public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
From: "johnw at boostpro dot com" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug gdb/14290] New: gdb_bfd_unref frees an already freed memory block
Date: Sun, 24 Jun 2012 23:50:00 -0000 [thread overview]
Message-ID: <bug-14290-4717@http.sourceware.org/bugzilla/> (raw)
http://sourceware.org/bugzilla/show_bug.cgi?id=14290
Bug #: 14290
Summary: gdb_bfd_unref frees an already freed memory block
Product: gdb
Version: 7.4
Status: NEW
Severity: normal
Priority: P2
Component: gdb
AssignedTo: unassigned@sourceware.org
ReportedBy: johnw@boostpro.com
Classification: Unclassified
In gdb_bfd_unref, objfiles.c, the last lines in that function are:
name = bfd_get_filename (abfd);
gdb_bfd_close_or_warn (abfd);
xfree (name);
The memory checker on OS X aborts gdb because xfree here is freeing a memory
block that was already freed elsewhere.
Reproducing this on OS X is trivial:
1. Build GDB (with either gcc or clang)
2. Code sign it:
codesign -s gdb-cert gdb
3. Use this gdb to debug any executable (including just "hello world")
4. Run the program with "run"
5. Run it again with "run".
You should see this:
(XXXXX) malloc: *** error for object 0x10045b570: pointer being freed was
not allocated
*** set a breakpoint in malloc_error_break to debug
Here is the stack trace at the point of error:
Breakpoint 1, 0x00007fff8c8786c0 in malloc_error_break () from i386:x86-64
(gdb) bt
#0 0x00007fff8c8786c0 in malloc_error_break () from i386:x86-64
#1 0x00007fff8c878805 in free () from i386:x86-64
#2 0x00000001002ef4d3 in xfree (ptr=0x10045b570) at
./common/common-utils.c:107
#3 0x00000001001d6d12 in gdb_bfd_unref (abfd=0x103531440) at objfiles.c:1557
#4 0x00000001001d69b8 in free_objfile (objfile=0x1076cca00) at objfiles.c:597
#5 0x00000001001d7c98 in objfile_purge_solibs () at objfiles.c:986
#6 0x0000000100022ec9 in no_shared_libraries (ignored=0x0, from_tty=1) at
solib.c:1205
#7 0x00000001001c1677 in target_pre_inferior (from_tty=1) at target.c:2479
#8 0x000000010016d282 in run_command_1 (args=0x0, from_tty=1,
tbreak_at_main=0) at infcmd.c:516
#9 0x000000010016cb50 in run_command (args=0x0, from_tty=1) at infcmd.c:620
#10 0x0000000100069e3e in do_cfunc (c=0x100a40390, args=0x0, from_tty=1) at
./cli/cli-decode.c:67
#11 0x000000010006decc in cmd_func (cmd=0x100a40390, args=0x0, from_tty=1)
at ./cli/cli-decode.c:1810
#12 0x00000001002b03e9 in execute_command (p=0x100a0a213 "", from_tty=1) at
top.c:441
#13 0x0000000100199ed9 in command_handler (command=0x100a0a210 "") at
event-top.c:435
#14 0x0000000100199d74 in command_line_handler (rl=0x10353a5b0 "") at
event-top.c:636
#15 0x0000000100314b7a in rl_callback_read_char () at callback.c:220
#16 0x0000000100199561 in rl_callback_read_char_wrapper (client_data=0x0) at
event-top.c:169
---Type <return> to continue, or q <return> to quit---
#17 0x0000000100198bca in stdin_event_handler (error=0, client_data=0x0) at
event-top.c:375
#18 0x00000001001984f9 in handle_file_event (data=...) at event-loop.c:827
#19 0x00000001001968bc in process_event () at event-loop.c:401
#20 0x0000000100196781 in gdb_do_one_event () at event-loop.c:465
#21 0x00000001001970ac in start_event_loop () at event-loop.c:490
#22 0x00000001001985d8 in cli_command_loop () at event-top.c:182
#23 0x000000010018e106 in current_interp_command_loop () at interps.c:309
#24 0x00000001001903de in captured_command_loop (data=0x0) at ./main.c:232
#25 0x000000010018d0c5 in catch_errors (func=0x1001903c0
<captured_command_loop>, func_args=0x0,
errstring=0x10040efea "", mask=6) at exceptions.c:502
#26 0x000000010018fe7e in captured_main (data=0x7fff5fbff5a0) at ./main.c:942
#27 0x000000010018d0c5 in catch_errors (func=0x10018ea70 <captured_main>,
func_args=0x7fff5fbff5a0, errstring=0x10040efea "", mask=6) at
exceptions.c:502
#28 0x000000010018ea5d in gdb_main (args=0x7fff5fbff5a0) at ./main.c:951
#29 0x0000000100000dbc in main (argc=1, argv=0x7fff5fbff5f8) at gdb.c:34
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
next reply other threads:[~2012-06-24 23:50 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-24 23:50 johnw at boostpro dot com [this message]
2012-06-24 23:51 ` [Bug gdb/14290] " johnw at boostpro dot com
2012-07-31 4:47 ` tromey at redhat dot com
2012-11-19 4:43 ` davidbalbert at gmail dot com
2012-11-19 14:55 ` tromey at redhat dot com
2012-11-22 2:46 ` davidbalbert at gmail dot com
2012-11-22 2:47 ` davidbalbert at gmail dot com
2012-11-27 15:47 ` tromey at redhat dot com
2012-11-27 15:49 ` tromey at redhat dot com
2012-11-27 17:39 ` davidbalbert at gmail dot com
2012-11-27 17:46 ` tromey at redhat dot com
2012-11-27 17:47 ` tromey at redhat dot com
2012-11-27 19:28 ` davidbalbert at gmail dot com
2012-11-28 18:48 ` cvs-commit at gcc dot gnu.org
2012-11-28 18:50 ` tromey at redhat dot com
2012-11-28 19:36 ` davidbalbert at gmail dot com
2012-11-28 20:22 ` tromey at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-14290-4717@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=gdb-prs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).