| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When running test-case gdb.server/connect-with-no-symbol-file.exp on
aarch64-linux (specifically, an opensuse leap 15.5 container on a
fedora asahi 39 system), I run into:
...
(gdb) detach^M
Detaching from program: target:connect-with-no-symbol-file, process 185104^M
Ending remote debugging.^M
terminate called after throwing an instance of 'gdb_exception_error'^M
...
The detailed backtrace of the corefile is:
...
(gdb) bt
#0 0x0000ffff75504f54 in raise () from /lib64/libpthread.so.0
#1 0x00000000007a86b4 in handle_fatal_signal (sig=6)
at gdb/event-top.c:926
#2 <signal handler called>
#3 0x0000ffff74b977b4 in raise () from /lib64/libc.so.6
#4 0x0000ffff74b98c18 in abort () from /lib64/libc.so.6
#5 0x0000ffff74ea26f4 in __gnu_cxx::__verbose_terminate_handler() ()
from /usr/lib64/libstdc++.so.6
#6 0x0000ffff74ea011c in ?? () from /usr/lib64/libstdc++.so.6
#7 0x0000ffff74ea0180 in std::terminate() () from /usr/lib64/libstdc++.so.6
#8 0x0000ffff74ea0464 in __cxa_throw () from /usr/lib64/libstdc++.so.6
#9 0x0000000001548870 in throw_it (reason=RETURN_ERROR,
error=TARGET_CLOSE_ERROR, fmt=0x16c7810 "Remote connection closed", ap=...)
at gdbsupport/common-exceptions.cc:203
#10 0x0000000001548920 in throw_verror (error=TARGET_CLOSE_ERROR,
fmt=0x16c7810 "Remote connection closed", ap=...)
at gdbsupport/common-exceptions.cc:211
#11 0x0000000001548a00 in throw_error (error=TARGET_CLOSE_ERROR,
fmt=0x16c7810 "Remote connection closed")
at gdbsupport/common-exceptions.cc:226
#12 0x0000000000ac8f2c in remote_target::readchar (this=0x233d3d90, timeout=2)
at gdb/remote.c:9856
#13 0x0000000000ac9f04 in remote_target::getpkt (this=0x233d3d90,
buf=0x233d40a8, forever=false, is_notif=0x0) at gdb/remote.c:10326
#14 0x0000000000acf3d0 in remote_target::remote_hostio_send_command
(this=0x233d3d90, command_bytes=13, which_packet=17,
remote_errno=0xfffff1a3cf38, attachment=0xfffff1a3ce88,
attachment_len=0xfffff1a3ce90) at gdb/remote.c:12567
#15 0x0000000000ad03bc in remote_target::fileio_fstat (this=0x233d3d90, fd=3,
st=0xfffff1a3d020, remote_errno=0xfffff1a3cf38)
at gdb/remote.c:12979
#16 0x0000000000c39878 in target_fileio_fstat (fd=0, sb=0xfffff1a3d020,
target_errno=0xfffff1a3cf38) at gdb/target.c:3315
#17 0x00000000007eee5c in target_fileio_stream::stat (this=0x233d4400,
abfd=0x2323fc40, sb=0xfffff1a3d020) at gdb/gdb_bfd.c:467
#18 0x00000000007f012c in <lambda(bfd*, void*, stat*)>::operator()(bfd *,
void *, stat *) const (__closure=0x0, abfd=0x2323fc40, stream=0x233d4400,
sb=0xfffff1a3d020) at gdb/gdb_bfd.c:955
#19 0x00000000007f015c in <lambda(bfd*, void*, stat*)>::_FUN(bfd *, void *,
stat *) () at gdb/gdb_bfd.c:956
#20 0x0000000000f9b838 in opncls_bstat (abfd=0x2323fc40, sb=0xfffff1a3d020)
at bfd/opncls.c:665
#21 0x0000000000f90adc in bfd_stat (abfd=0x2323fc40, statbuf=0xfffff1a3d020)
at bfd/bfdio.c:431
#22 0x000000000065fe20 in reopen_exec_file () at gdb/corefile.c:52
#23 0x0000000000c3a3e8 in generic_mourn_inferior ()
at gdb/target.c:3642
#24 0x0000000000abf3f0 in remote_unpush_target (target=0x233d3d90)
at gdb/remote.c:6067
#25 0x0000000000aca8b0 in remote_target::mourn_inferior (this=0x233d3d90)
at gdb/remote.c:10587
#26 0x0000000000c387cc in target_mourn_inferior (
ptid=<error reading variable: Cannot access memory at address 0x2d310>)
at gdb/target.c:2738
#27 0x0000000000abfff0 in remote_target::remote_detach_1 (this=0x233d3d90,
inf=0x22fce540, from_tty=1) at gdb/remote.c:6421
#28 0x0000000000ac0094 in remote_target::detach (this=0x233d3d90,
inf=0x22fce540, from_tty=1) at gdb/remote.c:6436
#29 0x0000000000c37c3c in target_detach (inf=0x22fce540, from_tty=1)
at gdb/target.c:2526
#30 0x0000000000860424 in detach_command (args=0x0, from_tty=1)
at gdb/infcmd.c:2817
#31 0x000000000060b594 in do_simple_func (args=0x0, from_tty=1, c=0x231431a0)
at gdb/cli/cli-decode.c:94
#32 0x00000000006108c8 in cmd_func (cmd=0x231431a0, args=0x0, from_tty=1)
at gdb/cli/cli-decode.c:2741
#33 0x0000000000c65a94 in execute_command (p=0x232e52f6 "", from_tty=1)
at gdb/top.c:570
#34 0x00000000007a7d2c in command_handler (command=0x232e52f0 "")
at gdb/event-top.c:566
#35 0x00000000007a8290 in command_line_handler (rl=...)
at gdb/event-top.c:802
#36 0x0000000000c9092c in tui_command_line_handler (rl=...)
at gdb/tui/tui-interp.c:103
#37 0x00000000007a750c in gdb_rl_callback_handler (rl=0x23385330 "detach")
at gdb/event-top.c:258
#38 0x0000000000d910f4 in rl_callback_read_char ()
at readline/readline/callback.c:290
#39 0x00000000007a7338 in gdb_rl_callback_read_char_wrapper_noexcept ()
at gdb/event-top.c:194
#40 0x00000000007a73f0 in gdb_rl_callback_read_char_wrapper
(client_data=0x22fbf640) at gdb/event-top.c:233
#41 0x0000000000cbee1c in stdin_event_handler (error=0, client_data=0x22fbf640)
at gdb/ui.c:154
#42 0x000000000154ed60 in handle_file_event (file_ptr=0x232be730, ready_mask=1)
at gdbsupport/event-loop.cc:572
#43 0x000000000154f21c in gdb_wait_for_event (block=1)
at gdbsupport/event-loop.cc:693
#44 0x000000000154dec4 in gdb_do_one_event (mstimeout=-1)
at gdbsupport/event-loop.cc:263
#45 0x0000000000910f98 in start_event_loop () at gdb/main.c:400
#46 0x0000000000911130 in captured_command_loop () at gdb/main.c:464
#47 0x0000000000912b5c in captured_main (data=0xfffff1a3db58)
at gdb/main.c:1338
#48 0x0000000000912bf4 in gdb_main (args=0xfffff1a3db58)
at gdb/main.c:1357
#49 0x00000000004170f4 in main (argc=10, argv=0xfffff1a3dcc8)
at gdb/gdb.c:38
(gdb)
...
The abort happens because a c++ exception escapes to c code, specifically
opncls_bstat in bfd/opncls.c. Compiling with -fexceptions works around this.
Fix this by catching the exception just before it escapes, in stat_trampoline
and likewise in few similar spot.
Add a new template catch_exceptions to do so in a consistent way.
Tested on aarch64-linux.
Approved-by: Pedro Alves <pedro@palves.net>
PR remote/31577
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31577
|
|
|
|
Working backwards in terms of motivation for the patch:
- When accessing memory via the xfer_partial interface, the process
that we're accessing is indicated by inferior_ptid. This can be
either the same process as current inferior, or a fork child which
does not exist in the inferior list. This is not documented
currently. This commit fixes that.
- For target delegation to work, we must always make the inferior we
want to call the target method on, the current inferior. This
wasn't documented, AFAICT, so this commit fixes that too. I put
that in the intro comment to target_ops.
- I actually started writing a larger intro comment to target_ops, as
there was seemingly none, which I did find odd. However, I then
noticed the description closer to the top of the file. I missed it
the first time, because for some reason, that intro comment is no
longer at the top of the file, as #includes etc. have been added
above it over the years. This commit fixes that too, by moving that
intro comment to the top.
Change-Id: Id21f5462947f2a0f6f3ac0c42532df62ba355914
Approved-By: Simon Marchi <simon.marchi@efficios.com>
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Old RHEL systems have a kernel that does not support writing memory
via /proc/pid/mem. On such systems, we fallback to accessing memory
via ptrace. That has a few downsides described in the "Accessing
inferior memory" section at the top of linux-nat.c.
The target_xfer interface for memory access uses inferior_ptid as
sideband argument to indicate which process to access. Memory access
is process-wide, it is not thread-specific, so inferior_ptid is
sometimes pointed at a process-wide ptid_t for the memory access
(i.e., a ptid that looks like {pid, 0, 0}). That is the case for any
code that uses scoped_restore_current_inferior_for_memory, for
example.
That is what causes the issue described in PR 31579, where thread_db
calls into the debugger to read memory, which reaches our
ps_xfer_memory function, which does:
static ps_err_e
ps_xfer_memory (const struct ps_prochandle *ph, psaddr_t addr,
gdb_byte *buf, size_t len, int write)
{
scoped_restore_current_inferior_for_memory save_inferior (ph->thread->inf);
...
ret = target_read_memory (core_addr, buf, len);
...
}
If linux_nat_target::xfer_partial falls back to inf_ptrace_target with
a pid-ptid, then the ptrace code will do the ptrace call targeting
pid, the leader LWP. That may fail with ESRCH if the leader is
currently running, or zombie. That is the case in the scenario in
question, because thread_db is consulted for an event of a non-leader
thread, before we've stopped the whole process.
Fix this by having the ptrace fallback code try to find a stopped LWP
to use with ptrace.
I chose to handle this in the linux-nat target instead of in common
code because (global) memory is a process-wide property, and this
avoids having to teach all the code paths that use
scoped_restore_current_inferior_for_memory to find some stopped thread
to access memory through, which is a ptrace quirk. That is
effectively what we used to do before we started relying on writable
/proc/pid/mem. I'd rather not go back there.
To trigger this on modern kernels you have to hack linux-nat.c to
force the ptrace fallback code, like so:
--- a/gdb/linux-nat.c
+++ b/gdb/linux-nat.c
@@ -3921,7 +3921,7 @@ linux_nat_target::xfer_partial (enum target_object object,
poke would incorrectly write memory to the post-exec address
space, while the core was trying to write to the pre-exec
address space. */
- if (proc_mem_file_is_writable ())
+ if (0 && proc_mem_file_is_writable ())
With that hack, I was able to confirm that the fix fixes hundreds of
testsuite failures. Compared to a test run with pristine master, the
hack above + this commit's fix shows that some non-stop-related tests
fail, but that is expected, because those are tests that need to
access memory while the program is running. (I made no effort to
temporarily pause an lwp if no ptrace-stopped lwp is found.)
Change-Id: I24a4f558e248aff7bc7c514a88c698f379f23180
Tested-By: Hannes Domani <ssbssa@yahoo.de>
Approved-By: Andrew Burgess <aburgess@redhat.com>
|
|
When testing with the native-extended-gdbserver board,
gdb.base/attach.exp shows a couple failures, like so:
Running /home/pedro/gdb/src/gdb/testsuite/gdb.base/attach.exp ...
FAIL: gdb.base/attach.exp: do_command_attach_tests: gdb_spawn_attach_cmdline: start gdb with --pid
FAIL: gdb.base/attach.exp: do_command_attach_tests: gdb_spawn_attach_cmdline: info thread (no thread)
From gdb.log:
builtin_spawn /home/pedro/gdb/build/gdb/testsuite/../../gdb/gdb -nw -nx -q -iex set height 0 -iex set width 0 -data-directory /home/pedro/gdb/build
/gdb/data-directory -iex set auto-connect-native-target off -iex set sysroot -quiet --pid=2115260
Don't know how to attach. Try "help target".
(gdb) FAIL: gdb.base/attach.exp: do_command_attach_tests: gdb_spawn_attach_cmdline: start gdb with --pid
There is a check for [isnative] to skip the test on anything but
target native, but that is the wrong check. native-extended-gdbserver
is "isnative". Fix it by using a gdb_protocol check instead.
Change-Id: I37ee730b8d6f1913b12c118838f511bd1c0b3768
Approved-By: Tom Tromey <tom@tromey.com>
|
|
After the previous patches, gdb_is_target_remote,
gdb_is_target_native, and mi_is_target_remote aren't used anywhere.
This commit eliminates them, along with now unnecessary helpers.
Change-Id: I54f9ae1f5aed3f640e5758731cf4954e6dbb1bee
Approved-By: Tom Tromey <tom@tromey.com>
|
|
This is similar to the previous patch, but for gdb_protocol_is_remote.
gdb_is_target_remote and its MI cousin mi_is_target_remote, use "maint
print target-stack", which is unnecessary when checking whether
gdb_protocol is "remote" or "extended-remote" would do. Checking
gdb_protocol is more efficient, and can be done before starting GDB
and running to main, unlike gdb_is_target_remote/mi_is_target_remote.
This adds a new gdb_protocol_is_remote procedure, and uses it in place
of gdb_is_target_remote/mi_is_target_remote throughout.
There are no uses of gdb_is_target_remote/mi_is_target_remote left
after this. Those will be eliminated in a following patch.
In some spots, we no longer need to defer the check until after
starting GDB, so the patch adjusts accordingly.
Change-Id: I90267c132f942f63426f46dbca0b77dbfdf9d2ef
Approved-By: Tom Tromey <tom@tromey.com>
|
|
gdb_is_target_native uses "maint print target-stack", which is
unnecessary when checking whether gdb_protocol is empty would do.
Checking gdb_protocol is more efficient, and can be done before
starting GDB and running to main, unlike gdb_is_target_native.
This adds a new gdb_protocol_is_native procedure, and uses it in place
of gdb_is_target_native.
At first, I thought that we'd end up with a few testcases needing to
use gdb_is_target_native still, especially multi-target tests that
connect to targets different from the default board target, but no,
actually all uses of gdb_is_target_native could be converted.
gdb_is_target_native will be eliminated in a following patch.
In some spots, we no longer need to defer the check until after
starting GDB, so the patch adjusts accordingly.
Change-Id: Ia706232dbffac70f9d9740bcb89c609dbee5cee3
Approved-By: Tom Tromey <tom@tromey.com>
|
|
handle_v_attach calls attach_inferior, which says:
"return -1 if attaching is unsupported, 0 if it succeeded, and call
error() otherwise."
So if attach_inferior return != 0, we have the unsupported case,
meaning we should return the empty packet instead of an error.
In practice, this shouldn't trigger, as vAttach support is supposed to
be reported via qSupported. But it doesn't hurt to be pedantic here.
Change-Id: I99cce6fa678f2370571e6bca0657451300956127
Approved-By: Tom Tromey <tom@tromey.com>
|
|
This fixes the same issue as the previous patch, but for "attach"
instead of "run".
If attaching to a process with "attach" (vAttach packet) fails,
GDBserver throws an error that escapes all the way to the top level.
When an error escapes all the way like that, GDBserver interprets it
as a disconnection, and either goes back to waiting for a new GDB
connection, or exits, if --once was specified.
Here's an example:
On the GDB side:
...
(gdb) tar extended-remote :9999
...
Remote debugging using :9999
(gdb) attach 1
Attaching to process 1
Attaching to process 1 failed
(gdb)
On the GDBserver side:
$ gdbserver --once --multi :9999
Listening on port 9999
Remote debugging from host 127.0.0.1, port 37464
gdbserver: Cannot attach to process 1: Operation not permitted (1)
$ # gdbserver exited
This is wrong, as we've connected with extended-remote/--multi.
GDBserver should just report an error to vAttach, and continue
connected to GDB, waiting for other commands.
This commit fixes GDBserver by catching the error locally in
handle_v_attach.
Note we now let pid == 0 pass down to attach_inferior. That is so we
get a useful textual error message to report to GDB.
This fixes a couple KFAILs in gdb.base/attach.exp. Still, I thought
it would be useful to add a new testcase specifically for this
scenario, in case gdb.base/attach.exp is ever split and stops trying
to attach again after a failed attach, with the same GDB session.
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=19558
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31554
Change-Id: I25314c7e5f1435eff69cb84d57ecac13d8de3393
Approved-By: Tom Tromey <tom@tromey.com>
|
|
After the previous commit, if starting the inferior process with "run"
(vRun packet) fails, GDBserver reports an error using the "E." textual
error packet. On the GDB side, however, GDB doesn't yet do anything
with the textual error string. This commit improves that.
This makes remote debugging output the same as native output, when
possible, another small step in the "local/remote parity" project.
E.g., before, against GNU/Linux GDBserver:
(gdb) run
Starting program: .../gdb.base/run-fail-twice/run-fail-twice.nox
Running ".../gdb.base/run-fail-twice/run-fail-twice.nox" on the remote target failed
After, against GNU/Linux GDBserver (same as native):
(gdb) run
Starting program: .../gdb.base/run-fail-twice/run-fail-twice.nox
During startup program exited with code 126.
To know whether we have a textual error message, extend packet_result
to carry that information. While at it, convert packet_result to use
factory methods, and change its std::string parameter to a plain const
char *, as that it always what we have handy to pass to it.
Change-Id: Ib386f267522603f554b52a885b15229c9639e870
Approved-By: Tom Tromey <tom@tromey.com>
|
|
If starting the inferior process with "run" (vRun packet) fails,
GDBserver throws an error that escapes all the way to the top level.
When an error escapes all the way like that, GDBserver interprets it
as a disconnection, and either goes back to waiting for a new GDB
connection, or exits, if --once was specified.
E.g., with the testcase program added by this commit, we see:
On GDB side:
...
(gdb) tar extended-remote :999
...
Remote debugging using :9999
(gdb) r
Starting program:
Running ".../gdb.base/run-fail-twice/run-fail-twice.nox" on the remote target failed
(gdb)
On GDBserver side:
$ gdbserver --once --multi :9999
Remote debugging from host 127.0.0.1, port 34344
bash: line 1: .../gdb.base/run-fail-twice/run-fail-twice.nox: Permission denied
bash: line 1: exec: .../gdb.base/run-fail-twice/run-fail-twice.nox: cannot execute: Permission denied
gdbserver: During startup program exited with code 126.
$ # gdbserver exited
This is wrong, as we've connected with extended-remote/--multi.
GDBserver should just report an error to vCont, and continue connected
to GDB, waiting for other commands.
This commit fixes GDBserver by catching the error locally in
handle_v_run.
Change-Id: Ib386f267522603f554b52a885b15229c9639e870
Approved-By: Tom Tromey <tom@tromey.com>
|
|
On Cygwin, gdb.base/attach.exp exposes that an "attach" after a
previously failed "attach" hangs:
(gdb) PASS: gdb.base/attach.exp: do_attach_failure_tests: attach to digits-starting nonsense is prohibited
attach 0
Can't attach to process 0 (error 2: The system cannot find the file specified.)
(gdb) PASS: gdb.base/attach.exp: do_attach_failure_tests: attach to nonexistent process is prohibited
attach 10644
FAIL: gdb.base/attach.exp: do_attach_failure_tests: first attach (timeout)
The problem is that windows_nat_target::attach always returns success
even if the attach fails. When we return success, the helper thread
begins waiting for events (which will never come), and thus the next
attach deadlocks on the do_synchronously call within
windows_nat_target::attach.
"run" has the same problem, which is exposed by the new
gdb.base/run-fail-twice.exp testcase added in a following patch:
(gdb) run
Starting program: .../gdb.base/run-fail-twice/run-fail-twice.nox
Error creating process .../gdb.base/run-fail-twice/run-fail-twice.nox, (error 6: The handle is invalid.)
(gdb) PASS: gdb.base/run-fail-twice.exp: test: bad run 1
run
Starting program: .../gdb.base/run-fail-twice/run-fail-twice.nox
FAIL: gdb.base/run-fail-twice.exp: test: bad run 2 (timeout)
The problem here is the same, except that this time it is
windows_nat_target::create_inferior that returns the incorrect result.
This commit fixes both the "attach" and "run" paths, and the latter
both the Cygwin and MinGW paths. The tests mentioned above now pass
on Cygwin. Confirmed the fixes manually for MinGW GDB.
Change-Id: I15ec9fa279aff269d4982b00f4ea7c25ae917239
Approved-By: Tom Tromey <tom@tromey.com>
|
|
For many years, GDB has accepted a "E.MESSAGE" error reponse, in
addition to "E NN". For many packets, GDB strips the "E." before
giving the error message to the user. For others, GDB does not strip
the "E.", but still understands that it is an error, as it starts with
"E", and either prints the whole string, or ignores it and just
mentions an error occured (same as for "E NN").
This has been the case for as long as I remember. Now that I check, I
see that it's been there since 2006 (commit a76d924dffcb, also here:
https://sourceware.org/pipermail/gdb-patches/2006-September/047286.html).
All along, I actually thought it was documented. Turns out it wasn't.
This commit documents it, in the new "Standard Replies" section, near
where we document "E NN".
The original version of this 3-patch documentation series was a single
CodeSourcery patch that documented the textual error as
"E.NAME.MESSAGE", with MESSAGE being 8-bit binary encoded. But I
think the ship has sailed for that. GDBserver has been sending error
messages with more than one "." for a long while, and with no binary
encoding. Still, I've preserved the "Co-Authored-By" list of the
original larger patch.
The 'qRcmd' and 'm' commands are exceptions and do not accept this
reply format. The top of the "Standard Replies" section already says:
"All commands support these, except as noted in the individual
command descriptions."
So this adds a note to the description of 'qRcmd' and 'm', explicitly
stating that they do not support this error reply format.
Change-Id: Ie4fee3d00d82ede39e439bf162e8cb7485532fd8
Co-Authored-By: Jim Blandy <jimb@codesourcery.com>
Co-Authored-By: Mike Wrighton <mike_wrighton@mentor.com>
Co-Authored-By: Nathan Sidwell <nathan@codesourcery.com>
Co-Authored-By: Hafiz Abid Qadeer <abidh@codesourcery.com>
Approved-By: Eli Zaretskii <eliz@gnu.org>
|
|
Currently, for each packet, we document the "E NN" response (error),
and the empty response (unsupported). This patch centralizes that in
a new "Standard Replies" section.
In the "Packets", "General Query Packets", "Tracepoint Packets"
sections, Remove explicit mention of empty and error replies, except
when they provide detail not covered in Standard Replies.
Note this hunk:
-@item E @var{NN}
-@var{NN} is errno
and this one:
-@item E00
-The request was malformed, or @var{annex} was invalid.
-
-@item E @var{nn}
-The offset was invalid, or there was an error encountered reading the data.
-The @var{nn} part is a hex-encoded @code{errno} value.
were really documenting things that don't really work that way.
The first is the documentation of the "m" packet. GDB does _not_
interpret the NN as an errno. It can't, in fact, because the
remote/target errno numbers have nothing to do with GDB/host errno
numbers in a cross debugging scenario.
The second hunk above is from the documentation of qXfer. Again, GDB
does not give any interpretation to the NN error code at all. Nor
does GDBserver. And again, an errno number can't be interpreted in a
cross debugging scenario.
Change-Id: I973695c80809cdb5a5e8d5be8b78ba4d1ecdb513
Co-Authored-By: Jim Blandy <jimb@codesourcery.com>
Co-Authored-By: Mike Wrighton <mike_wrighton@mentor.com>
Co-Authored-By: Nathan Sidwell <nathan@codesourcery.com>
Co-Authored-By: Hafiz Abid Qadeer <abidh@codesourcery.com>
Approved-By: Eli Zaretskii <eliz@gnu.org>
|
|
This comment documents conventions for describing packet syntax in the
Overview section.
Change-Id: I96198592601b24c983da563d143666137e4d0a4e
Co-Authored-By: Jim Blandy <jimb@codesourcery.com>
Co-Authored-By: Mike Wrighton <mike_wrighton@mentor.com>
Co-Authored-By: Nathan Sidwell <nathan@codesourcery.com>
Co-Authored-By: Hafiz Abid Qadeer <abidh@codesourcery.com>
Approved-By: Eli Zaretskii <eliz@gnu.org>
|
|
Since the frame variable is now a frame_info_ptr, the issue
with the dangling frame pointer is apparently no longer there.
So remove the re-fetch code and the corresponding meanwhile
misleading comments.
Approved-By: Tom Tromey <tom@tromey.com>
|
|
This commit adds a SECURITY document to GDB. The idea behind this
document is to define what security expectations a user can reasonably
have when using GDB. In addition the document specifies which bugs
GDB developers consider a security bug, and which are just "normal"
bugs.
Discussion for the creation of this initial version can be found here:
https://inbox.sourceware.org/gdb-patches/877cmvui64.fsf@redhat.com/
Like any part of GDB, this is not intended as the absolute final
version, instead this is a living document, and this is just a
reasonable starting point from which we can iterate.
For now I've added this document as a text file but I am considering
merging this document into the manual at a later date, and having the
SECURITY.txt file just say "Read the manual"
Approved-By: Tom Tromey <tom@tromey.com>
|
|
This patch fixes a pretty funny issue on sh targets that occurred
because $pc (and similar registers) were typed as int. When $pc is in
the upper half of the address space (i.e. kernel code on sh), `x/i $pc'
would resolve to a negative value. At least in the case of a remote
target with an Xfer memory map, this leads to a spurious "cannot access
memory" error as negative addresses are out of bounds.
(gdb) x/i $pc
0x8c202c04: Cannot access memory at address 0x8c202c04
(gdb) x/i 0x8c202c04
=> 0x8c202c04 <gintctl_gint_gdb+304>: mov.l @r1,r10
The issue is fixed by specifying pointer types for pc and other pointer
registers. Code pointer registers on sh include pc, pr (return address
of a call), vbr (interrupt handler) and spc (return address after
interrupt). Data pointers include r15 (stack pointer) and gbr (base
register for a few specific addressing modes).
Change-Id: I043a058f7cbc6494f380dc0461616a9f3e0d87e0
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
coff_section_data() and elf_section_data() use the same underlying
field. The pointer being non-NULL therefore isn't sufficient to know
that pei_section_data() can validly be used on the incoming object.
Apparently in 64-bit-host builds the resulting memory corruption is
benign, whereas in 32-bit-host builds a segmentation fault occurs upon
de-referencing pei_section_data()'s return value.
|
|
|
|
The patch:
From f0d556d14b1d1c3f8e2f9c13b08adca22e1b8c9c Mon Sep 17 00:00:00 2001
From: Tom de Vries <tdevries@suse.de>
Date: Wed, 17 Apr 2024 12:55:00 +0200
Subject: [PATCH] [gdb/testsuite] Fix end_sequence addresses
I noticed in test-case gdb.reverse/map-to-same-line.exp, that the end of main:
...
00000000004102c4 <end_of_sequence>:
4102c4: 52800000 mov w0, #0x0 // #0
4102c8: 9100c3ff add sp, sp, #0x30
4102cc: d65f03c0 ret
...
is not described by the line table:
...
<snip>
The regression failure on PowerPC is due to the change in file
dw2-lines.exp,
- DW_LNE_set_address bar_label_5
+ DW_LNE_set_address "$main_start + $main_len"
The label bar_label_5 is in function bar, not function main. The new
set address should have been $bar_start + $bar_len.
|
|
In certain cases we were calculating the jump displacement incorrectly
when deciding whether to relax a branch. This meant for some branches,
such as a very long backwards conditional branch, relaxation was not
done when it should have been. The result was to error later, because
the actual jump displacement was too large to fit in the original
instruction.
This patch fixes up the displacement calculation so that those branches
are correctly relaxed and no longer result in an error. In addition, it
changes md_convert_frag to install fixups for the JAL instructions in
the resulting relaxations rather than encoding the displacement value
directly.
gas/
* config/tc-bpf.c (relaxed_branch_length): Correct displacement
calculation when relaxing.
(md_convert_frag): Likewise. Install fixups for JAL
instructions resulting from relaxation.
* testsuite/gas/bpf/jump-relax-ja-be.d: Correct and expand test.
* testsuite/gas/bpf/jump-relax-ja.d: Likewise.
* testsuite/gas/bpf/jump-relax-ja.s: Likewise.
* testsuite/gas/bpf/jump-relax-jump-be.d: Likewise.
* testsuite/gas/bpf/jump-relax-jump.d: Likewise.
* testsuite/gas/bpf/jump-relax-jump.s: Likewise.
|
|
Add type annotations to ada-unicode.py, just enough to make pyright
happy:
$ pyright --version
pyright 1.1.359
$ pyright ada-unicode.py
0 errors, 0 warnings, 0 informations
Introduce a `Range` class instead of using separate variables and
tuples, to make the code and type annotations a bit cleaner.
When running ada-unicode.py, I get a diff for ada-casefold.h, but I get
the same diff before and after this patch, so that is a separate issue.
Change-Id: I0d8975a57f9fb115703178ae197dc6b6b8b4eb7a
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Most files including gdbcmd.h currently rely on it to access things
actually declared in cli/cli-cmds.h (setlist, showlist, etc). To make
things easy, replace all includes of gdbcmd.h with includes of
cli/cli-cmds.h. This might lead to some unused includes of
cli/cli-cmds.h, but it's harmless, and much faster than going through
the 170 or so files by hand.
Change-Id: I11f884d4d616c12c05f395c98bbc2892950fb00f
Approved-By: Tom Tromey <tom@tromey.com>
|
|
They are defined in cli/cli-style.c.
Change-Id: Ic478a3985ff0fd773bd7ba85bb144c6e914d0be6
Approved-By: Tom Tromey <tom@tromey.com>
|
|
There is no corresponding definition for print_command_line.
There is already a declaration for print_command_lines in
cli/cli-script.h (the implementation is in cli/cli-script.c).
Change-Id: Ic9e67ed04703306d614383ead14e2b2b059b2a8e
Approved-By: Tom Tromey <tom@tromey.com>
|
|
These functions are implemented in top.c, move their declarations to
top.h.
Change-Id: I8893ef91d955156a6530734fefe8002d78c3e5fc
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Gas should not emit ADD/SUB relocation pairs for label differences
if they are in the same section without code flag even relax enabled.
Because the real value is not be affected by relaxation and it can be
compute out in assembly stage. Thus, correct the `TC_FORCE_RELOCATION
_SUB_SAME` and the label differences in same section without code
flag can be resolved in fixup_segment().
|
|
Absolute address symbols cannot be used with -shared.
We output more information to the user than just BFD_ASSETR.
|
|
When scanning relocations and determining whether TLS type transition is
possible, it will try to obtain the symbol got type. If the symbol got
type record has not yet been allocated space and initialized, it will
cause ld to crash. So when uninitialized, the symbol is set to GOT_UNKNOWN.
|
|
|
|
Factor the test for libc debug info out of gdb.base/relativedebug.exp to
a new procedure.
Also, change the "info sharedlibrary" test to explicitly detect when
libc has debug info.
Approved-by: Kevin Buettner <kevinb@redhat.com>
|
|
The 'PacketSize' attribute of the qSupported packet was
documented to be the maximum size of the packet including
the frame and checksum bytes, however this is not how it
was treated in the code. In reality, PacketSize is the
maximum size of the data in the RSP packets, not including
the framing or checksum bytes.
For instance, GDB's remote.c treats it as the maximum
number of data bytes. See remote_read_bytes_1, where the
size of the request is capped at PacketSize/2 (for
hex-encoding).
Also see gdbserver's server.cc, where the internal buffer
is sized as PBUFSIZ and PBUFSIZ-1 is used as PacketSize.
In gdbserver's case, the buffer is not used for any of the
framing or checksum characters. (I am not certain where the -1
comes from. I think it comes from back when there were no
binary packets, so packets were treated as strings with
null terminators).
It also seems like gdbservers in the wild treat it in
this way:
Embocosm doc:
https://www.embecosm.com/appnotes/ean4/embecosm-howto-rsp-server-ean4-issue-2.html#id3078000
A quick glance over openocd's gdb_server.c gdb_put_packet_inner()
function shows that the internal buffer also excludes the framing
and checksum.
Likewise, qEmu's gdbstub.c allocates PacketSize bytes for
the internal packet contents, and PacketSize+4 for the
full frame.
Reviewed-By: Eli Zaretskii <eliz@gnu.org>
Approved-By: Pedro Alves <pedro@palves.net>
|
|
Consider the following test-case:
...
$ cat hello.c
int main()
{
printf("hello ");
#include "world.inc"
$ cat world.inc
printf("world\n");
return 0;
}
$ gcc -g hello.c
...
The line table for the compilation unit, consisting just of
function main, is translated into these two gdb line tables, one for hello.c
and one for world.inc:
...
compunit_symtab: hello.c
symtab: hello.c
INDEX LINE REL-ADDRESS UNREL-ADDRESS IS-STMT PROLOGUE-END EPILOGUE-BEGIN
0 3 0x400557 0x400557 Y
1 4 0x40055b 0x40055b Y
2 END 0x40056a 0x40056a Y
compunit_symtab: hello.c
symtab: world.inc
INDEX LINE REL-ADDRESS UNREL-ADDRESS IS-STMT PROLOGUE-END EPILOGUE-BEGIN
0 1 0x40056a 0x40056a Y
1 2 0x400574 0x400574 Y
2 3 0x400579 0x400579 Y
3 END 0x40057b 0x40057b Y
...
The epilogue of main starts at 0x400579:
...
400579: 5d pop %rbp
40057a: c3 ret
...
Now, say we have an epilogue_begin marker in the line table at 0x400579.
We won't find it using find_epilogue_using_linetable, because it does:
...
const struct symtab_and_line sal = find_pc_line (start_pc, 0);
...
which gets us the line table for hello.c.
Fix this by using "find_pc_line (end_pc - 1, 0)" instead.
Tested on x86_64-linux.
Co-Authored-By: Tom de Vries <tdevries@suse.de>
PR symtab/31622
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31622
|
|
An out of bounds array access in find_epilogue_using_linetable causes random
test failures like these:
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: $fba_value == $fn_fba
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: check frame-id matches
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: bt 2
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: up
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: $sp_value == $::main_sp
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: $fba_value == $::main_fba
FAIL: gdb.base/unwind-on-each-insn-amd64.exp: foo: instruction 6: [string equal $fid $::main_fid]
Here the read happens below the first element of the line
table, and the test failure depends on the value that is
read from there.
It also happens that std::lower_bound returns a pointer exactly at the upper
bound of the line table, also here the read value is undefined, that happens
in this test:
FAIL: gdb.dwarf2/dw2-epilogue-begin.exp: confirm watchpoint doesn't trigger
Fixes: 528b729be1a2 ("gdb/dwarf2: Add support for DW_LNS_set_epilogue_begin in line-table")
Co-Authored-By: Tom de Vries <tdevries@suse.de>
PR symtab/31268
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31268
|
|
With test-case gdb.threads/threadcrash.exp using host board local-remote-host
and target board remote-gdbserver-on-localhost I run into:
...
(gdb) PASS: gdb.threads/threadcrash.exp: test_gcore: continue to crash
gcore $outputs/gdb.threads/threadcrash/threadcrash.gcore^M
Failed to open '$outputs/gdb.threads/threadcrash/threadcrash.gcore' for output.^M
(gdb) FAIL: gdb.threads/threadcrash.exp: test_gcore: saving gcore
UNSUPPORTED: gdb.threads/threadcrash.exp: test_gcore: couldn't generate gcore file
...
The problem is that the gcore command tries to save a file on a remote host,
but the filename is a location on build.
Fix this by using host_standard_output_file.
Tested on x86_64-linux.
|
|
After installing glibc debuginfo, I ran into:
...
FAIL: gdb.threads/threadcrash.exp: test_live_inferior: \
$thread_count == [llength $test_list]
...
This happens because the clause:
...
-re "^\r\n${hs}main$hs$eol" {
...
which is intended to match only:
...
#1 <hex> in main () at threadcrash.c:423^M
...
also matches "remaining" in:
...
#1 <hex> in __GI___nanosleep (requested_time=<hex>, remaining=<hex>) at \
nanosleep.c:27^M
...
Fix this by checking for "in main" instead.
Tested on x86_64-linux.
|
|
relocated
|
|
When building on a system where "phony iconv" is used (NetBSD in this
case, not sure why), I get:
CXX charset.o
/home/smarchi/src/binutils-gdb/gdb/charset.c: In function 'size_t phony_iconv(int, const char**, size_t*, char**, size_t*)':
/home/smarchi/src/binutils-gdb/gdb/charset.c:140:8: error: 'extract_unsigned_integer' was not declared in this scope
= extract_unsigned_integer ((const gdb_byte *)*inbuf, 4, endian);
^~~~~~~~~~~~~~~~~~~~~~~~
/home/smarchi/src/binutils-gdb/gdb/charset.c:140:8: note: suggested alternative: 'btrace_insn_number'
= extract_unsigned_integer ((const gdb_byte *)*inbuf, 4, endian);
^~~~~~~~~~~~~~~~~~~~~~~~
btrace_insn_number
Add the necessary include.
Change-Id: I10b967584645961c86167a8395d88929a42bef03
|
|
I'm retiring from IBM, and Geoff hasn't been active for a very long
time.
* MAINTAINERS (ppc): Remove myself and Geoff Keating. Add
Geoff to past maintainers.
|
|
* testsuite/libctf-regression/gzrewrite.c (main): Don't overflow
"a" buffer in "after adding types" check.
* testsuite/libctf-regression/zrewrite.c (main): Likewise.
|
|
|
|
The contents of these files was copied from defs.h and findvar. Copy
over the copyright years (1986-2024).
Change-Id: Idfb0f255fbcfda7e107e9a82804cece3d81ed5fc
|
|
|
|
PR ld/31652
* elf-vxworks.c (elf_vxworks_emit_relocs): Drop duplicate word.
|
|
Use long with bfd_copy_private_symbol_data to fix
.../binutils/objcopy.c: In
function ‘copy_object’:
.../binutils/objcopy.c:3383:17: error: comparison of integer expressions of different signedness: ‘unsigned int’ and ‘long int’ [-Werror=sign-compare]
3383 | for (i = 0; i < symcount; i++)
| ^
on 32-bit hosts.
PR binutils/14493
* objcopy.c (copy_object): Use long with
bfd_copy_private_symbol_data.
|
|
Move it out of defs.h, the corresponding definition is in symfile.c.
Change-Id: I984666c3bcd213f8574e9ec91462e1d61f77f16b
Approved-By: Tom Tromey <tom@tromey.com>
|
|
It is unused.
Change-Id: Ic49a3ef03c21b209594cd567ae80b5441606bef6
Approved-By: Tom Tromey <tom@tromey.com>
|
|
The declaration of annotation_level is currently in defs.h, while the
definition is in stack.c. I don't really understand why that variable
would live in stack.c, it seems completely unrelated. Move it to
annotate.c, and move the declaration to annotate.h.
Change-Id: I6cf8e9bd20e83959bdf5ad58dd008b6e1187d7d8
Approved-By: Tom Tromey <tom@tromey.com>
|
