[Bug gdb/27806] New: free(): invalid pointer during gdb.ada/fixed_cmp.exp

[Bug gdb/27806] New: free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

            Bug ID: 27806
           Summary: free(): invalid pointer during gdb.ada/fixed_cmp.exp
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: vries at gcc dot gnu.org
  Target Milestone: ---

On openSUSE tumbleweed I run into:
...
Running /data/gdb_versions/devel/src/gdb/testsuite/gdb.ada/fixed_cmp.exp ...
ERROR: GDB process no longer exists
...

In more detail:
...
(gdb) print My_Var > 10.0^M
free(): invalid pointer^M
ERROR: GDB process no longer exists
GDB process exited with wait status 5995 exp9 0 0 CHILDKILLED SIGABRT SIGABRT
UNRESOLVED: gdb.ada/fixed_cmp.exp: gnat_encodings=all: print My_Var > 10.0
ERROR: Couldn't send print My_Var > 20.0 to GDB.
...

Reproduce on command line:
...
$ gdb -q -batch ./outputs/gdb.ada/fixed_cmp/fixed  -ex "b fixed.adb:23" -ex run
-ex "print My_Var > 10.0"
Breakpoint 1 at 0x402f95: file fixed.adb, line 23.

Breakpoint 1, fixed () at fixed.adb:23
23         Do_Nothing (My_Var'Address);  -- STOP
double free or corruption (out)
Aborted (core dumped)
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

Tom de Vries <vries at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |andrew.burgess at embecosm dot com

--- Comment #1 from Tom de Vries <vries at gcc dot gnu.org> ---
Bisects to:
...
commit 880ae75a2b7106045ed2ae212bbc28e4dc0ad667 (HEAD, refs/bisect/bad)
Author: Andrew Burgess <andrew.burgess@embecosm.com>
Date:   Thu Apr 22 18:17:01 2021 +0100

    gdb delay guile initialization until gdbscm_finish_initialization
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #2 from Tom de Vries <vries at gcc dot gnu.org> ---
Backtrace:
...
double free or corruption (out)

Thread 1 "gdb" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
49        return ret;
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
#1  0x00007ffff7338864 in __GI_abort () at abort.c:79
#2  0x00007ffff7391c17 in __libc_message (action=action@entry=do_abort, 
    fmt=fmt@entry=0x7ffff74a3626 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#3  0x00007ffff73998dc in malloc_printerr (
    str=str@entry=0x7ffff74a5b70 "double free or corruption (out)") at
malloc.c:5626
#4  0x00007ffff739b160 in _int_free (av=0x7ffff74d5a00 <main_arena>,
p=0x7fffe62cfea0, 
    have_lock=<optimized out>) at malloc.c:4545
#5  0x00007ffff739e988 in __GI___libc_free (mem=<optimized out>) at
malloc.c:3309
#6  0x0000000000749909 in xfree<void> (ptr=0x7fffe62cfeb0)
    at /data/gdb_versions/devel/src/gdb/../gdbsupport/common-utils.h:66
#7  0x0000000000749b2e in gdb::xfree_deleter<void>::operator()
(this=0x7fffffffcee0, 
    ptr=0x7fffe62cfeb0)
    at /data/gdb_versions/devel/src/gdb/../gdbsupport/gdb_unique_ptr.h:34
#8  0x0000000000749a9a in std::unique_ptr<void, gdb::xfree_deleter<void>
>::~unique_ptr
    (this=0x7fffffffcee0, __in_chrg=<optimized out>)
    at /usr/include/c++/10/bits/unique_ptr.h:361
#9  0x00000000007494a9 in gdb_mpz::safe_export (this=0x7fffffffd020, buf=..., 
    endian=-1, unsigned_p=false) at
/data/gdb_versions/devel/src/gdb/gmp-utils.c:149
#10 0x0000000000749050 in gdb_mpz::write (this=0x7fffffffd020, buf=..., 
    byte_order=BFD_ENDIAN_LITTLE, unsigned_p=false)
    at /data/gdb_versions/devel/src/gdb/gmp-utils.c:72
#11 0x0000000000b4e68f in value_cast_to_fixed_point (to_type=0x19c3610, 
    from_val=0x1ebb620) at /data/gdb_versions/devel/src/gdb/valops.c:395
#12 0x0000000000b4e7b9 in value_cast (type=0x19c3610, arg2=0x1ebb620)
    at /data/gdb_versions/devel/src/gdb/valops.c:439
#13 0x0000000000462400 in ada_value_cast (type=0x19c3610, arg2=0x1ebb620)
    at /data/gdb_versions/devel/src/gdb/ada-lang.c:9429
#14 0x0000000000463628 in expr::ada_wrapped_operation::evaluate
(this=0x1ebab40, 
    expect_type=0x19c3610, exp=0x1914e40, noside=EVAL_NORMAL)
    at /data/gdb_versions/devel/src/gdb/ada-lang.c:10143
#15 0x000000000044af46 in expr::comparison_operation<(exp_opcode)17,
&(eval_op_gtr(type*, expression*, noside, exp_opcode, value*,
value*))>::evaluate (this=0x1ed4270, 
    expect_type=0x0, exp=0x1914e40, noside=EVAL_NORMAL)
    at /data/gdb_versions/devel/src/gdb/expop.h:1343
#16 0x00000000004635ae in expr::ada_wrapped_operation::evaluate
(this=0x1d786f0, 
    expect_type=0x0, exp=0x1914e40, noside=EVAL_NORMAL)
    at /data/gdb_versions/devel/src/gdb/ada-lang.c:10130
#17 0x00000000006e6300 in expression::evaluate (this=0x1914e40,
expect_type=0x0, 
    noside=EVAL_NORMAL) at /data/gdb_versions/devel/src/gdb/eval.c:101
#18 0x00000000006e63ac in evaluate_expression (exp=0x1914e40, expect_type=0x0)
    at /data/gdb_versions/devel/src/gdb/eval.c:115
#19 0x00000000008d53b2 in process_print_command_args (
    args=0x7fffffffe183 "My_Var > 10.0", print_opts=0x7fffffffd3f0,
voidprint=true)
    at /data/gdb_versions/devel/src/gdb/printcmd.c:1305
#20 0x00000000008d5435 in print_command_1 (args=0x7fffffffe183 "My_Var > 10.0", 
    voidprint=1) at /data/gdb_versions/devel/src/gdb/printcmd.c:1318
#21 0x00000000008d57e4 in print_command (exp=0x7fffffffe183 "My_Var > 10.0",
from_tty=0)
    at /data/gdb_versions/devel/src/gdb/printcmd.c:1435
#22 0x000000000059472a in do_const_cfunc (c=0x1797950, 
    args=0x7fffffffe183 "My_Var > 10.0", from_tty=0)
    at /data/gdb_versions/devel/src/gdb/cli/cli-decode.c:101
#23 0x00000000005984f9 in cmd_func (cmd=0x1797950, args=0x7fffffffe183 "My_Var
> 10.0", 
    from_tty=0) at /data/gdb_versions/devel/src/gdb/cli/cli-decode.c:2181
#24 0x0000000000ac27dd in execute_command (p=0x7fffffffe18f "0", from_tty=0)
    at /data/gdb_versions/devel/src/gdb/top.c:670
#25 0x000000000082327b in catch_command_errors (
    command=0xac226c <execute_command(char const*, int)>, 
    arg=0x7fffffffe17d "print My_Var > 10.0", from_tty=0, do_bp_actions=true)
    at /data/gdb_versions/devel/src/gdb/main.c:523
#26 0x0000000000823450 in execute_cmdargs (cmdarg_vec=0x7fffffffd880, 
    file_type=CMDARG_FILE, cmd_type=CMDARG_COMMAND, ret=0x7fffffffd85c)
    at /data/gdb_versions/devel/src/gdb/main.c:618
#27 0x00000000008247d6 in captured_main_1 (context=0x7fffffffda90)
    at /data/gdb_versions/devel/src/gdb/main.c:1319
#28 0x00000000008249d4 in captured_main (data=0x7fffffffda90)
    at /data/gdb_versions/devel/src/gdb/main.c:1340
#29 0x0000000000824a3f in gdb_main (args=0x7fffffffda90)
    at /data/gdb_versions/devel/src/gdb/main.c:1365
#30 0x00000000004177bd in main (argc=15, argv=0x7fffffffdba8)
    at /data/gdb_versions/devel/src/gdb/gdb.c:32
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #3 from Tom de Vries <vries at gcc dot gnu.org> ---
Hmm, so it seems to be related to this bit of code in gdb_mpz::safe_export:
...
147       gdb::unique_xmalloc_ptr<void> exported
148         (mpz_export (NULL, &word_countp, -1 /* order */, buf.size () /*
size */,
149                      endian, 0 /* nails */, exported_val.val));
...

The gdb::unique_xmalloc_ptr<void> makes sure that free is called on
exported.get ().

But when I step into the allocation:
...
(gdb) s
__gmpz_export (data=0x0, countp=0x7fffffffcee8, order=-1, size=4, endian=-1,
nail=0, z=0x7fffffffcef0) at mpz/export.c:50
Downloading source file /usr/src/debug/gmp-6.2.1-3.1.x86_64/mpz/export.c...
  ...
79          data = (*__gmp_allocate_func) (count*size);
...
it seems that it uses a garbage-collect malloc from libguile:
...
(gdb) s
custom_gmp_malloc (alloc_size=4) at numbers.c:240
Downloading source file
/usr/src/debug/guile-3.0.5-2.4.x86_64/libguile/numbers.c...
240       return scm_gc_malloc_pointerless (alloc_size, "GMP");
(gdb) s
scm_gc_malloc_pointerless (size=4, what=0x7ffff7ee970f "GMP") at
gc-malloc.c:210
Downloading source file
/usr/src/debug/guile-3.0.5-2.4.x86_64/libguile/gc-malloc.c...
210       return do_gc_malloc_atomic (size, what);
(gdb) s
do_gc_malloc_atomic (what=0x7ffff7ee970f "GMP", size=4) at gc-malloc.c:92
92        return GC_MALLOC_ATOMIC (size ? size : sizeof (void *));
(gdb) s
0x00007ffff7e2c2e8 in GC_malloc_atomic@plt () from /usr/lib64/libguile-3.0.so.1
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #4 from Tom de Vries <vries at gcc dot gnu.org> ---
So, the sequence of events seems to be:

1. Gdb sets gmp memory functions during _initialize_gmp_utils:
...
#1  0x00000000007498ba in _initialize_gmp_utils ()
    at /data/gdb_versions/devel/src/gdb/gmp-utils.c:242
242       mp_set_memory_functions (xmalloc, xrealloc_for_gmp, xfree_for_gmp);
...

2. libguille overwrites those memory functions during
   gdbscm_finish_initialization:
...
#1  0x00007ffff7e8bfb2 in scm_init_numbers () at numbers.c:10393
10393       mp_set_memory_functions (custom_gmp_malloc,
...

3. An allocation is done using custom_gmp_malloc:
...
Thread 1 "gdb" hit Breakpoint 6, custom_gmp_malloc (alloc_size=4) at
numbers.c:240
240       return scm_gc_malloc_pointerless (alloc_size, "GMP");
...

4. The allocated value is freed using xfree.
...
double free or corruption (out)

Thread 1 "gdb" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
49        return ret;
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #5 from Tom de Vries <vries at gcc dot gnu.org> ---
(In reply to Tom de Vries from comment #4)
> So, the sequence of events seems to be:
> 
> 1. Gdb sets gmp memory functions during _initialize_gmp_utils:
> ...
> #1  0x00000000007498ba in _initialize_gmp_utils ()
>     at /data/gdb_versions/devel/src/gdb/gmp-utils.c:242
> 242       mp_set_memory_functions (xmalloc, xrealloc_for_gmp, xfree_for_gmp);
> ...
> 
> 2. libguille overwrites those memory functions during
>    gdbscm_finish_initialization:
> ...
> #1  0x00007ffff7e8bfb2 in scm_init_numbers () at numbers.c:10393
> 10393       mp_set_memory_functions (custom_gmp_malloc,
> ...
> 

Before the commit, the order of 1 and 2 was reversed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

Simon Marchi <simark at simark dot ca> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |simark at simark dot ca

--- Comment #6 from Simon Marchi <simark at simark dot ca> ---
I don't see libguile being linked against libgmp on Ubuntu 20.04.  Is it that
it's an optional dependency for libguile, that is enabled on Suse and not on
Ubuntu?

If you do "lddtree gdb", do you see libgmp as both a direct dependency of gdb
and a dependency of libguile?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #7 from Tom de Vries <vries at gcc dot gnu.org> ---
I'm not seeing this problem on my openSUSE Leap 15.2 build, presumably because
it uses libguile-2.0.so.22, which didn't have this change yet:
...
@@ -237,19 +237,20 @@ finalize_bignum (void *ptr, void *data)
 static void *
 custom_gmp_malloc (size_t alloc_size)
 {
-  return scm_malloc (alloc_size);
+  return scm_gc_malloc_pointerless (alloc_size, "GMP");
 }
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #8 from Tom de Vries <vries at gcc dot gnu.org> ---
(In reply to Simon Marchi from comment #6)
> I don't see libguile being linked against libgmp on Ubuntu 20.04.  Is it
> that it's an optional dependency for libguile, that is enabled on Suse and
> not on Ubuntu?

In guile.git/README, I read:
...
Guile depends on the following external libraries.
- libgmp
...

That's not formulated as an optional dependency.

> 
> If you do "lddtree gdb", do you see libgmp as both a direct dependency of
> gdb and a dependency of libguile?

No, but I don't know the tool. If I do ldd on libguile, I see libgmp as direct
dependency.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #9 from Tom de Vries <vries at gcc dot gnu.org> ---
Two relevant pieces from guile.git/NEWS:
...
** Fix important incompatibility with GnuTLS

Guile uses the GNU multi-precision (GMP) library to implement
arbitrary-precision integers (bignums) and fractions.  Usually Guile is
built to dynamically link to libgmp.  In this configuration, any other
user of GMP in the process uses the same libgmp instance, with the same
shared state.

An important piece of shared state is the GMP allocator, responsible for
allocating storage for the digits of large integers.  For Guile it's
most efficient to install libgc as the GMP allocator.  That way Guile
doesn't need to install finalizers, which have significant overhead, to
free GMP values when Guile bignums are collected.  Using libgc to
allocate digits also allows Guile's GC to adequately measure the memory
cost of these values.

However, if the Guile process is linked to some other user of GMP, then
probably the references from the other library to GMP values aren't
visible to the garbage collector.  In this case libgc could prematurely
collect values from that other GMP user.

This isn't theoretical, sadly: it happens for Guile-GnuTLS.  GnuTLS uses
GMP, and so does Guile.  Since Guile 2.0.4, Guile has installed libgc as
the GMP allocator, so since then, Guile-GnuTLS has been buggy.

Therefore, the default is now to not install libgc as the GMP allocator.
This may slow down some uses of bignums.  If you know that your Guile
program will never use a library that uses GMP, you can set the
GUILE_INSTALL_GMP_MEMORY_FUNCTIONS=1 in your environment.  Guile sets
this environment variable when building Guile, for example.  See
"Environment Variables" in the manual, for more.

In some future, Guile may switch to GMP's more low-level "MPN" API for
working with bignums, which would allow us to regain the ability to use
GC-managed digit storage in all configurations.

** New build option: --enable-mini-gmp

For some users, it would be preferable to bundle a private copy of the
GMP bignum library into Guile.  Some users would like to avoid the extra
dependency.  Others would like to use libgc to manage GMP values, while
not perturbing the GMP allocator for other GMP users.

For these cases, Guile now has an --enable-mini-gmp configure option,
which will use a stripped-down version of GMP, bundled with Guile.  This
code doesn't have all the algorithmic optimizations of full GMP, but
implements the same API in a basic way.  It can be more optimal in a
Guile context, given that it can use libgc to allocate its data.

Note that a build with --enable-mini-gmp is not ABI-compatible with a
"stock" build, as functions that use GMP types (scm_to_mpz,
scm_from_mpz) are not exported.

Thanks to Niels Möller and other GMP developers for their mini-gmp
implementation!
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #10 from Tom de Vries <vries at gcc dot gnu.org> ---
So according to the formulation in the first NEWS item, this classifies a 
libguile bug.  This should be fixed in v3.0.6.  Tumbleweed currently uses
3.0.5.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[simark at simark dot ca]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #11 from Simon Marchi <simark at simark dot ca> ---
(In reply to Tom de Vries from comment #8)
> (In reply to Simon Marchi from comment #6)
> > I don't see libguile being linked against libgmp on Ubuntu 20.04.  Is it
> > that it's an optional dependency for libguile, that is enabled on Suse and
> > not on Ubuntu?
> 
> In guile.git/README, I read:
> ...
> Guile depends on the following external libraries.
> - libgmp
> ...
> 
> That's not formulated as an optional dependency.
> 
> > 
> > If you do "lddtree gdb", do you see libgmp as both a direct dependency of
> > gdb and a dependency of libguile?
> 
> No, but I don't know the tool. If I do ldd on libguile, I see libgmp as
> direct dependency.

Nevermind, I see it too:

$ ldd /usr/lib/x86_64-linux-gnu/libguile-2.0.so.22 | grep gmp
        libgmp.so.10 => /usr/lib/x86_64-linux-gnu/libgmp.so.10
(0x00007fb455904000)

lddtree is nice, it's just like ldd but shows the dependencies as a tree, so
it's easier to see how a given .so gets pulled.  But it de-duplicates the
dependencies by default.  With "lddtree -a", I see that libgmp is there three
times: from gdb directly, from libguile and from libmpfr.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #12 from Tom de Vries <vries at gcc dot gnu.org> ---
At the gdb side, we could at least detect that the mem functions have changed,
and bail out or some such.

But it would be nicer to insist more: to save the mem functions before the
guile init, and then restore them (which is roughly the same behaviour as we
had before the commit).

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #13 from Tom de Vries <vries at gcc dot gnu.org> ---
Well, this works:
...
diff --git a/gdb/guile/guile.c b/gdb/guile/guile.c
index 9c2a40b61be..71e74892ab3 100644
--- a/gdb/guile/guile.c
+++ b/gdb/guile/guile.c
@@ -664,10 +664,19 @@ gdbscm_finish_initialization (const struct
extension_langua
ge_defn *extlang)
   {
     gdb::block_signals blocker;

+    /* Save libgmp memory functions.  */
+    void *(*alloc_func) (size_t);
+    void *(*realloc_func) (void *, size_t, size_t);
+    void (*free_func) (void *, size_t);
+    mp_get_memory_functions (&alloc_func, &realloc_func, &free_func);
+
     /* scm_with_guile is the most portable way to initialize Guile.  Plus
        we need to initialize the Guile support while in Guile mode (e.g.,
        called from within a call to scm_with_guile).  */
     scm_with_guile (call_initialize_gdb_module, NULL);
+
+    /* Restore libgmp memory functions.  */
+    mp_set_memory_functions (alloc_func, realloc_func, free_func);
   }

   /* Set Guile's backtrace to match the "set guile print-stack" default.
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug guile/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

Tom de Vries <vries at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
          Component|gdb                         |guile

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug guile/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #14 from Tom de Vries <vries at gcc dot gnu.org> ---
(In reply to Tom de Vries from comment #13)
> Well, this works:

Patch posted: https://sourceware.org/pipermail/gdb-patches/2021-May/178438.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug guile/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

--- Comment #15 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Tom de Vries <vries@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=225bda24db9671e2087fda892f94141625836a40

commit 225bda24db9671e2087fda892f94141625836a40
Author: Tom de Vries <tdevries@suse.de>
Date:   Tue May 4 10:26:16 2021 +0200

    [gdb/guile] Don't allow libguile to change libgmp mem fns

    Since gdb commit 880ae75a2b7 "gdb delay guile initialization until
    gdbscm_finish_initialization" I'm running into:
    ...
    (gdb) print My_Var > 10.0^M
    free(): invalid pointer^M
    ERROR: GDB process no longer exists
    GDB process exited with wait status 5995 exp9 0 0 CHILDKILLED SIGABRT
SIGABRT
    UNRESOLVED: gdb.ada/fixed_cmp.exp: gnat_encodings=all: print My_Var > 10.0
    ...

    The problem is that both gdb and libguile try to set the libgmp memory
functions,
    and since the gdb commit the ones from libguile are effective, which
results
    in gdb freeing some memory in a way that is not compatible with the way
that
    memory was actually allocated.

    The fact that libguile tries to set the libgmp memory functions is a bug
which
    should be fixed starting version v3.0.6.

    Meanwhile, work around this in gdb by not allowing libguile to set the
libgomp
    memory functions.

    Tested on x86_64-linux.

    gdb/ChangeLog:

    2021-05-04  Tom de Vries  <tdevries@suse.de>

            PR guile/27806
            * guile/guile.c (gdbscm_initialize): Don't let guile change libgmp
            memory functions.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug guile/27806] free(): invalid pointer during gdb.ada/fixed_cmp.exp

[vries at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=27806

Tom de Vries <vries at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|---                         |11.1
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #16 from Tom de Vries <vries at gcc dot gnu.org> ---
Patch committed, marking resolved-fixed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.