x7fffffffd488) at frame.c:1140
#5  0x000000000050f6bb in value_from_register (type=0xdeaef0, regnum=6,
frame=0xef0470) at findvar.c:658
#6  0x000000000050fb83 in address_from_register (type=<value optimized out>,
regnum=<value optimized out>, frame=<value optimized out>) at findvar.c:684
#7  0x00000000006257d0 in execute_stack_op (ctx=0xeed5f0, op_ptr=0xde6eac "q",
op_end=0xde6eac "q") at dwarf2expr.c:591
#8  0x00000000006260bd in dwarf_expr_eval (ctx=0xeed5f0, addr=<value optimized
out>, len=<value optimized out>) at dwarf2expr.c:258
#9  0x0000000000625717 in execute_stack_op (ctx=0xeed5f0, op_ptr=0xde116d
"\nc", op_end=0xde116d "\nc") at dwarf2expr.c:619
#10 0x00000000006260bd in dwarf_expr_eval (ctx=0xeed5f0, addr=<value optimized
out>, len=<value optimized out>) at dwarf2expr.c:258
#11 0x00000000005b808d in dwarf2_evaluate_loc_desc_full (type=0xde2e20,
frame=0xef0470, data=0xde116b "\221h\nc", size=2, per_cu=0xde11e0,
byte_offset=0)
    at dwarf2loc.c:1112
#12 0x00000000005341a9 in print_variable_and_value (name=0xde1162 "b",
var=0xded660, frame=0xef0470, stream=0xe5d0c0, indent=0) at ./printcmd.c:1960
#13 0x000000000055be84 in do_print_variable_and_value (print_name=<value
optimized out>, sym=<value optimized out>, cb_data=0x7fffffffd8c0) at
stack.c:1621
#14 0x000000000055cf44 in iterate_over_block_locals (block=0xdedb80,
cb=0x55be70 <do_print_variable_and_value>, cb_data=0x7fffffffd8c0) at
stack.c:1521
#15 iterate_over_block_local_vars (block=0xdedb80, cb=0x55be70
<do_print_variable_and_value>, cb_data=0x7fffffffd8c0) at stack.c:1591
#16 0x000000000055cffd in print_frame_local_vars (frame=0xef0470,
num_tabs=<value optimized out>, stream=0xe5d0c0) at stack.c:1653
#17 0x0000000000457c88 in execute_command (p=0xeaf2ab "", from_tty=0) at
top.c:428
#18 0x0000000000457d65 in execute_command_to_string (p=0xeaf2a0 "info locals",
from_tty=0) at top.c:502
#19 0x00000000004dddf4 in execute_gdb_command (self=<value optimized out>,
args=<value optimized out>, kw=<value optimized out>) at ./python/python.c:381
#20 0x00007ffff6ee6630 in PyEval_EvalFrameEx () from
/usr/lib/libpython2.7.so.1.0
#21 0x00007ffff6ee827d in PyEval_EvalCodeEx () from
/usr/lib/libpython2.7.so.1.0
#22 0x00007ffff6ee8392 in PyEval_EvalCode () from /usr/lib/libpython2.7.so.1.0
#23 0x00007ffff6f0a1dc in PyRun_StringFlags () from
/usr/lib/libpython2.7.so.1.0
#24 0x00007ffff6f0acdd in PyRun_SimpleStringFlags () from
/usr/lib/libpython2.7.so.1.0
#25 0x00000000004de7ed in eval_python_from_control_command (cmd=<value
optimized out>) at ./python/python.c:182
#26 0x00000000004c4aeb in execute_control_command (cmd=0xddedc0) at
./cli/cli-script.c:568
#27 0x00000000004de6dd in python_command (arg=0x0, from_tty=<value optimized
out>) at ./python/python.c:216
#28 0x0000000000457c88 in execute_command (p=0xad4157 "xecute(\"info locals\",
False, True)", from_tty=1) at top.c:428
#29 0x0000000000568b08 in command_handler (command=0xad4150 "") at
event-top.c:499
#30 0x00000000005695cc in command_line_handler (rl=<value optimized out>) at
event-top.c:704
#31 0x00000000006382d7 in rl_callback_read_char () at callback.c:205
#32 0x0000000000568b79 in rl_callback_read_char_wrapper (client_data=<value
optimized out>) at event-top.c:177
#33 0x0000000000567668 in process_event () at event-loop.c:402
#34 0x000000000056826e in gdb_do_one_event (data=<value optimized out>) at
event-loop.c:467
#35 0x0000000000562abb in catch_errors (func=0x568020 <gdb_do_one_event>,
func_args=0x0, errstring=0x6f2667 "", mask=<value optimized out>)
    at exceptions.c:521
#36 0x00000000004d5ce0 in tui_command_loop (data=<value optimized out>) at
./tui/tui-interp.c:172
#37 0x000000000044f369 in captured_command_loop (data=<value optimized out>) at
./main.c:228
#38 0x0000000000562abb in catch_errors (func=0x44f360 <captured_command_loop>,
func_args=0x0, errstring=0x6f2667 "", mask=<value optimized out>)
    at exceptions.c:521
#39 0x000000000045017e in captured_main (data=<value optimized out>) at
./main.c:936
---Type <return> to continue, or q <return> to quit---
#40 0x0000000000562abb in catch_errors (func=0x44f530 <captured_main>,
func_args=0x7fffffffe120, errstring=0x6f2667 "", mask=<value optimized out>)
    at exceptions.c:521
#41 0x0000000000450414 in gdb_main (args=<value optimized out>) at ./main.c:945
#42 0x000000000044f29e in main (argc=<value optimized out>, argv=<value
optimized out>) at gdb.c:35
(gdb)

------------- backtrace on the SLES/ia64 machine ---------------
#0  0x4000000000097b81 in frame_unwind_pc_if_available (this_frame=Cannot
access memory at address 0x254
) at frame.c:625
#1  0x4000000000098100 in frame_unwind_pc (this_frame=0x21c) at frame.c:701
#2  0x4000000000098540 in get_frame_address_in_block
(this_frame=0x60000000002d2e30) at frame.c:1988
#3  0x4000000000098af0 in get_frame_address_in_block_if_available
(this_frame=Cannot access memory at address 0x254
) at frame.c:2050
#4  0x40000000001e2530 in get_frame_block (frame=0x60000000002d2e30,
addr_in_block=0x0) at blockframe.c:65
#5  0x40000000003c0540 in dwarf_expr_frame_base (baton=0x607ffffffee96660,
start=0x607ffffffee96648, length=0x607ffffffee96650) at dwarf2loc.c:180
#6  0x40000000004d24f0 in execute_stack_op (ctx=0x60000000002e47e0,
op_ptr=0x600000000023222a "\bc", op_end=0x600000000023222a "\bc") at
dwarf2expr.c:618
#7  0x40000000004d3910 in dwarf_expr_eval (ctx=0x60000000002e47e0,
addr=0x6000000000232228 "\221P\bc", len=2) at dwarf2expr.c:258
#8  0x40000000003beac0 in dwarf2_evaluate_loc_desc_full
(type=0x600000000005beb8, frame=0x21c, data=Cannot access memory at address
0xa000000100010b20
) at dwarf2loc.c:1112
#9  0x4000000000216ce0 in read_var_value (var=0x600000000023c870,
frame=0x60000000002d2e30) at findvar.c:555
#10 0x400000000026eed0 in print_variable_and_value (name=0x21c <Address 0x21c
out of bounds>, var=0x600000000023c870, frame=0x60000000002d2e30, stream=Cannot
access memory at address 0x254
) at ./printcmd.c:1960
#11 0x40000000002dbe50 in do_print_variable_and_value
(print_name=0x600000000023221f "b", sym=0x600000000023c870,
cb_data=0x607ffffffee967f0) at stack.c:1621
#12 0x40000000002d9180 in iterate_over_block_locals (cb_data=<optimized out>,
cb=<optimized out>, b=<optimized out>) at stack.c:1521
#13 iterate_over_block_local_vars (block=0x600000000023cd90,
cb=@0x40000000008b5290: 0x40000000002dbe00 <do_print_variable_and_value>,
cb_data=0x607ffffffee967d8) at stack.c:1591
#14 0x40000000002dbc20 in print_frame_local_vars (frame=0x60000000002d2e30,
num_tabs=<optimized out>, stream=0x60000000001cd220) at stack.c:1653
#15 0x40000000001490a0 in do_cfunc (c=<optimized out>, args=0x0, from_tty=1) at
./cli/cli-decode.c:67
#16 0x40000000001493c0 in cmd_func (cmd=0x60000000000f4cb0, args=0x0,
from_tty=1) at ./cli/cli-decode.c:1777
#17 0x4000000000087850 in execute_command (p=0x60000000000a9f5c "", from_tty=1)
at top.c:428
#18 0x40000000002f7710 in command_handler (command=0x60000000000a9f50 "info
locals ") at event-top.c:499
#19 0x40000000002f9790 in command_line_handler (rl=0x60000000002378b0 "\001")
at event-top.c:710
#20 0x4000000000501ac0 in rl_callback_read_char () at callback.c:205
#21 0x40000000002f7870 in rl_callback_read_char_wrapper
(client_data=0x40000000002f86a0) at event-top.c:177
#22 0x40000000002f86a0 in stdin_event_handler (error=0, client_data=0x0) at
event-top.c:434
#23 0x40000000002f6ac0 in handle_file_event (data=...) at event-loop.c:831
#24 0x40000000002f4080 in process_event () at event-loop.c:402
#25 0x40000000002f6900 in gdb_do_one_event (data=0x0) at event-loop.c:467
#26 0x40000000002e8bf0 in catch_errors (func=0x21c, func_args=0x0,
errstring=0x21c <Address 0x21c out of bounds>, mask=6) at exceptions.c:521
#27 0x400000000017f500 in tui_command_loop (data=0x607ffffffee968a0) at
./tui/tui-interp.c:172
#28 0x40000000002ea100 in current_interp_command_loop () at interps.c:291
#29 0x400000000006f210 in captured_command_loop (data=0x40000000002e8bf0) at
./main.c:228
#30 0x40000000002e8bf0 in catch_errors (func=0x21c,
func_args=0x40000000002e8bf0, errstring=0x21c <Address 0x21c out of bounds>,
mask=6) at exceptions.c:521
#31 0x40000000000701a0 in captured_main (data=<optimized out>) at ./main.c:936
#32 0x40000000002e8bf0 in catch_errors (func=0x21c,
func_args=0x60000000000857a8, errstring=0x21c <Address 0x21c out of bounds>,
mask=6) at exceptions.c:521
#33 0x400000000006ece0 in gdb_main (args=0x607ffffffee969a0) at ./main.c:945
#34 0x400000000006ec60 in main (argc=2, argv=0x607ffffffee96c58) at gdb.c:35

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[pmuldoon at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Phil Muldoon <pmuldoon at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Target|                            |ia64
                 CC|                            |jan.kratochvil at redhat
                   |                            |dot com
               Host|                            |ia64

--- Comment #4 from Phil Muldoon <pmuldoon at redhat dot com> 2011-07-19 15:56:33 UTC ---
I was using trunk, not Fedora based release when I commented.  I tried to
replicate the bug again, but I cannot.  I will ask the ia64 maintainer to look
at the issue and see if this is architecture specific.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[jan.kratochvil at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Jan Kratochvil <jan.kratochvil at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Target|ia64                        |
               Host|ia64                        |
            Version|7.2                         |HEAD
   Target Milestone|7.1                         |---

--- Comment #5 from Jan Kratochvil <jan.kratochvil at redhat dot com> 2011-07-19 18:38:04 UTC ---
Reproducible for me on Fedora 15 x86_64, it crashes, used:
./gdb -nx ./pptest -ex 'source pptest.py' -ex 'b 26' -ex r -ex 'source
loop.cmd'
loop.cmd:
while 1
  info locals
end

The problem is during the pretty printer an inferior call is made.  Any
inferior call invalidates frame cache, any frame_info * gets invalid.  frame_id
would remain valid.  The variables printing functions do not expect frame_info
* gets invalid.

Suggesting either modifying the GDB functions involved to use frame_id instead
of frame_info * or somehow pre-pretty-print the variables in advance.

@@ -1,51 +1,42 @@
+Invalid read of size 8
+   at get_frame_pc (frame.c:1956)
+   by get_frame_address_in_block (frame.c:1988)
+   by get_frame_address_in_block_if_available (frame.c:2050)
+   by get_frame_block (blockframe.c:65)
+   by dwarf_expr_frame_base (dwarf2loc.c:180)
+   by execute_stack_op (dwarf2expr.c:791)
+   by dwarf_expr_eval (dwarf2expr.c:365)
+   by dwarf2_evaluate_loc_desc_full (dwarf2loc.c:1128)
+   by dwarf2_evaluate_loc_desc (dwarf2loc.c:1280)
+   by locexpr_read_variable (dwarf2loc.c:2171)
+   by read_var_value (findvar.c:555)
+   by print_variable_and_value (printcmd.c:1960)

- Address 0xe3ecdb0 is 352 bytes inside a block of size 4,064 free'd
-   at free (vg_replace_malloc.c:366)
-   by xfree (utils.c:1303)
-   by obstack_free (obstack.c:367)
-   by reinit_frame_cache (frame.c:1519)
-   by regcache_write_pc (regcache.c:1020)
-   by proceed (infrun.c:2107)
-   by run_inferior_call (infcall.c:404)
-   by call_function_by_hand (infcall.c:835)
-   by evaluate_subexp_standard (eval.c:1847)
-   by evaluate_subexp_c (c-lang.c:720)
-   by evaluate_subexp (eval.c:76)
-   by evaluate_expression (eval.c:151)
-   by parse_and_eval (eval.c:119)
-   by gdbpy_parse_and_eval (python.c:546)
-   by PyEval_EvalFrameEx (ceval.c:4072)
-   by PyEval_EvalCodeEx (ceval.c:3312)
-   by function_call (funcobject.c:526)
-   by PyObject_Call (abstract.c:2529)
-   by instancemethod_call (classobject.c:2578)
-   by PyObject_Call (abstract.c:2529)
-   by PyObject_CallMethodObjArgs (abstract.c:2738)
-   by pretty_print_one_value (py-prettyprint.c:223)
-   by print_string_repr (py-prettyprint.c:315)
-   by apply_val_pretty_printer (py-prettyprint.c:730)
-   by val_print (valprint.c:374)
-   by common_val_print (valprint.c:454)
-   by print_variable_and_value (printcmd.c:1962)

    by do_print_variable_and_value (stack.c:1620)
    by iterate_over_block_locals (stack.c:1520)
    by iterate_over_block_local_vars (stack.c:1590)
    by print_frame_local_vars (stack.c:1652)
    by locals_info (stack.c:1739)
    by do_cfunc (cli-decode.c:67)
    by cmd_func (cli-decode.c:1777)
    by execute_command (top.c:438)
    by execute_control_command (cli-script.c:420)
    by execute_control_command (cli-script.c:480)
    by execute_control_command_untraced (cli-script.c:590)
    by while_command (cli-script.c:608)
    by do_cfunc (cli-decode.c:67)
    by cmd_func (cli-decode.c:1777)
    by execute_command (top.c:438)
    by command_loop (top.c:555)
    by read_command_file (top.c:327)
    by script_from_file (cli-script.c:1619)
    by source_script_from_stream (cli-cmds.c:559)
    by source_script_with_search (cli-cmds.c:590)
    by source_command (cli-cmds.c:665)
    by do_cfunc (cli-decode.c:67)
    by cmd_func (cli-decode.c:1777)

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[jan.kratochvil at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Jan Kratochvil <jan.kratochvil at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |ASSIGNED
         Depends on|                            |13866
         AssignedTo|unassigned at sourceware    |jan.kratochvil at redhat
                   |dot org                     |dot com
   Target Milestone|---                         |7.5

--- Comment #6 from Jan Kratochvil <jan.kratochvil at redhat dot com> 2012-07-14 20:50:30 UTC ---
[patch] Fix another stale frame_info * (PR 11914, like PR 13866)
http://sourceware.org/ml/gdb-patches/2012-07/msg00197.html

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[cvs-commit at gcc dot gnu.org]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> 2012-07-16 19:15:46 UTC ---
CVSROOT:    /cvs/src
Module name:    src
Changes by:    jkratoch@sourceware.org    2012-07-16 19:15:39

Modified files:
    gdb            : ChangeLog f-valprint.c printcmd.c stack.c 
    gdb/testsuite  : ChangeLog 
    gdb/testsuite/gdb.python: py-prettyprint.c py-prettyprint.exp 
                              py-prettyprint.py 

Log message:
    gdb/
    PR 11914
    * f-valprint.c (info_common_command): New variable frame_id.
    Reinitialize FI form FRAME_ID after each print_variable_and_value.
    * printcmd.c (print_variable_and_value): Extend function comment.
    Add comment for invalidated FRAME.
    * stack.c (backtrace_command_1): New variable frame_id.  Reinitialize
    FI form FRAME_ID after each print_frame_local_vars.
    (struct print_variable_and_value_data): Change frame to frame_id.
    (do_print_variable_and_value): New variable frame, initialize it from
    p->frame_id.  Add comment for invalidated FRAME.
    (print_frame_local_vars, print_frame_arg_vars): New function comment.
    Update CB_DATA.FRAME to CB_DATA.FRAME_ID initialization.  Add comment
    for invalidated FRAME.

    gdb/testsuite/
    PR 11914
    * gdb.python/py-prettyprint.c (eval_func, eval_sub): New.
    (main): Call eval_sub.
    * gdb.python/py-prettyprint.exp:
    (python execfile ('py-prettyprint.py')): Move it earlier.
    New breakpoint for eval-break.
    (continue to breakpoint: eval-break, info locals): New test.
    (python execfile ('py-prettyprint.py')): Move it from here.
    * gdb.python/py-prettyprint.py (class pp_eval_type): New.
    (register_pretty_printers): Register pp_eval_type.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/ChangeLog.diff?cvsroot=src&r1=1.14468&r2=1.14469
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/f-valprint.c.diff?cvsroot=src&r1=1.76&r2=1.77
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/printcmd.c.diff?cvsroot=src&r1=1.209&r2=1.210
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/stack.c.diff?cvsroot=src&r1=1.254&r2=1.255
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/testsuite/ChangeLog.diff?cvsroot=src&r1=1.3293&r2=1.3294
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/testsuite/gdb.python/py-prettyprint.c.diff?cvsroot=src&r1=1.14&r2=1.15
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/testsuite/gdb.python/py-prettyprint.exp.diff?cvsroot=src&r1=1.26&r2=1.27
http://sourceware.org/cgi-bin/cvsweb.cgi/src/gdb/testsuite/gdb.python/py-prettyprint.py.diff?cvsroot=src&r1=1.13&r2=1.14

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[jan.kratochvil at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=11914

Jan Kratochvil <jan.kratochvil at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED

--- Comment #8 from Jan Kratochvil <jan.kratochvil at redhat dot com> 2012-07-16 19:18:25 UTC ---
Checked in.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[jackie.rosen at hushmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=11914

Jackie Rosen <jackie.rosen at hushmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jackie.rosen at hushmail dot com

--- Comment #9 from Jackie Rosen <jackie.rosen at hushmail dot com> ---
*** Bug 260998 has been marked as a duplicate of this bug. ***
Seen from the domain http://volichat.com
Page where seen: http://volichat.com/adult-chat-rooms
Marked for reference. Resolved as fixed @bugzilla.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[schwab at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=11914

Andreas Schwab <schwab at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|jackie.rosen at hushmail dot com   |

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug python/11914] Multiple call to inferior function can leed to segfault

[schwab at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=11914

Andreas Schwab <schwab at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|jackie.rosen at hushmail dot com   |

-- 
You are receiving this mail because:
You are on the CC list for the bug.