This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug gdb/13716] crash on finish
- From: "orgads at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: Tue, 21 Feb 2012 08:06:09 +0000
- Subject: [Bug gdb/13716] crash on finish
- Auto-submitted: auto-generated
- References: <bug-13716-4717@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=13716
--- Comment #1 from Orgad Shaneh <orgads at gmail dot com> 2012-02-21 08:06:09 UTC ---
Created attachment 6231
--> http://sourceware.org/bugzilla/attachment.cgi?id=6231
overwrite backtrace
I found the location in which unwind is overwritten.
frame's address is 0xf5d1ca0.
First, on utils.c:3487 - void hashtab_obstack_allocate (void *data, size_t
size, size_t count)
obstack_alloc returns frame's address, then memset is called on it, which
resets part of unwind.
After that, the same function is called and resets the rest of unwind.
The more interesting part, which is described in the attached backtrace is:
hashtab.c:313: result = (htab_t) (*alloc_f) (alloc_arg, 1, sizeof (struct
htab));
result gets frame's address, and when it assigns size, it overwrites frame's
unwind (and other fields as well)...
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.