|
 |
5a6df07 |
http://sourceware.org/ml/gdb-patches/2010-02/msg00515.html
|
|
|
5a6df07 |
Subject: [patch] infcall: Remove gdb_assert ($sp overflow)
|
|
|
5a6df07 |
|
|
|
5a6df07 |
Hi,
|
|
|
5a6df07 |
|
|
|
5a6df07 |
set $sp=0
|
|
|
5a6df07 |
call something()
|
|
|
5a6df07 |
->
|
|
|
5a6df07 |
../../gdb/infcall.c:521: internal-error: call_function_by_hand: Assertion
|
|
|
5a6df07 |
`(gdbarch_inner_than (gdbarch, 1, 2) && sp <= old_sp) || (gdbarch_inner_than
|
|
|
5a6df07 |
(gdbarch, 2, 1) && sp >= old_sp)' failed.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
as $sp - frame == 0xffffsmth which is not lower than $sp.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
It must not be gdb_assert(). It can be an error() but I left it just to do:
|
|
|
5a6df07 |
(gdb) set $sp=0
|
|
|
5a6df07 |
(gdb) call doubleit (1)
|
|
|
5a6df07 |
Cannot access memory at address 0xffffffffffffff78
|
|
|
5a6df07 |
(gdb) set $sp=-1
|
|
|
5a6df07 |
(gdb) call doubleit (1)
|
|
|
5a6df07 |
Cannot access memory at address 0xffffffffffffff68
|
|
|
5a6df07 |
|
|
|
5a6df07 |
Unaware how inconvenient is an intentional crash of the testcase on some
|
|
|
5a6df07 |
embedded/non-MMU systems.
|
|
|
5a6df07 |
No regressions on {x86_64,x86_64-m32,i686}-fedora12-linux-gnu.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
|
|
|
5a6df07 |
Thanks,
|
|
|
5a6df07 |
Jan
|
|
|
5a6df07 |
|
|
|
5a6df07 |
|
|
|
5a6df07 |
gdb/
|
|
|
5a6df07 |
2010-02-19 Jan Kratochvil <jan.kratochvil@redhat.com>
|
|
|
5a6df07 |
|
|
|
5a6df07 |
* infcall.c (call_function_by_hand): Remove gdb_assert on sp and old_sp.
|
|
|
5a6df07 |
New comment.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
gdb/testsuite/
|
|
|
5a6df07 |
2010-02-19 Jan Kratochvil <jan.kratochvil@redhat.com>
|
|
|
5a6df07 |
|
|
|
5a6df07 |
* gdb.base/callfuncs.exp: New tests for $spval 0 and -1. Remove return.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
--- a/gdb/infcall.c
|
|
|
5a6df07 |
+++ b/gdb/infcall.c
|
|
|
5a6df07 |
@@ -518,10 +518,9 @@ call_function_by_hand (struct value *function, int nargs, struct value **args)
|
|
|
5a6df07 |
/* Stack grows up. */
|
|
|
5a6df07 |
sp = gdbarch_frame_align (gdbarch, old_sp + 1);
|
|
|
5a6df07 |
}
|
|
|
5a6df07 |
- gdb_assert ((gdbarch_inner_than (gdbarch, 1, 2)
|
|
|
5a6df07 |
- && sp <= old_sp)
|
|
|
5a6df07 |
- || (gdbarch_inner_than (gdbarch, 2, 1)
|
|
|
5a6df07 |
- && sp >= old_sp));
|
|
|
5a6df07 |
+ /* SP may have overflown address zero here from OLD_SP. Memory access
|
|
|
5a6df07 |
+ functions will probably fail in such case but that is a target's
|
|
|
5a6df07 |
+ problem. */
|
|
|
5a6df07 |
}
|
|
|
5a6df07 |
else
|
|
|
5a6df07 |
/* FIXME: cagney/2002-09-18: Hey, you loose!
|
|
|
5a6df07 |
--- a/gdb/testsuite/gdb.base/callfuncs.exp
|
|
|
5a6df07 |
+++ b/gdb/testsuite/gdb.base/callfuncs.exp
|
|
|
5a6df07 |
@@ -469,5 +469,18 @@ if {$old_reg_content == $new_reg_content} then {
|
|
|
5a6df07 |
fail "nested call dummies preserve register contents"
|
|
|
5a6df07 |
}
|
|
|
5a6df07 |
|
|
|
5a6df07 |
-return 0
|
|
|
5a6df07 |
+# GDB should not crash by internal error on $sp overflow during the inferior
|
|
|
5a6df07 |
+# call. It is OK it will stop on some: Cannot access memory at address 0x$hex.
|
|
|
5a6df07 |
|
|
|
5a6df07 |
+foreach spval {0 -1} {
|
|
|
5a6df07 |
+ set old_ldprefix $pf_prefix
|
|
|
5a6df07 |
+ lappend pf_prefix "sp=$spval:"
|
|
|
5a6df07 |
+
|
|
|
5a6df07 |
+ gdb_test {set $old_sp = $sp}
|
|
|
5a6df07 |
+ gdb_test "set \$sp = $spval"
|
|
|
5a6df07 |
+
|
|
|
5a6df07 |
+ gdb_test "call doubleit (1)"
|
|
|
5a6df07 |
+
|
|
|
5a6df07 |
+ gdb_test {set $sp = $old_sp}
|
|
|
5a6df07 |
+ set pf_prefix $old_ldprefix
|
|
|
5a6df07 |
+}
|
|
|
5a6df07 |
|