aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2015-01-09linux-nat.c: clean up pending status checking and resuming LWPsPedro Alves2-120/+67
Whenever we resume an LWP, we must clear a few flags and flush the LWP's register cache. We actually currently flush the register cache of all LWPs, but that's unnecessary. This patch makes us flush the register cache of only the LWP that is resumed. Instead of open coding all that in many places, we use a helper function. Likewise, we have two fields in the LWP structure where a pending status may be recorded. Add a helper predicate that checks both and use it throughout instead of open coding the checks. gdb/ 2015-01-09 Pedro Alves <palves@redhat.com> * linux-nat.c (linux_resume_one_lwp): New function. (resume_lwp): Use lwp_status_pending_p and linux_resume_one_lwp. (linux_nat_resume): Use lwp_status_pending_p and linux_resume_one_lwp. (linux_handle_syscall_trap): Use linux_resume_one_lwp. (linux_handle_extended_wait): Use linux_resume_one_lwp. (status_callback, running_callback): Use lwp_status_pending_p. (lwp_status_pending_p): New function. (stop_and_resume_callback): Use lwp_status_pending_p. (linux_nat_filter_event): Use linux_resume_one_lwp. (linux_nat_wait_1): Always use status_callback to look for an LWP with a pending status. Use linux_resume_one_lwp. (resume_stopped_resumed_lwps): Use lwp_status_pending_p and linux_resume_one_lwp.
2015-01-09cleanup and speed up (software_)breakpoint_inserted_here_pPedro Alves2-25/+44
Factor out common code, and use the more efficient ALL_BP_LOCATIONS_AT_ADDR. gdb/ 2015-01-09 Pedro Alves <palves@redhat.com> * breakpoint.c (bp_location_inserted_here_p): New function, factored out from ... (breakpoint_inserted_here_p): ... here. Use ALL_BP_LOCATIONS_AT_ADDR. (software_breakpoint_inserted_here_p): Use bp_location_inserted_here_p and ALL_BP_LOCATIONS_AT_ADDR.
2015-01-09watch_thread_num.exp and targets with fairer event reportingPedro Alves4-14/+74
This patch fixes the watch_thread_num.exp test to work when the target is better at making event handling be fair among threads. I wrote patches that make GDB native and GDBserver event handling fairer between threads. That is, if threads A and B both simultaneously trigger some debug event, GDB will pick either A or B at random, rather than always handling the event of A first. There's code for that in the Linux backends (gdb and gdbserver) already, but it can be improved, and only works in all-stop mode. With those fixes in place, I found that the watch_thread_num.exp would often time out. The problem is that the test only works _because_ event handling isn't as fair as intended. With the fairness fixes, the test falls victim of PR10116 (gdb drops watchpoints on multi-threaded apps) quite often. To expand on the PR10116 reference, consider that stop events are serialized to GDB core, through target_wait. Say a thread-specific watchpoint as set on thread A. When the "right" thread and some other "wrong" thread both trigger a watchpoint simultaneously, the target may report the "wrong" thread's hit to GDB first (thread B). When handling that event, GDB notices the watchpoint is for another thread, and so shouldn't cause a user-visible stop. On resume, GDB saves the now current value of the watched expression. Afterwards, the "right" thread (thread A) reports its watchpoint trigger. But the watched value hasn't changed since GDB last saved it, and so GDB doesn't report the watchpoint hit to the user. The way the test is written, the watchpoint is associated with the first thread that happens to report an event. It happens that GDB is processing events much more often for one of the threads, which usually will be that same first thread. Hacking the test with "set debug infrun 1", we see exactly that: $ grep "infrun.*\[Thread.*," testsuite/gdb.log | sort | uniq -c | sort -nr 70 infrun: 8798 [Thread 8798], 37 infrun: 8798 [Thread 8802], 36 infrun: 8798 [Thread 8804], 36 infrun: 8798 [Thread 8803], 35 infrun: 8798 [Thread 8805], 34 infrun: 8798 [Thread 8806], The first column shows the number of times the target reported an event for that thread, from: infrun: target_wait (-1, status) = infrun: 8798 [Thread 8798], infrun: status->kind = stopped, signal = GDB_SIGNAL_TRAP This masks out the PR10116 issue. However, if the target is better at giving equal priority to all threads, the PR10116 issue happens often, so it may take quite a while for the right thread to be the first to report its watchpoint event just after the memory being watched really changed, resulting in test time outs. Here's the number of events handled for each thread on a gdbserver run with the event fairness patches: $ grep "infrun.*\[Thread.*," gdb.log | sort | uniq -c 2961 infrun: 13591 [Thread 13591], 2956 infrun: 13591 [Thread 13595], 2941 infrun: 13591 [Thread 13596], 2932 infrun: 13591 [Thread 13597], 2905 infrun: 13591 [Thread 13598], 2891 infrun: 13591 [Thread 13599], Note how the number of events is much higher. The test routinely takes over 10 seconds to finish on my machine rather than under a second as with unpatched gdbserver, when it succeeds, but often it'll fail with timeouts too. So to make the test robust, this patch switches the tests to using "awatch" instead of "watch", as access watchpoints don't care about the watchpoint's "old value". With this, the test always finishes quickly, and we can even bump the number of threads concurrently writting to the shared variable, to have better assurance we're really testing the case of the "wrong" thread triggering a watchpoint. Here's the number of events I see for each thread on a run on my machine, with a gdbserver patched with the event fairness series: $ grep "infrun.*\[Thread.*," testsuite/gdb.log | sort | uniq -c 5 infrun: 5298 [Thread 5302], 4 infrun: 5298 [Thread 5303], 4 infrun: 5298 [Thread 5304], 4 infrun: 5298 [Thread 5305], 4 infrun: 5298 [Thread 5306], 4 infrun: 5298 [Thread 5307], 4 infrun: 5298 [Thread 5308], 4 infrun: 5298 [Thread 5309], 4 infrun: 5298 [Thread 5310], 4 infrun: 5298 [Thread 5311], 4 infrun: 5298 [Thread 5312], 4 infrun: 5298 [Thread 5313], 4 infrun: 5298 [Thread 5314], 4 infrun: 5298 [Thread 5315], 4 infrun: 5298 [Thread 5316], gdb/testsuite/ 2015-01-09 Pedro Alves <palves@redhat.com> * gdb.base/annota1.exp (thread_test): Use srcfile and binfile from the global scope. Set a breakpoint after all threads are started rather than stepping over two source lines. Expect the prompt. * gdb.base/watch_thread_num.c (threads_started_barrier): New global. (NUM): Now 15. (main): Use threads_started_barrier to wait for all threads to start. Main thread no longer calls thread_function. Exit after 180 seconds. (loop): New function. (thread_function): Wait on threads_started_barrier barrier. Call 'loop' at each iteration. * gdb.base/watch_thread_num.exp: Continue to breakpoint after all threads have started, instead of hardcoding number of "next" steps. Use an access watchpoint instead of a write watchpoint.
2015-01-09gdb.threads/{siginfo-thread.c,watchthreads-reorder.c,ia64-sigill.c} races ↵Pedro Alves4-0/+51
with GDB These three test all spawn a few threads and then send a SIGSTOP to their parent GDB in order to pause it while the new threads set things up for the test. With a GDB patch that changes the inferior thread's scheduling a bit, I sometimes see: FAIL: gdb.threads/siginfo-threads.exp: catch signal 0 (timeout) ... FAIL: gdb.threads/watchthreads-reorder.exp: reorder1: continue a (timeout) ... FAIL: gdb.threads/ia64-sigill.exp: continue (timeout) ... The issue is that the test program stops GDB before it had a chance of processing the new thread's clone event: (gdb) PASS: gdb.threads/siginfo-threads.exp: get pid continue Continuing. Stopping GDB PID 21541. Waiting till the threads initialize their TIDs. FAIL: gdb.threads/siginfo-threads.exp: catch signal 0 (timeout) On Linux (at least), new threads start stopped, and the debugger must resume them. The fix is to make the test program wait for the new threads to be running before stopping GDB. gdb/testsuite/ 2015-01-09 Pedro Alves <palves@redhat.com> * gdb.threads/ia64-sigill.c (threads_started_barrier): New global. (thread_func): Wait on barrier. (main): Wait for all threads to start before stopping GDB. * gdb.threads/siginfo-threads.c (threads_started_barrier): New global. (thread1_func, thread2_func): Wait on barrier. (main): Wait for all threads to start before stopping GDB. * gdb.threads/watchthreads-reorder.c (threads_started_barrier): New global. (thread1_func, thread2_func): Wait on barrier. (main): Wait for all threads to start before stopping GDB.
2015-01-09Use official ELF machine number for moxieAnthony Green4-1/+13
2015-01-09Test attaching to a program that constantly spawns short-lived threadsPedro Alves3-0/+288
Before the previous fixes, on Linux, this would trigger several different problems, like: [New LWP 27106] [New LWP 27047] warning: unable to open /proc file '/proc/-1/status' [New LWP 27813] [New LWP 27869] warning: Can't attach LWP 11962: No child processes Warning: couldn't activate thread debugging using libthread_db: Cannot find new threads: debugger service failed warning: Unable to find libthread_db matching inferior's thread library, thread debugging will not be available. gdb/testsuite/ 2015-01-09 Pedro Alves <palves@redhat.com> * gdb.threads/attach-many-short-lived-threads.c: New file. * gdb.threads/attach-many-short-lived-threads.exp: New file.
2015-01-09Linux: Skip thread_db thread event reporting if PTRACE_EVENT_CLONE is supportedPedro Alves6-12/+75
[A test I wrote stumbled on a libthread_db issue related to thread event breakpoints. See glibc PR17705: [nptl_db: stale thread create/death events if debugger detaches] https://sourceware.org/bugzilla/show_bug.cgi?id=17705 This patch avoids that whole issue by making GDB stop using thread event breakpoints in the first place, which is good for other reasons as well, anyway.] Before PTRACE_EVENT_CLONE (Linux 2.6), the only way to learn about new threads in the inferior (to attach to them) or to learn about thread exit was to coordinate with the inferior's glibc/runtime, using libthread_db. That works by putting a breakpoint at a magic address which is called when a new thread is spawned, or when a thread is about to exit. When that breakpoint is hit, all threads are stopped, and then GDB coordinates with libthread_db to read data structures out of the inferior to learn about what happened. Then the breakpoint is single-stepped, and then all threads are re-resumed. This isn't very efficient (stops all threads) and is more fragile (inferior's thread list in memory may be corrupt; libthread_db bugs, etc.) than ideal. When the kernel supports PTRACE_EVENT_CLONE (which we already make use of), there's really no need to use libthread_db's event reporting mechanism to learn about new LWPs. And if the kernel supports that, then we learn about LWP exits through regular WIFEXITED wait statuses, so no need for the death event breakpoint either. GDBserver has been likewise skipping the thread_db events for a long while: https://sourceware.org/ml/gdb-patches/2007-10/msg00547.html There's one user-visible difference: we'll no longer print about threads being created and exiting while the program is running, like: [Thread 0x7ffff7dbb700 (LWP 30670) exited] [New Thread 0x7ffff7db3700 (LWP 30671)] [Thread 0x7ffff7dd3700 (LWP 30667) exited] [New Thread 0x7ffff7dab700 (LWP 30672)] [Thread 0x7ffff7db3700 (LWP 30671) exited] [Thread 0x7ffff7dcb700 (LWP 30668) exited] This is exactly the same behavior as when debugging against remote targets / gdbserver. I actually think that's a good thing (and as such have listed this in the local/remote parity wiki page a while ago), as the printing slows down the inferior. It's also a distraction to keep bothering the user about short-lived threads that she won't be able to interact with anyway. Instead, the user (and frontend) will be informed about new threads that currently exist in the program when the program next stops: (gdb) c ... * ctrl-c * [New Thread 0x7ffff7963700 (LWP 7797)] [New Thread 0x7ffff796b700 (LWP 7796)] Program received signal SIGINT, Interrupt. [Switching to Thread 0x7ffff796b700 (LWP 7796)] clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:81 81 testq %rax,%rax (gdb) info threads A couple of tests had assumptions on GDB thread numbers that no longer hold. Tested on x86_64 Fedora 20. gdb/ 2014-01-09 Pedro Alves <palves@redhat.com> Skip enabling event reporting if the kernel supports PTRACE_EVENT_CLONE. * linux-thread-db.c: Include "nat/linux-ptrace.h". (thread_db_use_events): New function. (try_thread_db_load_1): Check thread_db_use_events before enabling event reporting. (update_thread_state): New function. (attach_thread): Use it. Check thread_db_use_events before enabling event reporting. (thread_db_detach): Check thread_db_use_events before disabling event reporting. (find_new_threads_callback): Check thread_db_use_events before enabling event reporting. Update the thread's state if not using libthread_db events. gdb/testsuite/ 2014-01-09 Pedro Alves <palves@redhat.com> * gdb.threads/fork-thread-pending.exp: Switch to the main thread instead of to thread 2. * gdb.threads/signal-command-multiple-signals-pending.c (main): Add barrier around each pthread_create call instead of around all calls. * gdb.threads/signal-command-multiple-signals-pending.exp (test): Set a break on thread_function and have the child threads hit it one at at a time.
2015-01-09libthread_db: Skip attaching to terminated and joined threadsPedro Alves5-0/+35
I wrote a test that attaches to a program that constantly spawns short-lived threads, which exposed several issues. This is one of them. On GNU/Linux, attaching to a multi-threaded program sometimes prints out warnings like: ... [New LWP 20700] warning: unable to open /proc file '/proc/-1/status' [New LWP 20850] [New LWP 21019] ... That happens because when a thread exits, and is joined, glibc does: nptl/pthread_join.c: pthread_join () { ... if (__glibc_likely (result == 0)) { /* We mark the thread as terminated and as joined. */ pd->tid = -1; ... /* Free the TCB. */ __free_tcb (pd); } So if we attach or interrupt the program (which does an implicit "info threads") at just the right (or rather, wrong) time, we can find and return threads in the libthread_db/pthreads thread list with kernel thread ID -1. I've filed glibc PR nptl/17707 for this. You'll find more info there. This patch handles this as a special case in GDB. This is actually more than just a cosmetic issue. lin_lwp_attach_lwp will think that this -1 is an LWP we're not attached to yet, and after failing to attach will try to check we were already attached to the process, using a waitpid call, which in this case ends up being "waitpid (-1, ...", which obviously results in GDB potentially discarding an event when it shouldn't... Tested on x86_64 Fedora 20, native and gdbserver. gdb/gdbserver/ 2015-01-09 Pedro Alves <palves@redhat.com> * thread-db.c (find_new_threads_callback): Ignore thread if the kernel thread ID is -1. gdb/ 2015-01-09 Pedro Alves <palves@redhat.com> * linux-nat.c (lin_lwp_attach_lwp): Assert that the lwp id we're about to wait for is > 0. * linux-thread-db.c (find_new_threads_callback): Ignore thread if the kernel thread ID is -1.
2015-01-09Linux: on attach, attach to lwps listed under /proc/$pid/task/Pedro Alves11-127/+406
... instead of relying on libthread_db. I wrote a test that attaches to a program that constantly spawns short-lived threads, which exposed several issues. This is one of them. On Linux, we need to attach to all threads of a process (thread group) individually. We currently rely on libthread_db to list the threads, but that is problematic, because libthread_db relies on reading data structures out of the inferior (which may well be corrupted). If threads are being created or exiting just while we try to attach, we may trip on inconsistencies in the inferior's thread list. To work around that, when we see a seemingly corrupt list, we currently retry a few times: static void thread_db_find_new_threads_2 (ptid_t ptid, int until_no_new) { ... if (until_no_new) { /* Require 4 successive iterations which do not find any new threads. The 4 is a heuristic: there is an inherent race here, and I have seen that 2 iterations in a row are not always sufficient to "capture" all threads. */ ... That heuristic may well fail, and when it does, we end up with threads in the program that aren't under GDB's control. That's obviously bad and results in quite mistifying failures, like e.g., the process dying for seeminly no reason when a thread that wasn't attached trips on a breakpoint. There's really no reason to rely on libthread_db for this nowadays when we have /proc mounted. In that case, which is the usual case, we can list the LWPs from /proc/PID/task/. In fact, GDBserver is already doing this. The patch factors out that code that knows to walk the task/ directory out of GDBserver, and makes GDB use it too. Like GDBserver, the patch makes GDB attach to LWPs and _not_ wait for them to stop immediately. Instead, we just tag the LWP as having an expected stop. Because we can only set the ptrace options when the thread stops, we need a new flag in the lwp structure to keep track of whether we've already set the ptrace options, just like in GDBserver. Note that nothing issues any ptrace command to the threads between the PTRACE_ATTACH and the stop, so this is safe (unlike one scenario described in gdbserver's linux-low.c). When we attach to a program that has threads exiting while we attach, it's easy to race with a thread just exiting as we try to attach to it, like: #1 - get current list of threads #2 - attach to each listed thread #3 - ooops, attach failed, thread is already gone As this is pretty normal, we shouldn't be issuing a scary warning in step #3. When #3 happens, PTRACE_ATTACH usually fails with ESRCH, but sometimes we'll see EPERM as well. That happens when the kernel still has the thread in its task list, but the thread is marked as dead. Unfortunately, EPERM is ambiguous and we'll get it also on other scenarios where the thread isn't dead, and in those cases, it's useful to get a warning. To distiguish the cases, when we get an EPERM failure, we open /proc/PID/status, and check the thread's state -- if the /proc file no longer exists, or the state is "Z (Zombie)" or "X (Dead)", we ignore the EPERM error silently; otherwise, we'll warn. Unfortunately, there seems to be a kernel race here. Sometimes I get EPERM, and then the /proc state still indicates "R (Running)"... If we wait a bit and retry, we do end up seeing X or Z state, or get an ESRCH. I thought of making GDB retry the attach a few times, but even with a 500ms wait and 4 retries, I still see the warning sometimes. I haven't been able to identify the kernel path that causes this yet, but in any case, it looks like a kernel bug to me. As this just results failure to suppress a warning that we've been printing since about forever anyway, I'm just making the test cope with it, and issue an XFAIL. gdb/gdbserver/ 2015-01-09 Pedro Alves <palves@redhat.com> * linux-low.c (linux_attach_fail_reason_string): Move to nat/linux-ptrace.c, and rename. (linux_attach_lwp): Update comment. (attach_proc_task_lwp_callback): New function. (linux_attach): Adjust to rename and use linux_proc_attach_tgid_threads. (linux_attach_fail_reason_string): Delete declaration. gdb/ 2015-01-09 Pedro Alves <palves@redhat.com> * linux-nat.c (attach_proc_task_lwp_callback): New function. (linux_nat_attach): Use linux_proc_attach_tgid_threads. (wait_lwp, linux_nat_filter_event): If not set yet, set the lwp's ptrace option flags. * linux-nat.h (struct lwp_info) <must_set_ptrace_flags>: New field. * nat/linux-procfs.c: Include <dirent.h>. (linux_proc_get_int): New parameter "warn". Handle it. (linux_proc_get_tgid): Adjust. (linux_proc_get_tracerpid): Rename to ... (linux_proc_get_tracerpid_nowarn): ... this. (linux_proc_pid_get_state): New function, factored out from (linux_proc_pid_has_state): ... this. Add new parameter "warn" and handle it. (linux_proc_pid_is_gone): New function. (linux_proc_pid_is_stopped): Adjust. (linux_proc_pid_is_zombie_maybe_warn) (linux_proc_pid_is_zombie_nowarn): New functions. (linux_proc_pid_is_zombie): Use linux_proc_pid_is_zombie_maybe_warn. (linux_proc_attach_tgid_threads): New function. * nat/linux-procfs.h (linux_proc_get_tgid): Update comment. (linux_proc_get_tracerpid): Rename to ... (linux_proc_get_tracerpid_nowarn): ... this, and update comment. (linux_proc_pid_is_gone): New declaration. (linux_proc_pid_is_zombie): Update comment. (linux_proc_pid_is_zombie_nowarn): New declaration. (linux_proc_attach_lwp_func): New typedef. (linux_proc_attach_tgid_threads): New declaration. * nat/linux-ptrace.c (linux_ptrace_attach_fail_reason): Adjust to use nowarn functions. (linux_ptrace_attach_fail_reason_string): Move here from gdbserver/linux-low.c and rename. (ptrace_supports_feature): If the current ptrace options are not known yet, check them now, instead of asserting. * nat/linux-ptrace.h (linux_ptrace_attach_fail_reason_string): Declare.
2015-01-09libthread_db: debug output should go to gdb_stdlogPedro Alves2-15/+31
Some debug output in linux-thread-db.c was being sent to gdb_stdout, and some to gdb_stderr, while the right place to send debug output to is gdb_stdlog. gdb/ 2015-01-09 Pedro Alves <palves@redhat.com> * linux-thread-db.c (thread_db_find_new_threads_silently) (try_thread_db_load_1, try_thread_db_load, thread_db_load_search) (find_new_threads_once): Print debug output on gdb_stdlog.
2015-01-09skip "attach" tests when testing against stub-like targetsPedro Alves8-15/+50
We already skip "attach" tests if the target board is remote, in dejagnu's sense, as we use TCL's exec to spawn the program on the build machine. We should also skip these tests if testing with "target remote" or other stub-like targets where "attach" doesn't make sense. Add a helper procedure that centralizes the checks a test that needs to spawn a program for testing "attach" and make all test files that use spawn_wait_for_attach check it. gdb/testsuite/ 2015-01-09 Pedro Alves <palves@redhat.com> * lib/gdb.exp (can_spawn_for_attach): New procedure. (spawn_wait_for_attach): Error out if can_spawn_for_attach returns false. * gdb.base/attach.exp: Use can_spawn_for_attach instead of checking whether the target board is remote. * gdb.multi/multi-attach.exp: Likewise. * gdb.python/py-sync-interp.exp: Likewise. * gdb.server/ext-attach.exp: Likewise. * gdb.python/py-prompt.exp: Use can_spawn_for_attach before the tests that need to attach, instead of checking whether the target board is remote at the top of the file.
2015-01-09gdb/compile/compile.c: Check return value of 'system' to avoid compiler warningChen Gang1-0/+6
Add missing ChangeLog entry. 2015-01-09 Chen Gang <gang.chen.5i5j@gmail.com> Pedro Alves <palves@redhat.com> * compile/compile.c: Include "gdb_wait.h". (do_rmdir): Check return value, and free 'zap'.
2015-01-09gdb/compile/compile.c: Check return value of 'system' to avoid compiler warningChen Gang1-2/+7
Under Ubuntu 12, we need to check the return value of system(), or the compiler warns: gcc -g -O2 -I. -I../../binutils-gdb/gdb -I../../binutils-gdb/gdb/common -I../../binutils-gdb/gdb/config -DLOCALEDIR="\"/usr/local/share/locale\"" -DHAVE_CONFIG_H -I../../binutils-gdb/gdb/../include/opcode -I../../binutils-gdb/gdb/../opcodes/.. -I../../binutils-gdb/gdb/../readline/.. -I../bfd -I../../binutils-gdb/gdb/../bfd -I../../binutils-gdb/gdb/../include -I../libdecnumber -I../../binutils-gdb/gdb/../libdecnumber -I../../binutils-gdb/gdb/gnulib/import -Ibuild-gnulib/import -DTUI=1 -Wall -Wdeclaration-after-statement -Wpointer-arith -Wpointer-sign -Wno-unused -Wunused-value -Wunused-function -Wno-switch -Wno-char-subscripts -Wmissing-prototypes -Wdeclaration-after-statement -Wempty-body -Wmissing-parameter-type -Wold-style-declaration -Wold-style-definition -Wformat-nonliteral -Werror -c -o compile.o -MT compile.o -MMD -MP -MF .deps/compile.Tpo ../../binutils-gdb/gdb/compile/compile.c ../../binutils-gdb/gdb/compile/compile.c: In function ‘do_rmdir’: ../../binutils-gdb/gdb/compile/compile.c:175:10: error: ignoring return value of ‘system’, declared with attribute warn_unused_result [-Werror=unused-result] cc1: all warnings being treated as errors make[2]: *** [compile.o] Error 1 make[2]: Leaving directory `/upstream/build-binutils-s390/gdb' make[1]: *** [all-gdb] Error 2 make[1]: Leaving directory `/upstream/build-binutils-s390' make: *** [all] Error 2 Also, 'zap' is leaking. 2015-01-09 Chen Gang <gang.chen.5i5j@gmail.com> Pedro Alves <palves@redhat.com> * compile/compile.c: Include "gdb_wait.h". (do_rmdir): Check return value, and free 'zap'.
2015-01-09Automatic date update in version.inGDB Administrator1-1/+1
2015-01-08Adds code to the MSP430 linker to transform a 4-byte BR instruction intoNick Clifton2-6/+64
a 2-byte JMP instruction, when this can be done safely. * elf32-msp430.c (msp430_elf_relax_section): Add relaxation of 16-bit absolute BR instructions to 10-bit pc-relative JMP instructions.
2015-01-08Fix memory access violations exposed by running strip on fuzzed binaries.Nick Clifton6-4/+47
PR binutils/17512 * coffcode.h (coff_slurp_symbol_table): Return false if we failed to load the line table. * elf.c (_bfd_elf_map_sections_to_segments): Enforce a minimum maxpagesize of 1. * peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Fail if the Data Directory Size is too large. * objcopy.c (copy_object): Free the symbol table if no symbols could be loaded. (copy_file): Use bfd_close_all_done to close files that could not be copied.
2015-01-08Fix memory access violations triggered by running sysdump on fuzzed binaries.Nick Clifton2-2/+16
PR binutils/17512 * sysdump.c (getINT): Fail if reading off the end of the buffer. Replace call to abort with a call to fatal. (getCHARS): Prevetn reading off the end of the buffer.
2015-01-08ld/x86-64: adjust pr14207 test expectationsJan Beulich2-7/+12
The original test output expectations cause it to fail when configure determines enable_initfini_array=no (which was observed on a cross build on an old 32-bit host, pointing out that taking into account host properties in such a case is bogus anyway). ld/testsuite/ 2015-01-08 Jan Beulich <jbeulich@suse.com> * ld-x86-64/pr14207.d: Adjust expecations to cover the enable_initfini_array=no case.
2015-01-08always read synthetic pointers as signed integersYao Qi4-27/+19
I see the error message "access outside bounds of object referenced via synthetic pointer" in the two fails below of mips gdb testing print d[-2]^M access outside bounds of object referenced via synthetic pointer^M (gdb) FAIL: gdb.dwarf2/implptrconst.exp: print d[-2] (gdb) print/d p[-1]^M access outside bounds of object referenced via synthetic pointer^M (gdb) FAIL: gdb.dwarf2/implptrpiece.exp: print/d p[-1] in the first test, 'd[-2]' is processed by GDB as '* (&d[-2])'. 'd' is a synthetic pointer, so its value is zero, the address of 'd[-2]' is -2. In dwarf2loc.c:indirect_pieced_value, /* This is an offset requested by GDB, such as value subscripts. However, due to how synthetic pointers are implemented, this is always presented to us as a pointer type. This means we have to sign-extend it manually as appropriate. */ byte_offset = value_as_address (value); if (TYPE_LENGTH (value_type (value)) < sizeof (LONGEST)) byte_offset = gdb_sign_extend (byte_offset, 8 * TYPE_LENGTH (value_type (value))); byte_offset += piece->v.ptr.offset; We know that the value is really an offset instead of address, so the fix is to extract the value as an (signed) offset. gdb: 2015-01-08 Pedro Alves <palves@redhat.com> Yao Qi <yao@codesourcery.com> * dwarf2loc.c (indirect_pieced_value): Don't call gdb_sign_extend. Call extract_signed_integer instead. * utils.c (gdb_sign_extend): Remove. * utils.h (gdb_sign_extend): Remove declaration.
2015-01-08Fixes for memory access violations triggered by running nlmconv onNick Clifton2-2/+36
fuzzed binaries. PR binutils/17512 * nlmconv.c (i386_mangle_relocs): Skip relocs without an associated symbol. (powerpc_mangle_relocs): Skip unrecognised relocs. Check address range before applying a reloc.
2015-01-08 Set language for C++ special symbols.Pierre Muller2-2/+8
The special handling of C++ special symbol generates symbols that have no language. Those symbols cannot be displayed correctly in the backtrace stack. See https://sourceware.org/bugzilla/show_bug.cgi?id=17811 for details and examples in C++ and pascal language. The patch below fixes this issue, by setting language of new symbol before special handling of special C++ symbols. 2015-01-07 Pierre Muller <muller@sourceware.org> PR symtab/17811 * stabsread.c (define_symbol): Set language for C++ special symbols.
2015-01-08Recognize branch instruction on MIPS in gdb.trace/entry-values.expYao Qi2-0/+18
The test entry-values.exp doesn't recognize the call instructions on MIPS, such as JAL, JALS and etc, so this patch sets call_insn to match various jump and branch instructions first. Currently, we assume the next instruction address of call instruction is the address returned from foo, however it is not correct on MIPS which has delay slot. We extend variable call_insn to match one instruction after jump or branch instruction, so that $returned_from_foo is correct on MIPS. All tests in entry-values.exp are PASS. gdb/testsuite: 2015-01-08 Yao Qi <yao@codesourcery.com> * gdb.trace/entry-values.exp: Set call_insn for MIPS target.
2015-01-08Automatic date update in version.inGDB Administrator1-1/+1
2015-01-07Trivially tweak the comment documenting initial_gdb_ttystatePatrick Palka2-2/+6
gdb/ChangeLog: * inflow.c (initial_gdb_ttystate): Tweak comment.
2015-01-07Sync with gcc/libiberty.Richard Earnshaw12-87/+409
2015-01-07Fix memory access violations uncovered by running the dlltool on fuzzed ↵Nick Clifton2-0/+6
binaries. PR binutils/17512 * dlltool.c (scan_obj_file): Break loop if the last archive displayed matches the current archive.
2015-01-07Fix memory access violations exposed by running the srconv tool on fuzzed ↵Nick Clifton3-14/+31
binaries. PR binutils/17512 * objdump.c (display_any_bfd): Add a depth limit to nested archive display in order to avoid infinite loops. * srconv.c: Replace calls to abort with calls to fatal with an error message.
2015-01-07Empty line after comment documenting set_initial_gdb_ttystate.Joel Brobecker2-0/+6
gdb/ChangeLog: * inflow.c (set_initial_gdb_ttystate): Add empty line after comment documenting function.
2015-01-07[testsuite patch] Fix avx512.exp regressionJan Kratochvil2-1/+6
+gdb compile failed, ^[[01m^[[Kgdb/testsuite/gdb.arch/i386-avx512.c:20:27:^[[m^[[K ^[[01;31m^[[Kfatal error: ^[[m^[[Knat/x86-cpuid.h: No such file or directory + #include "nat/x86-cpuid.h" +^[[01;32m^[[K ^^[[m^[[K +compilation terminated. +UNTESTED: gdb.arch/i386-avx512.exp: i386-avx512.exp 125f8a3ddedd413a2290dae011f0bed9ffc78278 is the first bad commit commit 125f8a3ddedd413a2290dae011f0bed9ffc78278 Author: Gary Benson <gbenson@redhat.com> Date: Thu Jun 19 14:46:38 2014 +0100 Move shared native target specific code to gdb/nat gdb/testsuite/ChangeLog 2015-01-07 Jan Kratochvil <jan.kratochvil@redhat.com> Fix testcase compilation. * gdb.arch/i386-avx512.exp (comp_flags): Remove /common.
2015-01-07Don't propagate our current terminal state to the inferiorPatrick Palka4-1/+27
Currently when we start an inferior we have the inferior inherit our terminal state. Under TUI, our terminal is highly modified by ncurses and readline. So when starting an inferior under TUI, the inferior will have a highly modified terminal state which will interfere with standard I/O. For example, $ gdb gdb (gdb) break main (gdb) run (gdb) print puts ("a\nb") a b $1 = 4 (gdb) [enter TUI mode] (gdb) run (gdb) [exit TUI mode] (gdb) print puts ("a\nb") a b $2 = 4 (gdb) print puts ("a\r\nb\r") a b $3 = 6 As you can see, when we start the inferior under the regular interface, puts() prints the text properly. But when we start the inferior under TUI, puts() does not print the text properly. This is because when we start the inferior under TUI it inherits our current terminal state which has been modified by ncurses to, among other things, require an explicit \r\n to print a new line. As a result the inferior performs standard I/O in an unexpected way. Because of this discrepancy, it doesn't seem like a good idea to have the inferior inherit our _current_ terminal state for it may have been modified by readline and/or ncurses. Instead, we should have the inferior inherit a pristine snapshot of our terminal state taken before readline or ncurses have had a chance to alter it. This enables the inferior to run in a more accurate way, more closely mimicking the program's behavior had it run standalone. And it fixes the above mentioned issue. Tested on x86_64-unknown-linux-gnu. gdb/ChangeLog: * terminal.h (set_initial_gdb_ttystate): Declare. * inflow.c (initial_gdb_ttystate): New static variable. (set_initial_gdb_ttystate): New setter. (child_terminal_init_with_pgrp): Copy initial_gdb_ttystate instead of our current terminal state. * top.c (gdb_init): Call set_initial_gdb_ttystate.
2015-01-07ld/testing: Extend comment on run_dump_testAndrew Burgess2-3/+9
Mention that readelf can be used as a test program in the comment of run_dump_test. ld/testsuite/ChangeLog: * lib/ld-lib.exp (run_dump_test): Extend comment to mention readelf.
2015-01-07Regenerate sim/common/aclocal.m4 and sim/common/configure...Joel Brobecker3-11/+14
... using automake 1.11.1, which is the version we're currently using throughout, instead of 1.11.3. This should be a no-op in practice, but will help automake/aclocal version-related differences to cloud real changes being made. sim/common/ChangeLog: * aclocal.m4, configure: Regenerate using automake 1.11.1.
2015-01-07arm: fix extension feature disablingJan Beulich2-15/+33
Using e.g. .arch_extension simd .arch_extension nocrypto so far results in SIMD support getting disabled, which I can't see being the purpose of the "no"-prefixed variants of architecture extension specifications. Of course it is questionable whether the current, counter intuitive behavior needs to be retained, and the new behavior perhaps be made work through e.g. a newly recognized "no-" prefix. gas/ 2015-01-07 Jan Beulich <jbeulich@suse.com> * gas/config/tc-arm.c (struct arm_option_extension_value_table): Split field "value" into fields "merge_value" and "clear_value". (arm_extensions): Adjust initializer accordingly.
2015-01-07[python,guile] Add comment beside conditions testing empty arrays.Joel Brobecker3-2/+7
gdb/ChangeLog: * guile/scm-type.c (tyscm_array_1): Add comment. * python/py-type.c (typy_array_1): Add comment.
2015-01-06Skip unknown relocationH.J. Lu3-3/+10
PR binutils/17512 * elf32-i386.c (elf_i386_get_plt_sym_val): Skip unknown relocation. * elf64-x86-64.c (elf_x86_64_get_plt_sym_val): Likewise.
2015-01-07Automatic date update in version.inGDB Administrator1-1/+1
2015-01-06Handle stack split for x32H.J. Lu12-16/+357
X32 uses cmp %fs:NN,%esp, lea NN(%rsp),%r10d, lea NN(%rsp),%r11d, instead of cmp %fs:NN,%rsp, lea NN(%rsp),%r10, lea NN(%rsp),%r11. This patch handles it. PR gold/17729 * configure.ac (DEFAULT_TARGET_X86_64): Don't set for x32. (DEFAULT_TARGET_X32): Set for x32. * x86_64.cc (cmp_insn_32): New. (lea_r10_insn_32): Likewise. (lea_r11_insn_32): Likewise. (cmp_insn_64): Likewise. (lea_r10_insn_64): Likewise. (lea_r11_insn_64): Likewise. (Target_x86_64<size>::do_calls_non_split): Handle x32. * testsuite/Makefile.am (check_SCRIPTS): Add split_x32.sh. (check_DATA): Add split_x32 files. (split_x32_[1234n].o): New targets. (split_x32_[124]): New targets. (split_x32_[1234r].stdout): New targets. * testsuite/split_x32.sh: New file. * testsuite/split_x32_1.s: Likewise. * testsuite/split_x32_2.s: Likewise. * testsuite/split_x32_3.s: Likewise. * testsuite/split_x32_4.s: Likewise. * testsuite/split_x32_n.s: Likewise. * configure: Regenerated. * testsuite/Makefile.in: Likewise.
2015-01-06Another fix for an objdump crash when parsing a corrupt binary.Nick Clifton2-1/+6
PR binutils/17512 * mach-o.c (bfd_mach_o_read_symtab_strtab): Zero terminate the string table.
2015-01-06Handle Initial-Exec to Local-Exec for x32H.J. Lu2-0/+12
PR gold/17809 * x86_64.cc (Target_x86_64<size>::Relocate::tls_ie_to_le): Handle x32.
2015-01-06Fix memory access violations for objdump triggered by fuzzed binaries.Nick Clifton2-5/+12
PR binutils/17512 * reloc.c (bfd_get_reloc_size): Handle a reloc size of -1. (bfd_perform_relocation): Include the size of the reloc in the test for an out of range relocation. (bfd_generic_get_relocated_section_contents): Remove reloc range test.
2015-01-06Fixes a buffer overflow when compiling assembler for the MinGW targets.Alan Modra2-1/+11
PR binutils/17754 * internal.h (internal_auxent): Increase size of x_fname field to 20 to allow for PE format's longer file names.
2015-01-06Fixes for memory access violations in the coffdump program.Nick Clifton8-277/+421
PR binutils/17512 * coffdump.c (dump_coff_section): Check for a symbol being available before printing its name. (main): Check the return value from coff_grok. * coffgrok.c: Reformat and tidy. Add range checks to most functions. (coff_grok): Return NULL if the input bfd is not in a COFF format. * coffgrok.h: Reformat and tidy. (struct coff_section): Change the nrelocs field to unsigned. * srconv.c (main): Check the return value from coff_grok. * coff-i860.c (CALC_ADDEND): Always set an addend value. * tekhex.c (getvalue): Add an end pointer parameter. Use it to avoid reading off the end of the buffer. (getsym): Likewise. (first_phase): Likewise. (pass_over): Pass an end pointer to the invoked function.
2015-01-06gdb/guile: Do not error when trying to create empty array.Joel Brobecker2-1/+6
This fixes a similar error as in the Python support code where trying to create an empty array. In guile/scm-type.c::tyscm_array_1, the funtion raises an exception if N2 < N1: if (n2 < n1) { gdbscm_out_of_range_error (func_name, SCM_ARG3, But it should be doing so if N2 == N1 - 1, since that would simply be an empty array, not an array with a negative length. gdb/ChangeLog: * guile/scm-type.c (tyscm_array_1): Do not raise out-of-range error if N2 is equal to N1 - 1.
2015-01-06gdb/python: exception trying to create empty arrayJoel Brobecker4-1/+17
The following python command fails: (gdb) python print gdb.lookup_type('char').array(1, 0) Traceback (most recent call last): File "<string>", line 1, in <module> ValueError: Array length must not be negative Error while executing Python code. The above is trying to create an empty array, which is fairly command in Ada. gdb/ChangeLog: * python/py-type.c (typy_array_1): Do not raise negative-length exception if N2 is equal to N1 - 1. gdb/testsuite/ChangeLog: * gdb.python/py-type.exp: Add a couple test about empty array creation, and negative-length array creation.
2015-01-05Return NULL on corrupt inputH.J. Lu3-3/+16
PR binutils/17512 * elf32-i386.c (elf_i386_get_plt_sym_val): Return NULL on corrupt input. * elf64-x86-64.c (elf_x86_64_get_plt_sym_val): Likewise.
2015-01-06Automatic date update in version.inGDB Administrator1-1/+1
2015-01-05More fixes for invalid memory accesses triggered by fuzzed binaries.Nick Clifton9-39/+150
PR binutils/17512 * nm.c (print_symbol): Add 'is_synthetic' parameter. Use it to help initialize the info.elfinfo field. (print_size_symbols): Add 'synth_count' parameter. Use it to set the is_synthetic parameter when calling print_symbol. (print_symbols): Likewise. (display_rel_file): Pass synth_count to printing function. (display_archive): Break loop if the last archive displayed matches the current archive. * size.c (display_archive): Likewise. * archive.c (do_slurp_bsd_armap): Make sure that the parsed sized is at least big enough for the header to be read. * elf32-i386.c (elf_i386_get_plt_sym_val): Skip unknown relocs. * mach-o.c (bfd_mach_o_get_synthetic_symtab): Add range checks. (bfd_mach_o_read_command): Prevetn duplicate error messages about unrecognized commands. * syms.c (_bfd_stab_section_find_nearest_line): Add range checks when indexing into the string table.
2015-01-05More fixes for invalid memory accesses triggered by fuzzed binaries.Nick Clifton4-58/+180
PR binutils/17531 * dwarf.c (alloc_num_debug_info_entries): New variable. (process_debug_info): Set it. Use it to avoid displaying attributes for which there is no info. (display_debug_abbrev): Check that the debug_info_entry index is valid before using it. (display_loc_list_dwo): Likewise. (process_cu_tu_index): Add range check for an overlarge dw_sect value. (free_debug_memory): Reset alloc_num_debug_info_entries. * readelf.c (slurp_ia64_unwind_table): Warn if the reloc could not be indentified. (dynamic_section_mips_val): Warn if the timestamp is invalid. (print_mips_got_entry): Add a data_end parameter. Warn if a read would go beyond the end of the data, and return an error value. (process_mips_specific): Do not read options from beyond the end of the section. Correct code to display optional data at the end of an option. Warn if there are too many GOT symbols. Update calls to print_mips_got_entry, and handle error returns.
2015-01-05Corrects the description of the --kill-at option of dlltool.Daniel Klauer2-4/+14
PR binutils/17489 * doc/binutils.texi (dlltool): Correct description of --kill-at option.
2015-01-05Automatic date update in version.inGDB Administrator1-1/+1