This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug gdb/10886] New: Crash of gdb 7.0 as shipped with Unbuntu 9.10, probably due to a double free.
- From: "andre dot poenitz at nokia dot com" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: 2 Nov 2009 12:03:31 -0000
- Subject: [Bug gdb/10886] New: Crash of gdb 7.0 as shipped with Unbuntu 9.10, probably due to a double free.
- Reply-to: sourceware-bugzilla at sourceware dot org
"GNU gdb (GDB) 7.0-ubuntu\n"
"Copyright (C) 2009 Free Software Foundation, Inc.\n"
The crash is not 100% reproducible, but as at the same time there are "double
free" messages sometimes too, I think this is to be expected.
Program received signal SIGSEGV, Segmentation fault.
free_command_lines (lptr=0x9a6b708) at /tmp/gdb-7.0/gdb/cli/cli-script.c:1227
1227 if (l->body_count > 0)
(gdb) p l
$1 = (struct command_line *) 0x6168732f
(gdb) p *l
Cannot access memory at address 0x6168732f
(gdb) bt full
#0 free_command_lines (lptr=0x9a6b708) at /tmp/gdb-7.0/gdb/cli/cli-script.c:1227
l = 0x6168732f
next = 0x9a6b6e0
blist = 0x97dc858
i = <value optimized out>
#1 0x0811bafd in delete_breakpoint (bpt=0x9a6b6e0)
at /tmp/gdb-7.0/gdb/breakpoint.c:8005
b = 0x0
__PRETTY_FUNCTION__ = "delete_breakpoint"
#2 0x08093855 in do_my_cleanups (pmy_chain=0x8382850, old_chain=0x0)
at /tmp/gdb-7.0/gdb/utils.c:391
ptr = 0x97dc858
#3 0x08140db0 in print_command_1 (
exp=0xbfe77505 "(void*)dlopen(\"/home/berlin/[[some]].so\", 0x00002)",
inspect=0,
voidprint=<value optimized out>) at /tmp/gdb-7.0/gdb/printcmd.c:940
expr = 0xa27dd78
old_chain = 0x0
format = <value optimized out>
val = 0xa27df68
cleanup = 1
#4 0x080928f2 in execute_command (p=0xbfe7757a ")", from_tty=1)
at /tmp/gdb-7.0/gdb/top.c:453
arg = 0xbfe77505 "(void*)dlopen(\"/home/berlin/[[some]].so\", 0x00002)"
c = 0x9037610
flang = <value optimized out>
warned = 0
line = 0xbfe77500 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)"
#5 0x0816abb2 in catch_exception (uiout=0x904d958,
func=0x80ea980 <do_captured_execute_command>, func_args=0xbfe775b4, mask=6)
at /tmp/gdb-7.0/gdb/exceptions.c:462
exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#6 0x080ea90e in safe_execute_command (data=0x0,
command_str=0x90f13f0 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)")
at /tmp/gdb-7.0/gdb/cli/cli-interp.c:130
e = {reason = -1075350056, error = 134821996,
message = 0x90c1980 "8\374\n\t\260,\t\b"}
args = {
command = 0xbfe77500 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)",
from_tty = 1}
#7 cli_interpreter_exec (data=0x0,
command_str=0x90f13f0 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)")
at /tmp/gdb-7.0/gdb/cli/cli-interp.c:110
old_stream = <value optimized out>
#8 0x0816ad1a in interp_exec (interp=0x904d9c0,
d1a in interp_exec (interp=0x904d9c0,
command_str=0x90f13f0 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)")
at /tmp/gdb-7.0/gdb/interps.c:326
No locals.
#9 0x080ef756 in mi_cmd_interpreter_exec (command=0x82bc96a "-interpreter-exec",
argv=0xbfe77684, argc=2) at /tmp/gdb-7.0/gdb/mi/mi-interp.c:206
e = {reason = 0, error = 3219617352,
message = 0x809666f
"\311\303\353\r\220\220\220\220\220\220\220\220\220\220\220\220\220U\211\345WVS\203\354\034\213u\f\213]\b\213}\020\200>\n\017\204\365\001"}
interp_to_use = 0x904d9c0
i = 1
old_chain = 0x90afc38
#10 0x080f02b1 in captured_mi_execute_command (uiout=0x904e0b8, data=0x90c19b8)
at /tmp/gdb-7.0/gdb/mi/mi-main.c:1232
argv = {0x82a3148 "console",
0x90f13f0 "call (void*)dlopen(\"/home/berlin/[[some]].so\", 0x00002)"}
cleanup = 0x0
#11 0x0816abb2 in catch_exception (uiout=0x904e0b8,
func=0x80f0070 <captured_mi_execute_command>, func_args=0x90c19b8, mask=6)
at /tmp/gdb-7.0/gdb/exceptions.c:462
exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#12 0x080efd38 in mi_execute_command (
cmd=0xa223b88 "41call (void*)dlopen(\"/home/berlin/[[some]].so\", 0x00002)",
from_tty=1)
at /tmp/gdb-7.0/gdb/mi/mi-main.c:1288
result = {reason = 4961420, error = 5882912,
message = 0x7e <Address 0x7e out of bounds>}
previous_ptid = {pid = 27808, lwp = 27808, tid = 0}
command = <value optimized out>
#13 0x080eecb6 in mi_execute_command_wrapper (
cmd=0xa223b88 "41call (void*)dlopen(\"/home/berlin/[[some]].so\", 0x00002)")
at /tmp/gdb-7.0/gdb/mi/mi-interp.c:251
No locals.
#14 0x0816ff89 in handle_file_event (data=...) at /tmp/gdb-7.0/gdb/event-loop.c:812
file_ptr = 0x909e928
mask = <value optimized out>
error_mask_returned = 0
#15 0x0816f7cb in process_event () at /tmp/gdb-7.0/gdb/event-loop.c:394
event_ptr = <value optimized out>
proc = 0x816ff10 <handle_file_event>
data = {ptr = 0x0, integer = 0}
#16 0x081704c6 in gdb_do_one_event (data=0x0) at /tmp/gdb-7.0/gdb/event-loop.c:447
event_source_head = 0
current = 3
#17 0x0816a993 in catch_errors (func=0x81703e0 <gdb_do_one_event>, func_args=0x0,
errstring=0x82b3b14 "", mask=6) at /tmp/gdb-7.0/gdb/exceptions.c:510
val = 0
exception = {reason = 0, error = GDB_NO_ERROR, message = 0x0}
#18 0x0816fecc in start_event_loop () at /tmp/gdb-7.0/gdb/event-loop.c:483
gdb_result = 161920776
d1a in interp_exec (interp=0x904d9c0,
command_str=0x90f13f0 "call (void*)dlopen(\"/home/berlin/[[some]].so\",
0x00002)")
at /tmp/gdb-7.0/gdb/interps.c:326
No locals.
/home/berlin/[[some]].so is a real name, pointing do a valid, loadable shared
object
--
Summary: Crash of gdb 7.0 as shipped with Unbuntu 9.10, probably
due to a double free.
Product: gdb
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: gdb
AssignedTo: unassigned at sourceware dot org
ReportedBy: andre dot poenitz at nokia dot com
CC: gdb-prs at sourceware dot org
GCC build triplet: i486-linux-gnu
GCC host triplet: i486-linux-gnu
GCC target triplet: i486-linux-gnu
http://sourceware.org/bugzilla/show_bug.cgi?id=10886
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.