This is the mail archive of the gdb-patches@sourceware.cygnus.com mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: PATCH/RFA free(NULL) bomb in printcmd.c

To: Philippe De Muyter <phdm at macqel dot be>, gdb-patches at sourceware dot cygnus dot com
Subject: Re: PATCH/RFA free(NULL) bomb in printcmd.c
From: Andrew Cagney <ac131313 at cygnus dot com>
Date: Thu, 20 Apr 2000 20:29:30 +1000
Organization: Cygnus Solutions
References: <200004110900.LAA01874@mail.macqel.be> <38FED326.69E89A2B@cygnus.com>

Andrew Cagney wrote:

> > Philippe De Muyter  <phdm@macqel.be>
> >
> >         * printcmd.c (print_address_symbolic): Call `make_cleanup' with
> >         `(free_current_contents, &x)', not `(free, x)'.
> >         * utils.c (free_current_contents): Do not `free (NULL)'.
> 
> FYI,
> 
> Something wierd is going on.  For the d10v-elf target, FreeBSD 3.4
> host.  I see the regression:
> 
> x/d &oct
> 0x2007dc0:      -1490098887
> gdb in free(): warning: junk pointer, too high to make sense.
> (gdb) FAIL: gdb.base/long_long.exp: x/d &oct
> 
> The warning appears all over the place.  It suggests that something is
> corrupting one of those pointers.

The attached appears to work much better. The function wasn't cleaning
up when build_address_symbolic failed.  This led to a later cleanup call
freeing a garbage pointer on the stack.

Philippe, can you try it on your platform.

	Andrew

Thu Apr 20 17:39:11 2000  Andrew Cagney  <cagney@b1.cygnus.com>

	* defs.h, utils.c (free_current_contents): Change parameter to
 	void*.

	From Philippe De Muyter  <phdm@macqel.be>:
	* printcmd.c (print_address_symbolic): Call `make_cleanup' with
	`(free_current_contents, &x)', not `(free, x)'.
	* utils.c (free_current_contents): Do not `free (NULL)'.

	* printcmd.c (print_address_symbolic): Cleanup after a failed
	call to build_address_symbolic.

Index: defs.h
===================================================================
RCS file: /cvs/src/src/gdb/defs.h,v
retrieving revision 1.13
diff -p -r1.13 defs.h
*** defs.h	2000/03/30 18:54:28	1.13
--- defs.h	2000/04/20 10:17:47
*************** extern void restore_cleanups (struct cle
*** 354,360 ****
  extern void restore_final_cleanups (struct cleanup *);
  extern void restore_my_cleanups (struct cleanup **, struct cleanup *);
  
! extern void free_current_contents (char **);
  
  extern void null_cleanup (void *);
  
--- 354,360 ----
  extern void restore_final_cleanups (struct cleanup *);
  extern void restore_my_cleanups (struct cleanup **, struct cleanup *);
  
! extern void free_current_contents (void *);
  
  extern void null_cleanup (void *);
  
Index: printcmd.c
===================================================================
RCS file: /cvs/src/src/gdb/printcmd.c,v
retrieving revision 1.3
diff -p -r1.3 printcmd.c
*** printcmd.c	2000/04/04 04:16:48	1.3
--- printcmd.c	2000/04/20 10:17:54
*************** print_address_symbolic (addr, stream, do
*** 562,573 ****
    int offset = 0;
    int line = 0;
  
!   struct cleanup *cleanup_chain = make_cleanup (free, name);
!   if (print_symbol_filename)
!     make_cleanup (free, filename);
  
    if (build_address_symbolic (addr, do_demangle, &name, &offset, &filename, &line, &unmapped))
!     return;
  
    fputs_filtered (leadin, stream);
    if (unmapped)
--- 562,576 ----
    int offset = 0;
    int line = 0;
  
!   /* throw away both name and filename */
!   struct cleanup *cleanup_chain = make_cleanup (free_current_contents, &name);
!   make_cleanup (free_current_contents, &filename);
  
    if (build_address_symbolic (addr, do_demangle, &name, &offset, &filename, &line, &unmapped))
!     {
!       do_cleanups (cleanup_chain);
!       return;
!     }
  
    fputs_filtered (leadin, stream);
    if (unmapped)
Index: utils.c
===================================================================
RCS file: /cvs/src/src/gdb/utils.c,v
retrieving revision 1.6
diff -p -r1.6 utils.c
*** utils.c	2000/03/30 18:54:28	1.6
--- utils.c	2000/04/20 10:17:59
*************** restore_my_cleanups (pmy_chain, chain)
*** 375,384 ****
     to arrange to free the object thus allocated.  */
  
  void
! free_current_contents (location)
!      char **location;
  {
!   free (*location);
  }
  
  /* Provide a known function that does nothing, to use as a base for
--- 375,385 ----
     to arrange to free the object thus allocated.  */
  
  void
! free_current_contents (void *ptr)
  {
!   void **location = ptr;
!   if (*location != NULL)
!     free (*location);
  }
  
  /* Provide a known function that does nothing, to use as a base for

Follow-Ups:
- Re: PATCH/RFA free(NULL) bomb in printcmd.c
  - From: Philippe De Muyter

References:
- Re: PATCH/RFA free(NULL) bomb in printcmd.c
  - From: Philippe De Muyter
- Re: PATCH/RFA free(NULL) bomb in printcmd.c
  - From: Andrew Cagney

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]