1998-12-03 Jason Molenda (jsm@bugshack.cygnus.com)

        * monitor.c (monitor_read_memory): Zero out pattern buffers
        before calling re_search.
        (parse_register_dump): Ditto.

PR 18049.  This bug had existed erratically since I upgraded to
the new gnu-regex.c this last summer.  The problem is mostly in
parse_register_dump; the allocated structure has some random values
in it and there is a flag set in the register_pattern structure by the
gnu-regex library which indicates that the values in the re_registers
should be trusted.

If those arbitrary contents aren't zero, gnu-regex tries to run realloc
on them and we get a core dump on some hosts for some targets when the
moon is just right.

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 324175701f8b4daf9f48215266756a622dcb7da4..1ef218176d9be87cc2893c5198bf1c623ef1de34 100644 (file)
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,8 @@
+1998-12-03  Jason Molenda  (jsm@bugshack.cygnus.com)
+
+        * monitor.c (monitor_read_memory): Zero out pattern buffers
+        before calling re_search.
+        (parse_register_dump): Ditto.
 
 Thu Dec  3 10:37:22 EST 1998  Zdenek Radouch   (radouch@cygnus.com)
 
@@ -5,7 +10,6 @@ Thu Dec  3 10:37:22 EST 1998  Zdenek Radouch   (radouch@cygnus.com)
        * configure.tgt
        * fr30-tdep.c
        * config/fr30/tm-fr30.h
-
        
 Thu Dec  3 16:30:35 1998  Andrew Cagney  <cagney@b1.cygnus.com>
 

diff --git a/gdb/monitor.c b/gdb/monitor.c
index 60cfc143e71a61a84530176f8c31fd58c0c73b87..ddd24c25a945e793a53810e2726193d72d3b85d5 100644 (file)
--- a/gdb/monitor.c
+++ b/gdb/monitor.c
@@ -847,6 +847,8 @@ parse_register_dump (buf, len)
         points to the start of the register value.  */
       struct re_registers register_strings;
 
+      memset (&register_strings, 0, sizeof (struct re_registers));
+
       if (re_search (&register_pattern, buf, len, 0, len,
                     &register_strings) == -1)
        break;
@@ -1759,6 +1761,7 @@ monitor_read_memory (memaddr, myaddr, len)
       struct re_registers resp_strings;
       RDEBUG(("MON getmem.resp_delim %s\n",current_monitor->getmem.resp_delim)) ;
 
+      memset (&resp_strings, 0, sizeof (struct re_registers));
       tmp = strlen (p);
       retval = re_search (&getmem_resp_delim_pattern, p, tmp, 0, tmp,
                          &resp_strings);