From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 8D94F3858433; Thu, 18 Jan 2024 09:07:46 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8D94F3858433 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1705568866; bh=eNBWU7Fqg7bZSxFLkgBixkvHRiboY/pmeIwNK6SReDA=; h=From:To:Subject:Date:From; b=xfaE+lhl+IKCzoBFo6P35jAN0TkbmDBtfRvrgDgF4OXZcCHSa67rlOTuWOuVKTCbJ aW4SZxfBHIrPC4kLdD91+4zxYN1XefYtWHyIb289rjuRjjMa27RYOBAln7d6CcXfby IqeHpamTN6ZmYEL2tilS8E5TqFeFRHpJ9K0G2lrQ= From: "vries at gcc dot gnu.org" To: gdb-prs@sourceware.org Subject: [Bug gdb/31258] New: [gdb] ThreadSanitizer: heap-use-after-free in memmove Date: Thu, 18 Jan 2024 09:07:43 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gdb X-Bugzilla-Component: gdb X-Bugzilla-Version: HEAD X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vries at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D31258 Bug ID: 31258 Summary: [gdb] ThreadSanitizer: heap-use-after-free in memmove Product: gdb Version: HEAD Status: NEW Severity: normal Priority: P2 Component: gdb Assignee: unassigned at sourceware dot org Reporter: vries at gcc dot gnu.org Target Milestone: --- When building gdb with O0 -fsanitize=3Dthread, and run test-case gdb.ada/uninitialized_vars.exp, I run into a heap-user-after-free: (gdb) info locals a =3D 0 z =3D (a =3D> 1, b =3D> false, c =3D> 2.0) y =3D (a =3D> 184, c =3D> 9.18340949e-41, d =3D> -411009023) =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D [1m[31mWARNING: ThreadSanitizer: heap-use-after-free (pid=3D519489) [1m[0m[1m[34m Read of size 4 at 0xfffff1c0fc18 by main thread: [1m[0m #0 memmove (libtsan.so.2+0x4b10c) (BuildId: fe872cc4563474b7ad67d63a019aa94e1e0df888) #1 unsigned char* std::__copy_move_backward::__copy_move_b(unsigned char const*, unsigned char const*, unsigned char*) /usr/include/c++/13/bits/stl_algobase.h:748 (gdb+0x45bf80) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #2 unsigned char* std::__copy_move_backward_a2(unsigned char const*, unsigned char const*, unsigned char*) /usr/include/c++/13/bits/stl_algobase.h:769 (gdb+0x45b12c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #3 unsigned char* std::__copy_move_backward_a1(unsigned char const*, unsigned char const*, unsigned char*) /usr/include/c++/13/bits/stl_algobase.h:778 (gdb+0x459dc4) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #4 unsigned char* std::__copy_move_backward_a(unsigned char const*, unsigned char const*, unsigned char*) /usr/include/c++/13/bits/stl_algobase.h:807 (gdb+0x458710) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #5 unsigned char* std::copy_backward(unsigned char const*, unsigned char const*, unsigned char*) /usr/include/c++/13/bits/stl_algobase.h:867 (gdb+0x456c4c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #6 void gdb::copy(gdb::array_view, gdb::array_view) /home/vries/gdb/src/gdb/../gdbsupport/array-view.h:223 (gdb+0x455030) (Buil= dId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #7 value::contents_copy_raw(value*, long, long, long) /home/vries/gdb/src/gdb/value.c:1239 (gdb+0x110a4e8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #8 value::primitive_field(long, int, type*) /home/vries/gdb/src/gdb/value.c:3078 (gdb+0x110fef8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #9 value_field(value*, int) /home/vries/gdb/src/gdb/value.c:3095 (gdb+0x110ffa8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #10 print_field_values /home/vries/gdb/src/gdb/ada-valprint.c:658 (gdb+0x4f7f8c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #11 ada_val_print_struct_union /home/vries/gdb/src/gdb/ada-valprint.c:8= 57 (gdb+0x4f88d8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #12 ada_value_print_inner(value*, ui_file*, int, value_print_options const*) /home/vries/gdb/src/gdb/ada-valprint.c:1042 (gdb+0x4f90a0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #13 ada_language::value_print_inner(value*, ui_file*, int, value_print_options const*) const (gdb+0x4c5358) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #14 common_val_print(value*, ui_file*, int, value_print_options const*, language_defn const*) /home/vries/gdb/src/gdb/valprint.c:1092 (gdb+0x10fd41= c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #15 common_val_print_checked(value*, ui_file*, int, value_print_options const*, language_defn const*) /home/vries/gdb/src/gdb/valprint.c:1184 (gdb+0x10fd908) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #16 print_variable_and_value(char const*, symbol*, frame_info_ptr, ui_file*, int) /home/vries/gdb/src/gdb/printcmd.c:2355 (gdb+0xcb133c) (Buil= dId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #17 print_variable_and_value_data::operator()(char const*, symbol*) /home/vries/gdb/src/gdb/stack.c:2295 (gdb+0xf2be88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #18 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::operator()(gdb::fv_detail::erased_callable, char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:305 (gdb+0xf3358c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #19 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::_FUN(gdb::fv_detail::erased_callable, char const*, symbol*) /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:299 (gdb+0xf335f4) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #20 gdb::function_view::operator()(char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:289 (gdb+0xf32e18) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #21 iterate_over_block_locals /home/vries/gdb/src/gdb/stack.c:2227 (gdb+0xf2bb78) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #22 iterate_over_block_local_vars(block const*, gdb::function_view) /home/vries/gdb/src/gdb/stack.c:2246 (gdb+0xf2bc10) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #23 print_frame_local_vars /home/vries/gdb/src/gdb/stack.c:2367 (gdb+0xf2c1dc) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #24 info_locals_command(char const*, int) /home/vries/gdb/src/gdb/stack.c:2445 (gdb+0xf2c62c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #25 do_simple_func /home/vries/gdb/src/gdb/cli/cli-decode.c:95 (gdb+0x6e444c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #26 cmd_func(cmd_list_element*, char const*, int) /home/vries/gdb/src/gdb/cli/cli-decode.c:2735 (gdb+0x6ebb88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #27 execute_command(char const*, int) /home/vries/gdb/src/gdb/top.c:575 (gdb+0xff748c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #28 command_handler(char const*) /home/vries/gdb/src/gdb/event-top.c:566 (gdb+0x942488) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #29 command_line_handler(std::unique_ptr >&&) /home/vries/gdb/src/gdb/event-top.c:802 (gdb+0x942bc0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #30 tui_command_line_handler /home/vries/gdb/src/gdb/tui/tui-interp.c:1= 04 (gdb+0x10365f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #31 gdb_rl_callback_handler /home/vries/gdb/src/gdb/event-top.c:259 (gdb+0x941884) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #32 rl_callback_read_char /home/vries/gdb/src/readline/readline/callback.c:290 (gdb+0x11a2c7c) (Build= Id: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #33 gdb_rl_callback_read_char_wrapper_noexcept /home/vries/gdb/src/gdb/event-top.c:195 (gdb+0x9415f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #34 gdb_rl_callback_read_char_wrapper /home/vries/gdb/src/gdb/event-top.c:234 (gdb+0x941720) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #35 stdin_event_handler /home/vries/gdb/src/gdb/ui.c:155 (gdb+0x1079320) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #36 handle_file_event /home/vries/gdb/src/gdbsupport/event-loop.cc:573 (gdb+0x1cf5678) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #37 gdb_wait_for_event /home/vries/gdb/src/gdbsupport/event-loop.cc:694 (gdb+0x1cf5d3c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #38 gdb_do_one_event(int) /home/vries/gdb/src/gdbsupport/event-loop.cc:= 264 (gdb+0x1cf4074) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #39 start_event_loop /home/vries/gdb/src/gdb/main.c:408 (gdb+0xb79354) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #40 captured_command_loop /home/vries/gdb/src/gdb/main.c:472 (gdb+0xb79= 584) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #41 captured_main /home/vries/gdb/src/gdb/main.c:1342 (gdb+0xb7b99c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #42 gdb_main(captured_main_args*) /home/vries/gdb/src/gdb/main.c:1361 (gdb+0xb7ba4c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #43 main /home/vries/gdb/src/gdb/gdb.c:39 (gdb+0x423ce8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) [1m[34m Previous write of size 8 at 0xfffff1c0fc18 by main thread: [1m[0m #0 operator delete(void*, unsigned long) (libtsan.so.2+0x8fb14) (BuildId: fe872cc4563474b7ad67d63a019aa94e1e0df888) #1 std::__new_allocator::deallocate(dwarf_stack_valu= e*, unsigned long) /usr/include/c++/13/bits/new_allocator.h:172 (gdb+0x822504) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #2 std::allocator_traits >::deallocate(std::allocator&, dwarf_stack_value*, unsig= ned long) /usr/include/c++/13/bits/alloc_traits.h:517 (gdb+0x820bf4) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #3 std::_Vector_base >::_M_deallocate(dwarf_stack_value*, unsigned long) /usr/include/c++/13/bits/stl_vector.h:387 (gdb+0x820bf4) #4 std::_Vector_base >::~_Vector_base() /usr/include/c++/13/bits/stl_vector.h:366 (gdb+0x81fc94) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #5 std::vector >::~vector() /usr/include/c++/13/bits/stl_vector.h:735 (gdb+0x81fd24) (Buil= dId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #6 dwarf_expr_context::~dwarf_expr_context() /home/vries/gdb/src/gdb/dwarf2/expr.h:124 (gdb+0x822e38) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #7 dwarf2_evaluate_loc_desc_full /home/vries/gdb/src/gdb/dwarf2/loc.c:1= 559 (gdb+0x86c10c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #8 dwarf2_evaluate_loc_desc(type*, frame_info_ptr, unsigned char const*, unsigned long, dwarf2_per_cu_data*, dwarf2_per_objfile*, bool) /home/vries/gdb/src/gdb/dwarf2/loc.c:1570 (gdb+0x86c2f0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #9 locexpr_read_variable /home/vries/gdb/src/gdb/dwarf2/loc.c:3061 (gdb+0x86f650) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #10 language_defn::read_var_value(symbol*, block const*, frame_info_ptr) const /home/vries/gdb/src/gdb/findvar.c:502 (gdb+0x98294c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #11 ada_language::read_var_value(symbol*, block const*, frame_info_ptr) const (gdb+0x4c412c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e= 8a3) #12 read_var_value(symbol*, block const*, frame_info_ptr) /home/vries/gdb/src/gdb/findvar.c:729 (gdb+0x983464) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #13 print_variable_and_value(char const*, symbol*, frame_info_ptr, ui_file*, int) /home/vries/gdb/src/gdb/printcmd.c:2352 (gdb+0xcb12f0) (Buil= dId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #14 print_variable_and_value_data::operator()(char const*, symbol*) /home/vries/gdb/src/gdb/stack.c:2295 (gdb+0xf2be88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #15 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::operator()(gdb::fv_detail::erased_callable, char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:305 (gdb+0xf3358c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #16 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::_FUN(gdb::fv_detail::erased_callable, char const*, symbol*) /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:299 (gdb+0xf335f4) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #17 gdb::function_view::operator()(char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:289 (gdb+0xf32e18) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #18 iterate_over_block_locals /home/vries/gdb/src/gdb/stack.c:2227 (gdb+0xf2bb78) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #19 iterate_over_block_local_vars(block const*, gdb::function_view) /home/vries/gdb/src/gdb/stack.c:2246 (gdb+0xf2bc10) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #20 print_frame_local_vars /home/vries/gdb/src/gdb/stack.c:2367 (gdb+0xf2c1dc) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #21 info_locals_command(char const*, int) /home/vries/gdb/src/gdb/stack.c:2445 (gdb+0xf2c62c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #22 do_simple_func /home/vries/gdb/src/gdb/cli/cli-decode.c:95 (gdb+0x6e444c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #23 cmd_func(cmd_list_element*, char const*, int) /home/vries/gdb/src/gdb/cli/cli-decode.c:2735 (gdb+0x6ebb88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #24 execute_command(char const*, int) /home/vries/gdb/src/gdb/top.c:575 (gdb+0xff748c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #25 command_handler(char const*) /home/vries/gdb/src/gdb/event-top.c:566 (gdb+0x942488) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #26 command_line_handler(std::unique_ptr >&&) /home/vries/gdb/src/gdb/event-top.c:802 (gdb+0x942bc0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #27 tui_command_line_handler /home/vries/gdb/src/gdb/tui/tui-interp.c:1= 04 (gdb+0x10365f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #28 gdb_rl_callback_handler /home/vries/gdb/src/gdb/event-top.c:259 (gdb+0x941884) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #29 rl_callback_read_char /home/vries/gdb/src/readline/readline/callback.c:290 (gdb+0x11a2c7c) (Build= Id: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #30 gdb_rl_callback_read_char_wrapper_noexcept /home/vries/gdb/src/gdb/event-top.c:195 (gdb+0x9415f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #31 gdb_rl_callback_read_char_wrapper /home/vries/gdb/src/gdb/event-top.c:234 (gdb+0x941720) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #32 stdin_event_handler /home/vries/gdb/src/gdb/ui.c:155 (gdb+0x1079320) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #33 handle_file_event /home/vries/gdb/src/gdbsupport/event-loop.cc:573 (gdb+0x1cf5678) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #34 gdb_wait_for_event /home/vries/gdb/src/gdbsupport/event-loop.cc:694 (gdb+0x1cf5d3c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #35 gdb_do_one_event(int) /home/vries/gdb/src/gdbsupport/event-loop.cc:= 264 (gdb+0x1cf4074) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #36 start_event_loop /home/vries/gdb/src/gdb/main.c:408 (gdb+0xb79354) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #37 captured_command_loop /home/vries/gdb/src/gdb/main.c:472 (gdb+0xb79= 584) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #38 captured_main /home/vries/gdb/src/gdb/main.c:1342 (gdb+0xb7b99c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #39 gdb_main(captured_main_args*) /home/vries/gdb/src/gdb/main.c:1361 (gdb+0xb7ba4c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #40 main /home/vries/gdb/src/gdb/gdb.c:39 (gdb+0x423ce8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) [1m[32m Location is heap block of size 8 at 0xfffff1c0fc10 allocated by ma= in thread: [1m[0m #0 calloc (libtsan.so.2+0x454e8) (BuildId: fe872cc4563474b7ad67d63a019aa94e1e0df888) #1 xcalloc /home/vries/gdb/src/gdb/alloc.c:97 (gdb+0x500024) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #2 xzalloc(unsigned long) /home/vries/gdb/src/gdbsupport/common-utils.c= c:29 (gdb+0x1cee77c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #3 value::allocate_contents(bool) /home/vries/gdb/src/gdb/value.c:937 (gdb+0x11093a8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #4 value::fetch_lazy() /home/vries/gdb/src/gdb/value.c:4033 (gdb+0x1112= b30) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #5 value::entirely_covered_by_range_vector(std::vector > const&) /home/vries/gdb/src/gdb/value.c:229 (gdb+0x11073b0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #6 value::entirely_optimized_out() /home/vries/gdb/src/gdb/value.h:560 (gdb+0x4f9558) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #7 value_check_printable /home/vries/gdb/src/gdb/valprint.c:1133 (gdb+0x10fd680) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #8 common_val_print_checked(value*, ui_file*, int, value_print_options const*, language_defn const*) /home/vries/gdb/src/gdb/valprint.c:1182 (gdb+0x10fd8d8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #9 print_variable_and_value(char const*, symbol*, frame_info_ptr, ui_fi= le*, int) /home/vries/gdb/src/gdb/printcmd.c:2355 (gdb+0xcb133c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #10 print_variable_and_value_data::operator()(char const*, symbol*) /home/vries/gdb/src/gdb/stack.c:2295 (gdb+0xf2be88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #11 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::operator()(gdb::fv_detail::erased_callable, char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:305 (gdb+0xf3358c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #12 gdb::function_view::bind(print_variable_and_value_dat= a&)::{lambda(gdb::fv_detail::erased_callable, char const*, symbol*)#1}::_FUN(gdb::fv_detail::erased_callable, char const*, symbol*) /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:299 (gdb+0xf335f4) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #13 gdb::function_view::operator()(char const*, symbol*) const /home/vries/gdb/src/gdb/../gdbsupport/function-view.h:289 (gdb+0xf32e18) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #14 iterate_over_block_locals /home/vries/gdb/src/gdb/stack.c:2227 (gdb+0xf2bb78) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #15 iterate_over_block_local_vars(block const*, gdb::function_view) /home/vries/gdb/src/gdb/stack.c:2246 (gdb+0xf2bc10) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #16 print_frame_local_vars /home/vries/gdb/src/gdb/stack.c:2367 (gdb+0xf2c1dc) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #17 info_locals_command(char const*, int) /home/vries/gdb/src/gdb/stack.c:2445 (gdb+0xf2c62c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #18 do_simple_func /home/vries/gdb/src/gdb/cli/cli-decode.c:95 (gdb+0x6e444c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #19 cmd_func(cmd_list_element*, char const*, int) /home/vries/gdb/src/gdb/cli/cli-decode.c:2735 (gdb+0x6ebb88) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #20 execute_command(char const*, int) /home/vries/gdb/src/gdb/top.c:575 (gdb+0xff748c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #21 command_handler(char const*) /home/vries/gdb/src/gdb/event-top.c:566 (gdb+0x942488) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #22 command_line_handler(std::unique_ptr >&&) /home/vries/gdb/src/gdb/event-top.c:802 (gdb+0x942bc0) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #23 tui_command_line_handler /home/vries/gdb/src/gdb/tui/tui-interp.c:1= 04 (gdb+0x10365f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #24 gdb_rl_callback_handler /home/vries/gdb/src/gdb/event-top.c:259 (gdb+0x941884) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #25 rl_callback_read_char /home/vries/gdb/src/readline/readline/callback.c:290 (gdb+0x11a2c7c) (Build= Id: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #26 gdb_rl_callback_read_char_wrapper_noexcept /home/vries/gdb/src/gdb/event-top.c:195 (gdb+0x9415f8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #27 gdb_rl_callback_read_char_wrapper /home/vries/gdb/src/gdb/event-top.c:234 (gdb+0x941720) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #28 stdin_event_handler /home/vries/gdb/src/gdb/ui.c:155 (gdb+0x1079320) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #29 handle_file_event /home/vries/gdb/src/gdbsupport/event-loop.cc:573 (gdb+0x1cf5678) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #30 gdb_wait_for_event /home/vries/gdb/src/gdbsupport/event-loop.cc:694 (gdb+0x1cf5d3c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #31 gdb_do_one_event(int) /home/vries/gdb/src/gdbsupport/event-loop.cc:= 264 (gdb+0x1cf4074) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #32 start_event_loop /home/vries/gdb/src/gdb/main.c:408 (gdb+0xb79354) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #33 captured_command_loop /home/vries/gdb/src/gdb/main.c:472 (gdb+0xb79= 584) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #34 captured_main /home/vries/gdb/src/gdb/main.c:1342 (gdb+0xb7b99c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #35 gdb_main(captured_main_args*) /home/vries/gdb/src/gdb/main.c:1361 (gdb+0xb7ba4c) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) #36 main /home/vries/gdb/src/gdb/gdb.c:39 (gdb+0x423ce8) (BuildId: 6dc308d9bc2da51d7adf979315fabd66fb46e8a3) SUMMARY: ThreadSanitizer: heap-use-after-free (/lib64/libtsan.so.2+0x4b10c) (BuildId: fe872cc4563474b7ad67d63a019aa94e1e0df888) in memmove =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D y2 =3D (a =3D> 224, c =3D> 9.18340949e-41, d =3D> -411009023) nv =3D (v =3D> (kind =3D> 200, string_value =3D> 4160731976)) ut =3D (b =3D> 3, c =3D> 4.20389539e-45) tt =3D (a =3D> -134229152, b =3D> 255 '["ff"]') ctt =3D (a =3D> -8816, b =3D> 255 '["ff"]', c =3D> -1.02340132e+34) ctt2 =3D (a =3D> -141925200, b =3D> 255 '["ff"]') w =3D (0 =3D> (field1 =3D> 0x67fffff7fc41bc, field2 =3D> "["04"]["a4"]"), (= field1 =3D> 0xfffff7ffb000 , field2 =3D> "["98"]["a1"]")) dire =3D (num1 =3D> 0, num2 =3D> 0, num3 =3D> 0, num4 =3D> 0, field1 =3D> (= ), field2 =3D> (0 =3D> (field1 =3D> 0xfffff7fff480, field2 =3D> "["00"]["00"]"), (field1 =3D> 0xfffff7841908, field2 =3D> "["a3"]!"), (field1 =3D> 0xfffff7ffef00, field2= =3D> "`["d9"]"), (field1 =3D> 0x400, field2 =3D> "["00"]["ef"]"), (field1 =3D> 0= x0, field2 =3D> "["00"]["ef"]"), (field1 =3D> 0xfffff7ffcb48 <_rtld_local+2888>, field= 2 =3D> "["00"]["00"]"), (field1 =3D> 0x0, field2 =3D> "["00"]["00"]"), (field1 =3D= > 0x0, field2 =3D> "["00"]["00"]"), (field1 =3D> 0x0, field2 =3D> "["00"]["00"]"),= (field1 =3D> 0x0, field2 =3D> " ["da"]"), (field1 =3D> 0xafffff7fc41bc, field2 =3D> "P["ca"]")), field3 =3D> (0 =3D> (field1 =3D> 0xfffff7ffb000 , field2 =3D> "H["c9"]")), field4 =3D> (0 =3D> (field1 =3D> 0xfffff7fac588, f= ield2 =3D> "8["c5"]")), field5 =3D> (0 =3D> (field1 =3D> 0x0, field2 =3D> "H["cb"]"))) nvp =3D (discr =3D> 0) t_ptr =3D t_ptr2 =3D my_str =3D v_null =3D v_null v_boolean =3D v_boolean v_integer =3D v_integer nbi_n =3D (var =3D> v_null) nbi_i =3D (var =3D> v_null) nbi_b =3D (var =3D> 144, integer_value =3D> 65535) (gdb) PASS: gdb.ada/uninitialized_vars.exp: info locals --=20 You are receiving this mail because: You are on the CC list for the bug.=