[Bug mi/12668] New: var-create crashes if pretty-printed std::string reference is not yet initialized

[Bug mi/12668] New: var-create crashes if pretty-printed std::string reference is not yet initialized

[oliver.gerlich at gmx dot de]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

           Summary: var-create crashes if pretty-printed std::string
                    reference is not yet initialized
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mi
        AssignedTo: unassigned@sourceware.org
        ReportedBy: oliver.gerlich@gmx.de


Created attachment 5667
  --> http://sourceware.org/bugzilla/attachment.cgi?id=5667
example application which triggers the bug

If pretty-printing (with libstdcxx.v6.printers) is enabled, then using
-var-create on a std::string reference which has not yet been initialized and
where the _M_p pointer points to invalid address leads to a crash.

Steps to reproduce:
- compile the attached test-string-basename.cpp program:
  $ g++ -o test-string-basename test-string-basename.cpp -Wall -W -Wextra -g3
-O0
- pipe the MI commands attached further below (test-string-basename-mi.txt)
into gdb:
  $ gdb --interpreter=mi2 < test-string-basename-mi.txt
- the test-string-basename program will crash; when gdb tries to do -var-create
for "theStringRef" variable, gdb itself will crash.

This happens with latest CVS HEAD (7.3.50.20110413-cvs) but does not happen
with gdb 7.0!

Backtrace from gdb:

Core was generated by `gdb7 --interpreter=mi'.
Program terminated with signal 11, Segmentation fault.
#0  0x081bd1c6 in get_type_arch (type=0x0) at gdbtypes.c:225
225       if (TYPE_OBJFILE_OWNED (type))
(gdb) bt
#0  0x081bd1c6 in get_type_arch (type=0x0) at gdbtypes.c:225
#1  0x0817385e in val_print_string (elttype=0x0, encoding=0x0, addr=0, len=0,
    stream=0x9f6ac60, options=0xbfec1d8c) at valprint.c:1484
#2  0x082234e1 in value_get_print_value (value=0x9f6abf8,
    format=FORMAT_NATURAL, var=<optimized out>) at varobj.c:2636
#3  0x0822388e in install_new_value (var=0xa09eba8, value=0x1, initial=1)
    at varobj.c:1650
#4  0x082241de in varobj_create (objname=0xa08bdd8 "var1",
    expression=0xa17f010 "theStringRef", frame=0, type=USE_SELECTED_FRAME)
    at varobj.c:634
#5  0x0810f63f in mi_cmd_var_create (command=0xa01cd00 "var-create",
    argv=0x9f0a0c8, argc=3) at ./mi/mi-cmd-var.c:150
#6  0x08113344 in captured_mi_execute_command (context=<optimized out>,
    uiout=0x9f511a8) at ./mi/mi-main.c:2092
#7  mi_execute_command (cmd=0xa0031e8 "13-var-create - @ \"theStringRef\"",
    from_tty=1) at ./mi/mi-main.c:1963
#8  0x081118e6 in mi_execute_command_wrapper (
    cmd=0xa0031e8 "13-var-create - @ \"theStringRef\"") at ./mi/mi-interp.c:266
#9  0x081adcfe in handle_file_event (data=...) at event-loop.c:831
#10 0x081acec5 in process_event () at event-loop.c:402
#11 0x081adb34 in gdb_do_one_event (data=0x0) at event-loop.c:455
#12 0x081a8473 in catch_errors (func=0x81ada40 <gdb_do_one_event>,
    func_args=0x0, errstring=0x83c6865 "", mask=6) at exceptions.c:506
#13 0x081ad72a in start_event_loop () at event-loop.c:491
#14 0x0809560b in captured_command_loop (data=0x0) at ./main.c:228
#15 0x081a8473 in catch_errors (func=0x8095600 <captured_command_loop>,
    func_args=0x0, errstring=0x83c6865 "", mask=6) at exceptions.c:506
#16 0x08095dc5 in captured_main (data=0xbfec2194) at ./main.c:936
#17 0x081a8473 in catch_errors (func=0x8095640 <captured_main>,
    func_args=0xbfec2194, errstring=0x83c6865 "", mask=6) at exceptions.c:506
#18 0x080953d1 in gdb_main (args=0xbfec2194) at ./main.c:945
#19 0x08095395 in main (argc=Cannot access memory at address 0x0
) at gdb.c:35

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[oliver.gerlich at gmx dot de]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

--- Comment #1 from Oliver Gerlich <oliver.gerlich at gmx dot de> 2011-04-13 12:43:39 UTC ---
Created attachment 5668
  --> http://sourceware.org/bugzilla/attachment.cgi?id=5668
gdb MI commands for triggering the gdb crash

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[xgsa at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

Anton <xgsa at yandex dot ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |xgsa at yandex dot ru

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[xgsa at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

--- Comment #2 from Anton <xgsa at yandex dot ru> 2011-06-16 08:21:49 UTC ---
Created attachment 5795
  --> http://sourceware.org/bugzilla/attachment.cgi?id=5795
Possible fix (maybe hack, requires review)

This bug annoying me a few times a day (but I am forced to use gdb-HEAD because
of introduced gdb-index feature). So I have tried to fix it. I'm not very
acquaint with gdb internals, so it may be a hack but not a correct solution.
However it works fine for me and breaks nothing, so I decided to share the
patch.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[tromey at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

Tom Tromey <tromey at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |WAITING
                 CC|                            |tromey at redhat dot com

--- Comment #3 from Tom Tromey <tromey at redhat dot com> 2011-08-04 15:52:19 UTC ---
Can you try CVS gdb?
I think this bug might have been fixed by:

2011-07-28  Phil Muldoon  <pmuldoon@redhat.com>

    * varobj.c (value_get_print_value): Move hint check later into the
    function.  Comment function.  Free thevalue before reusing it.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[xgsa at yandex dot ru]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

--- Comment #4 from Anton <xgsa at yandex dot ru> 2011-08-05 07:04:59 UTC ---
Yes, the problem seems to be resolved on HEAD. Thanks!

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug mi/12668] var-create crashes if pretty-printed std::string reference is not yet initialized

[tromey at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=12668

Tom Tromey <tromey at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|WAITING                     |RESOLVED
         Resolution|                            |FIXED

--- Comment #5 from Tom Tromey <tromey at redhat dot com> 2011-11-07 21:50:26 UTC ---
Fixed.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.