| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Multi-threaded debugging using the libpthdebug debug interface
is currently broken due to multiple issues.
When debugging a single inferior, we were getting assertion
failures in get_aix_thread_info as no tp->priv structure was
allocated for the main thread.
We fixed this by switching the main
thread from a (pid, 0, 0) ptid_t to a (pid, 0, tid) ptid_t and
allocaing the tp->priv structure in sync_threadlists.
As a result, the switch_to_thread call in pdc_read_data could
now fail since the main thread no longer uses (pid, 0, 0).
So we replaced the call by only switching inferior_ptid, the current
inferior, and the current address space (like proc-service.c).
Add similar switching to pdc_write_data where it was missing
completely.
When debugging multiple inferiors, an additional set of
problems prevented correct multi-threaded debugging:
First of all, aix-thread.c used to have a number of global
variables holding per-inferior information.
We switched hese
to a per-inferior data structure instead.
Also, sync_threadlists was getting confused as we were
comparing the list of threads returned by libpthdebug
for *one* process with GDB's list of threads for *all*
processes. Now we only use he GDB threads of the current
inferior instead.
We also skip calling pd_activate
from pd_enable if that in_initial_library_scan flag is
true for the current inferior.
Finally, the presence of the thread library in any but
the first inferior was not correctly detected due to a
bug in solib-aix.c, where the BFD file name for shared
library members was changed when the library was loaded
for the first time, which caused the library to no longer
be recognized by name when loaded a second time.
|
|
I found a couple of spots in ada-lang.c where a return follows a call
to error. These are unnecessary because error never returns.
|
|
On SLE-11, with glibc 2.11.3, I run into:
...
(gdb) PASS: gdb.arch/amd64-disp-step-avx.exp: vex3: \
var128 has expected value after
continue^M
Continuing.^M
^M
Program received signal SIGSEGV, Segmentation fault.^M
0x0000000000400283 in _exit (status=0) at \
../sysdeps/unix/sysv/linux/_exit.c:33^M
33 ../sysdeps/unix/sysv/linux/_exit.c: No such file or directory.^M
(gdb) FAIL: gdb.arch/amd64-disp-step-avx.exp: \
continue until exit at amd64-disp-step-avx
...
This is not related to gdb, we get the same result by just running the exec.
The problem is that the test-case:
- calls glibc's _exit, and
- uses -nostartfiles -static, putting the burden for any necessary
initialization for calling glibc's _exit on the test-case itself.
So, when we get to the second insn in _exit:
...
000000000040acb0 <_exit>:
40acb0: 48 63 d7 movslq %edi,%rdx
40acb3: 64 4c 8b 14 25 00 00 mov %fs:0x0,%r10
...
no glibc-related initialization is done, and we run into the segfault.
Adding this (borrowed from __libc_start_main) in _start in the .S file is
sufficient to fix it:
...
.rept 200
nop
+ call __pthread_initialize_minimal
.endr
...
But that already doesn't compile with say glibc 2.31, and regardless I think
this sort of fix is too fragile.
We could of course fix this by simply not running to exit. But ideally we'd
have an exec that doesn't segfault when you just run it.
Alternatively, we could hand-code an _exit syscall and bypass glibc
all together. But I'd rather fix this in a way that simplifies the test-case.
Taking a step back, the -nostartfiles -static was added to address that the
xmm registers were not zero at main (which AFAICT is a valid thing to happen).
[ The change itself silently broke the test-case, needing further fixing by
commit 40310f30a51 ("gdb: make gdb.arch/amd64-disp-step-avx.exp actually test
displaced stepping"). ]
Instead, simplify things by reverting to the original situation:
- no -nostartfiles -static compilation flags,
- no _start in the .S file,
- use exit instead of _exit in the .S file,
and fix the original problem by setting the xmm registers to zero rather than
checking that they're zero.
Now that we're no longer forcing -static, add nopie to the flags to prevent
compilation failure with target board unix/-fPIE/-pie.
Tested on x86_64-linux.
PR testsuite/30132
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30132
|
|
create_ada_exception_catchpoint has a parameter named "disabled", but
both its callers and callees use it to mean "enabled". This is
confusing, so this patch renames the parameter.
|
|
The 'g' packet documentation references a macro that no longer exists,
and it also claims that the 'x' response for an unavailable register
is limited to trace frames. This patch updates the documentation to
reflect what I think is currently correct.
Co-Authored-By: Pedro Alves <pedro@palves.net>
Approved-By: Eli Zaretskii <eliz@gnu.org>
Change-Id: I863baa3b9293059cfd4aa3d534602cbcb693ba87
|
|
Unlike the other *_main_name functions, ada_main_name returns a
non-const "char *". This is strange, though, because the caller
should not in fact modify or free this pointer. This patch changes
this function to constify its return type.
|
|
I stumbled across this declaration in ada-lang.h. I don't know what
function did, but it no longer exists, so remove the declaration.
Tested by rebuilding.
|
|
Back in 2010 the -remove-inferior command was added in commit
a79b8f6ea8c2, unfortunately this command was never added to the
documentation.
This commit addresses that oversight.
Approved-By: Eli Zaretskii <eliz@gnu.org>
|
|
There are several more value methods that currently return 'int' but
that should return 'bool'. This patch updates these.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
This changes value::bits_synthetic_pointer to return bool and fixes up
some fallout from this.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
This changes value::m_stack to be a bool and updates the various uses.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
This changes value::m_initialized to be a bool and updates the various
uses.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
This changes value::m_lazy to be a bool and updates the various uses.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
This changes value::m_modifiable to be a bool and updates the various
uses.
Reviewed-By: Bruno Larsen <blarsen@redhat.com>
|
|
I noticed that if Ctrl-C was typed just while GDB is evaluating a
breakpoint condition in the background, and GDB ends up reaching out
to the Python interpreter, then the breakpoint condition would still
fail, like:
c&
Continuing.
(gdb) Error in testing breakpoint condition:
Quit
That happens because while evaluating the breakpoint condition, we
enter Python, and end up calling PyErr_SetInterrupt (it's called by
gdbpy_set_quit_flag, in frame #0):
(top-gdb) bt
#0 gdbpy_set_quit_flag (extlang=0x558c68f81900 <extension_language_python>) at ../../src/gdb/python/python.c:288
#1 0x0000558c6845f049 in set_quit_flag () at ../../src/gdb/extension.c:785
#2 0x0000558c6845ef98 in set_active_ext_lang (now_active=0x558c68f81900 <extension_language_python>) at ../../src/gdb/extension.c:743
#3 0x0000558c686d3e56 in gdbpy_enter::gdbpy_enter (this=0x7fff2b70bb90, gdbarch=0x558c6ab9eac0, language=0x0) at ../../src/gdb/python/python.c:212
#4 0x0000558c68695d49 in python_on_memory_change (inferior=0x558c6a830b00, addr=0x555555558014, len=4, data=0x558c6af8a610 "") at ../../src/gdb/python/py-inferior.c:146
#5 0x0000558c6823a071 in std::__invoke_impl<void, void (*&)(inferior*, unsigned long, long, unsigned char const*), inferior*, unsigned long, long, unsigned char const*> (__f=@0x558c6a8ecd98: 0x558c68695d01 <python_on_memory_change(inferior*, CORE_ADDR, ssize_t, bfd_byte const*)>) at /usr/include/c++/11/bits/invoke.h:61
#6 0x0000558c68237591 in std::__invoke_r<void, void (*&)(inferior*, unsigned long, long, unsigned char const*), inferior*, unsigned long, long, unsigned char const*> (__fn=@0x558c6a8ecd98: 0x558c68695d01 <python_on_memory_change(inferior*, CORE_ADDR, ssize_t, bfd_byte const*)>) at /usr/include/c++/11/bits/invoke.h:111
#7 0x0000558c68233e64 in std::_Function_handler<void (inferior*, unsigned long, long, unsigned char const*), void (*)(inferior*, unsigned long, long, unsigned char const*)>::_M_invoke(std::_Any_data const&, inferior*&&, unsigned long&&, long&&, unsigned char const*&&) (__functor=..., __args#0=@0x7fff2b70bd40: 0x558c6a830b00, __args#1=@0x7fff2b70bd38: 93824992247828, __args#2=@0x7fff2b70bd30: 4, __args#3=@0x7fff2b70bd28: 0x558c6af8a610 "") at /usr/include/c++/11/bits/std_function.h:290
#8 0x0000558c6830a96e in std::function<void (inferior*, unsigned long, long, unsigned char const*)>::operator()(inferior*, unsigned long, long, unsigned char const*) const (this=0x558c6a8ecd98, __args#0=0x558c6a830b00, __args#1=93824992247828, __args#2=4, __args#3=0x558c6af8a610 "") at /usr/include/c++/11/bits/std_function.h:590
#9 0x0000558c6830a620 in gdb::observers::observable<inferior*, unsigned long, long, unsigned char const*>::notify (this=0x558c690828c0 <gdb::observers::memory_changed>, args#0=0x558c6a830b00, args#1=93824992247828, args#2=4, args#3=0x558c6af8a610 "") at ../../src/gdb/../gdbsupport/observable.h:166
#10 0x0000558c68309d95 in write_memory_with_notification (memaddr=0x555555558014, myaddr=0x558c6af8a610 "", len=4) at ../../src/gdb/corefile.c:363
#11 0x0000558c68904224 in value_assign (toval=0x558c6afce910, fromval=0x558c6afba6c0) at ../../src/gdb/valops.c:1190
#12 0x0000558c681e3869 in expr::assign_operation::evaluate (this=0x558c6af8e150, expect_type=0x0, exp=0x558c6afcfe60, noside=EVAL_NORMAL) at ../../src/gdb/expop.h:1902
#13 0x0000558c68450c89 in expr::logical_or_operation::evaluate (this=0x558c6afab060, expect_type=0x0, exp=0x558c6afcfe60, noside=EVAL_NORMAL) at ../../src/gdb/eval.c:2330
#14 0x0000558c6844a896 in expression::evaluate (this=0x558c6afcfe60, expect_type=0x0, noside=EVAL_NORMAL) at ../../src/gdb/eval.c:110
#15 0x0000558c6844a95e in evaluate_expression (exp=0x558c6afcfe60, expect_type=0x0) at ../../src/gdb/eval.c:124
#16 0x0000558c682061ef in breakpoint_cond_eval (exp=0x558c6afcfe60) at ../../src/gdb/breakpoint.c:4971
...
The fix is to disable cooperative SIGINT handling while handling
inferior events, so that SIGINT is saved in the global quit flag, and
not in the extension language, while handling an event.
This commit augments the testcase added by the previous commit to test
this scenario as well.
Approved-By: Tom Tromey <tom@tromey.com>
Change-Id: Idf8ab815774ee6f4b45ca2d0caaf30c9b9f127bb
|
|
get_active_ext_lang is not used anywhere. Delete it.
Approved-By: Tom Tromey <tom@tromey.com>
Change-Id: I4c2b6d0d11291103c098e4db1d6ea449875c96b7
|
|
This implements what I suggested here:
https://inbox.sourceware.org/gdb-patches/ab97c553-f406-b094-cdf3-ba031fdea925@palves.net/
Here is the current default quit_handler, a function that ends up
called by the QUIT macro:
void
default_quit_handler (void)
{
if (check_quit_flag ())
{
if (target_terminal::is_ours ())
quit ();
else
target_pass_ctrlc ();
}
}
As we can see above, when the inferior is running in the foreground,
then a Ctrl-C is translated into a call to target_pass_ctrlc().
The target_terminal::is_ours() case above is there to handle the
scenario where GDB has the terminal, meaning it is handling some
command the user typed, like "list", or "p a + b" or some such.
However, when the inferior is running on the background, say with
"c&", GDB also has the terminal. Run control handling is now done in
the "background". The CLI is responsive to user commands. If users
type Ctrl-C, they're expecting it to interrupt whatever command they
next type in the CLI, which again, could be "list", "p a + b", etc.
It's as if background run control was handled by a separate thread,
and the Ctrl-C is meant to go to the main thread, handling the CLI.
However, when handling an event, inside fetch_inferior_event &
friends, a Ctrl-C _also_ results in a Quit exception, from the same
default_quit_handler function shown above. This quit aborts run
control handling, breakpoint condition evaluation, etc., and may even
leave run control in an inconsistent state.
The testcase added by this patch illustrates this. The test program
just loops a number of times calling the "foo" function.
The idea is to set a breakpoint in the "foo" function with a condition
that sends SIGINT to GDB, and then evaluates to false, which results
in the program being re-resumed in the background. The SIGINT-sending
emulates pressing Ctrl-C just while GDB was evaluating the breakpoint
condition, except, it's more deterministic.
It looks like this:
(gdb) p $counter = 0
$1 = 0
(gdb) b foo if $counter++ == 10 || $_shell("kill -SIGINT `pidof gdb`") != 0
Breakpoint 2 at 0x555555555131: file gdb.base/bg-exec-sigint-bp-cond.c, line 21.
(gdb) c&
Continuing.
(gdb)
After that background continue, the breakpoint should be hit 10 times,
and we should see 10 "Quit" being printed on the screen. As if the
user typed Ctrl-C on the prompt a number of times with no inferior
running:
(gdb) <<< Ctrl-C
(gdb) Quit <<< Ctrl-C
(gdb) Quit <<< Ctrl-C
(gdb)
However, here's what you see instead:
(gdb) c&
Continuing.
(gdb) Quit
(gdb)
Just one Quit, and nothing else. If we look at the thread's state, we see:
(gdb) info threads
Id Target Id Frame
* 1 Thread 0x7ffff7d6f740 (LWP 112192) "bg-exec-sigint-" foo () at gdb.base/bg-exec-sigint-bp-cond.c:21
So the thread stopped, but we didn't report a stop...
Issuing another continue shows the same immediate-and-silent-stop:
(gdb) c&
Continuing.
(gdb) Quit
(gdb) p $counter
$2 = 2
As mentioned, since the run control handling, and breakpoint and
watchpoint evaluation, etc. are running in the background from the
perspective of the CLI, when users type Ctrl-C in this situation,
they're thinking of aborting whatever other command they were typing
or running at the prompt, not the run control side, not the previous
"c&" command.
So I think that we should install a custom quit_handler while inside
fetch_inferior_event, where we already disable pagination and other
things for a similar reason. This custom quit handler does nothing if
GDB has the terminal, and forwards Ctrl-C to the inferior otherwise.
With the patch implementing that, and the same testcase, here's what
you see instead:
(gdb) p $counter = 0
$1 = 0
(gdb) b foo if $counter++ == 10 || $_shell("kill -SIGINT `pidof gdb`") != 0
Breakpoint 2 at 0x555555555131: file gdb.base/bg-exec-sigint-bp-cond.c, line 21.
(gdb) c&
Continuing.
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb) Quit
(gdb)
Breakpoint 2, foo () at gdb.base/bg-exec-sigint-bp-cond.c:21
21 return 0;
Approved-By: Tom Tromey <tom@tromey.com>
Change-Id: I1f10d99496a7d67c94b258e45963e83e439e1778
|
|
For testing a following patch, I wanted a way to send a SIGINT to GDB
from a breakpoint condition. And I didn't want to do it from a Python
breakpoint or Python function, as I wanted to exercise non-Python code
paths. So I thought I'd add a new $_shell internal function, that
runs a command under the shell, and returns the exit code. With this,
I could write:
(gdb) b foo if $_shell("kill -SIGINT $gdb_pid") != 0 || <other condition>
I think this is generally useful, hence I'm proposing it here.
Here's the new function in action:
(gdb) p $_shell("true")
$1 = 0
(gdb) p $_shell("false")
$2 = 1
(gdb) p $_shell("echo hello")
hello
$3 = 0
(gdb) p $_shell("foobar")
bash: line 1: foobar: command not found
$4 = 127
(gdb) help function _shell
$_shell - execute a shell command and returns the result.
Usage: $_shell (command)
Returns the command's exit code: zero on success, non-zero otherwise.
(gdb)
NEWS and manual changes included.
Approved-By: Andrew Burgess <aburgess@redhat.com>
Approved-By: Tom Tromey <tom@tromey.com>
Approved-By: Eli Zaretskii <eliz@gnu.org>
Change-Id: I7e36d451ee6b428cbf41fded415ae2d6b4efaa4e
|
|
Currently, printing the type of an internal function in Ada shows
double <>s, like:
(gdb) with language ada -- ptype $_isvoid
type = <<internal function>>
while all other languages print it with a single <>, like:
(gdb) with language c -- ptype $_isvoid
type = <internal function>
I don't think there's a reason that Ada needs to be different. We
currently print the double <>s because we take this path in
ada_print_type:
switch (type->code ())
{
default:
gdb_printf (stream, "<");
c_print_type (type, "", stream, show, level, language_ada, flags);
gdb_printf (stream, ">");
break;
... and the type's name already has the <>s.
Fix this by simply adding an early check for
TYPE_CODE_INTERNAL_FUNCTION.
Approved-By: Andrew Burgess <aburgess@redhat.com>
Approved-By: Tom Tromey <tom@tromey.com>
Change-Id: Ic2b6527b9240a367471431023f6e27e6daed5501
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30105
|
|
Currently, looking at the type of an internal function, like below,
hits an odd error:
(gdb) ptype $_isvoid
type = <internal function>type not handled in c_type_print_varspec_prefix()
That is an error thrown from
c-typeprint.c:c_type_print_varspec_prefix, where it reads:
...
case TYPE_CODE_DECFLOAT:
case TYPE_CODE_FIXED_POINT:
/* These types need no prefix. They are listed here so that
gcc -Wall will reveal any types that haven't been handled. */
break;
default:
error (_("type not handled in c_type_print_varspec_prefix()"));
break;
Internal function types have type code TYPE_CODE_INTERNAL_FUNCTION,
which is not explicitly handled by that switch.
That comment quoted above says that gcc -Wall will reveal any types
that haven't been handled, but that's not actually true, at least with
modern GCCs. You would need to enable -Wswitch-enum for that, which
we don't. If I do enable that warning, then I see that we're missing
handling for the following type codes:
TYPE_CODE_INTERNAL_FUNCTION,
TYPE_CODE_MODULE,
TYPE_CODE_NAMELIST,
TYPE_CODE_XMETHOD
TYPE_CODE_MODULE and TYPE_CODE_NAMELIST and Fortran-specific, so it'd
be a little weird to handle them here.
I tried to reach this code with TYPE_CODE_XMETHOD, but couldn't figure
out how to. ptype on an xmethod isn't treated specially, it just
complains that the method doesn't exist. I've extended the
gdb.python/py-xmethods.exp testcase to make sure of that.
My thinking is that whatever type code we add next, the most likely
scenario is that it won't need any special handling, so we'd just be
adding another case to that "do nothing" list. If we do need special
casing for whatever type code, I think that tests added at the same
time as the feature would uncover it anyhow. If we do miss adding the
special casing, then it still looks better to me to print the type
somewhat incompletely than to error out and make it harder for users
to debug whatever they need. So I think that the best thing to do
here is to just remove all those explicit "do nothing" cases, along
with the error default case.
After doing that, I decided to write a testcase that iterates over all
supported languages doing "ptype INTERNAL_FUNC". That revealed that
Pascal has a similar problem, except the default case hits a
gdb_assert instead of an error:
(gdb) with language pascal -- ptype $_isvoid
type =
../../src/gdb/p-typeprint.c:268: internal-error: type_print_varspec_prefix: unexpected type
A problem internal to GDB has been detected,
further debugging may prove unreliable.
That is fixed by this patch in the same way.
You'll notice that the new testcase special-cases the Ada expected
output:
} elseif {$lang == "ada"} {
gdb_test "ptype \$_isvoid" "<<internal function>>"
} else {
gdb_test "ptype \$_isvoid" "<internal function>"
}
That will be subject of the following patch.
Approved-By: Andrew Burgess <aburgess@redhat.com>
Change-Id: I81aec03523cceb338b5180a0b4c2e4ad26b4c4db
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30105
|
|
Move everything related to reading .debug_names from read.c to
read-debug-names.c. The only entry point exposed by
read-debug-names.{c,h} is dwarf2_read_debug_names.
Change-Id: I18b23f3c7a61b14abc3a46e4bf559bc2d078e8bc
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Move everything related to reading .gdb_index from read.c to
read-gdb-index.c. The only entry point exposed by read-gdb-index.{c,h}
is dwarf2_read_gdb_index.
Change-Id: I1e32c8f0720086538de8d2f612f27545377099bc
Approved-By: Tom Tromey <tom@tromey.com>
|
|
The following 2 patches move .gdb_index and .debug_names reading code to
their own file. Prepare this by exposing some things used by that code
to read.h.
Change-Id: If8ef135758a2ff0ab3b765cc92596da8189f3bbd
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Tom de Vries reported [1] a regression in gdb.btrace/record_goto.exp
caused by 6d3717d4c4 ("gdb: call frame unwinders' dealloc_cache methods
through destroying the frame cache"). This issue is caught by ASan. On
a non-ASan build, it may or may not cause a crash or some other issue, I
haven't tried.
I managed to narrow it down to:
$ ./gdb -nx -q --data-directory=data-directory testsuite/outputs/gdb.btrace/record_goto/record_goto -ex "start" -ex "record btrace" -ex "next"
... and then doing repeatedly "record goto 19" and "record goto 27".
Eventually, I get:
(gdb) record goto 27
=================================================================
==1527735==ERROR: AddressSanitizer: heap-use-after-free on address 0x6210003392a8 at pc 0x55e4c26eef86 bp 0x7ffd229f24e0 sp 0x7ffd229f24d8
READ of size 8 at 0x6210003392a8 thread T0
#0 0x55e4c26eef85 in bfcache_eq /home/simark/src/binutils-gdb/gdb/record-btrace.c:1639
#1 0x55e4c37cdeff in htab_find_slot_with_hash /home/simark/src/binutils-gdb/libiberty/hashtab.c:659
#2 0x55e4c37ce24a in htab_find_slot /home/simark/src/binutils-gdb/libiberty/hashtab.c:703
#3 0x55e4c26ef0c6 in bfcache_new /home/simark/src/binutils-gdb/gdb/record-btrace.c:1653
#4 0x55e4c26f1242 in record_btrace_frame_sniffer /home/simark/src/binutils-gdb/gdb/record-btrace.c:1820
#5 0x55e4c1b926a1 in frame_unwind_try_unwinder /home/simark/src/binutils-gdb/gdb/frame-unwind.c:136
#6 0x55e4c1b930d7 in frame_unwind_find_by_frame(frame_info_ptr, void**) /home/simark/src/binutils-gdb/gdb/frame-unwind.c:196
#7 0x55e4c1bb867f in get_frame_type(frame_info_ptr) /home/simark/src/binutils-gdb/gdb/frame.c:2925
#8 0x55e4c2ae6798 in print_frame_info(frame_print_options const&, frame_info_ptr, int, print_what, int, int) /home/simark/src/binutils-gdb/gdb/stack.c:1049
#9 0x55e4c2ade3e1 in print_stack_frame(frame_info_ptr, int, print_what, int) /home/simark/src/binutils-gdb/gdb/stack.c:367
#10 0x55e4c26fda03 in record_btrace_set_replay /home/simark/src/binutils-gdb/gdb/record-btrace.c:2779
#11 0x55e4c26fddc3 in record_btrace_target::goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/record-btrace.c:2843
#12 0x55e4c2de2bb2 in target_goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/target.c:4169
#13 0x55e4c275ed98 in record_goto(char const*) /home/simark/src/binutils-gdb/gdb/record.c:372
#14 0x55e4c275edba in cmd_record_goto /home/simark/src/binutils-gdb/gdb/record.c:383
0x6210003392a8 is located 424 bytes inside of 4064-byte region [0x621000339100,0x62100033a0e0)
freed by thread T0 here:
#0 0x7f6ca34a5b6f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:123
#1 0x55e4c38a4c17 in rpl_free /home/simark/src/binutils-gdb/gnulib/import/free.c:44
#2 0x55e4c1bbd378 in xfree<void> /home/simark/src/binutils-gdb/gdb/../gdbsupport/gdb-xfree.h:37
#3 0x55e4c37d1b63 in call_freefun /home/simark/src/binutils-gdb/libiberty/obstack.c:103
#4 0x55e4c37d25a2 in _obstack_free /home/simark/src/binutils-gdb/libiberty/obstack.c:280
#5 0x55e4c1bad701 in reinit_frame_cache() /home/simark/src/binutils-gdb/gdb/frame.c:2112
#6 0x55e4c27705a3 in registers_changed_ptid(process_stratum_target*, ptid_t) /home/simark/src/binutils-gdb/gdb/regcache.c:564
#7 0x55e4c27708c7 in registers_changed_thread(thread_info*) /home/simark/src/binutils-gdb/gdb/regcache.c:573
#8 0x55e4c26fd922 in record_btrace_set_replay /home/simark/src/binutils-gdb/gdb/record-btrace.c:2772
#9 0x55e4c26fddc3 in record_btrace_target::goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/record-btrace.c:2843
#10 0x55e4c2de2bb2 in target_goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/target.c:4169
#11 0x55e4c275ed98 in record_goto(char const*) /home/simark/src/binutils-gdb/gdb/record.c:372
#12 0x55e4c275edba in cmd_record_goto /home/simark/src/binutils-gdb/gdb/record.c:383
previously allocated by thread T0 here:
#0 0x7f6ca34a5e8f in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x55e4c0b55c60 in xmalloc /home/simark/src/binutils-gdb/gdb/alloc.c:57
#2 0x55e4c37d1a6d in call_chunkfun /home/simark/src/binutils-gdb/libiberty/obstack.c:94
#3 0x55e4c37d1c20 in _obstack_begin_worker /home/simark/src/binutils-gdb/libiberty/obstack.c:141
#4 0x55e4c37d1ed7 in _obstack_begin /home/simark/src/binutils-gdb/libiberty/obstack.c:164
#5 0x55e4c1bad728 in reinit_frame_cache() /home/simark/src/binutils-gdb/gdb/frame.c:2113
#6 0x55e4c27705a3 in registers_changed_ptid(process_stratum_target*, ptid_t) /home/simark/src/binutils-gdb/gdb/regcache.c:564
#7 0x55e4c27708c7 in registers_changed_thread(thread_info*) /home/simark/src/binutils-gdb/gdb/regcache.c:573
#8 0x55e4c26fd922 in record_btrace_set_replay /home/simark/src/binutils-gdb/gdb/record-btrace.c:2772
#9 0x55e4c26fddc3 in record_btrace_target::goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/record-btrace.c:2843
#10 0x55e4c2de2bb2 in target_goto_record(unsigned long) /home/simark/src/binutils-gdb/gdb/target.c:4169
#11 0x55e4c275ed98 in record_goto(char const*) /home/simark/src/binutils-gdb/gdb/record.c:372
#12 0x55e4c275edba in cmd_record_goto /home/simark/src/binutils-gdb/gdb/record.c:383
The problem is a stale entry in the bfcache hash table (in
record-btrace.c), left across a reinit_frame_cache. This entry points
to something that used to be allocated on the frame obstack, that has
since been wiped by reinit_frame_cache.
Before the aforementioned, unwinder deallocation functions were called
by iterating on the frame chain, starting with the sentinel frame, like
so:
/* Tear down all frame caches. */
for (frame_info *fi = sentinel_frame; fi != NULL; fi = fi->prev)
{
if (fi->prologue_cache && fi->unwind->dealloc_cache)
fi->unwind->dealloc_cache (fi, fi->prologue_cache);
if (fi->base_cache && fi->base->unwind->dealloc_cache)
fi->base->unwind->dealloc_cache (fi, fi->base_cache);
}
After that patch, we relied on the fact that all frames are (supposedly)
in the frame_stash. A deletion function was added to the frame_stash
hash table, so that dealloc functions would be called when emptying the
frame stash. There is one case, however, where a frame_info is not in
the frame stash. That is when we create the frame_info for the current
frame (level 0, unwound from the sentinel frame), but don't compute its
frame id. The computation of the frame id for that frame (and only that
frame, AFAIK) is done lazily. And putting a frame_info in the frame stash
requires knowing its id. So a frame 0 whose frame id is not computed
yet is necessarily not in the frame stash.
When replaying with btrace, record_btrace_frame_sniffer insert entries
corresponding to frames in the "bfcache" hash table. It then relies on
record_btrace_frame_dealloc_cache being called for each frame to remove
all those entries when the frames get invalidated. If a frame reinit
happens while frame 0's id is not computed (and therefore that frame is
not in frame_stash), record_btrace_frame_dealloc_cache does not get
called for it, and it leaves a stale entry in bfcache. That then leads
to a use-after-free when that entry is accessed later, which ASan
catches.
The proposed solution is to explicitly call frame_info_del on frame 0,
if it exists, and if its frame id is not computed. If its frame id is
computed, it is expected that it will be in the frame stash, so it will
be "deleted" through that.
[1] https://inbox.sourceware.org/gdb-patches/20230130200249.131155-1-simon.marchi@efficios.com/T/#mcf1340ce2906a72ec7ed535ec0c97dba11c3d977
Reported-By: Tom de Vries <tdevries@suse.de>
Tested-By: Tom de Vries <tdevries@suse.de>
Change-Id: I2351882dd511f3bbc01e4152e9db13b69b3ba384
|
|
In a test downstream in ROCgdb, we had a test case failing when
GDB_REVERSE_INIT_FUNCTIONS was set. The test was assuming a particular
order in the output of "show convenience". And the order changes when
running with GDB_REVERSE_INIT_FUNCTIONS.
I think that a nice way to fix it is to make the output of "show
convenience" sorted, and therefore stable. Ideally, I think that the
the user-visible behavior of GDB should not change when using
GDB_REVERSE_INIT_FUNCTIONS. Plus, it makes the output of "show
convenience" look nice, not that it's really important.
Implement this by storing the internal vars in an std::map, which is a
sorted container.
Change-Id: I1fca7e7877cc984a3a3432c7639d45e68d437241
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Add a constructor that takes the name as a parameter. Initialize the
next and kind fields inline.
Change-Id: Ic4db0aba85f1da9f12f3eee0ac62c0e5ef0cfe88
Approved-By: Tom Tromey <tom@tromey.com>
|
|
Change internalvar::name to std::string, automating memory management.
It becomes necessary to allocate internalvar with new instead of XNEW.
I didn't find how to trigger the code in complete_internalvar. It is
called from condition_completer, so it should be by using the
"condition" command, but I never managed to get in the right code path.
Change-Id: I814d61361663e7becb8f3fb5f58c0180cdc414bc
Approved-By: Tom Tromey <tom@tromey.com>
|
|
When connecting to a certain target, gdb issues a warning about the
target description:
(gdb) target remote localhost:7947
Remote debugging using localhost:7947
warning: Architecture rejected target-supplied description
If you then kill the inferior and change the exec-file, this will
happen:
(gdb) file bar
Architecture of file not recognized.
After this, debugging doesn't work very well.
What happens here is that, despite the warning,
target_find_description records the downloaded description in the
target_desc_info. Then the "file" command ends up calling
set_gdbarch_from_file, which uses that description.
It seems to me that, because the architecture rejected the
description, it should not be used. That is what this patch
implements.
|
|
The manual currently has many cases like these:
@item $_gdb_setting_str (@var{setting})
@findex $_gdb_setting_str@r{, convenience function}
As suggested by Eli, move the @findex entries before @item so that the
index records the position of @item, and the Info reader places you
there when you use index-search.
I went over all @findex calls in the manual, and most are like the
above. Most either appear before @item, or before @subheading, like:
@subheading The @code{-break-after} Command
@findex -break-after
I fixed all of them.
There are findex entries in annotate.texinfo,python.texi, and
stabs.texinfo as well, though those all look right to me already.
Tested by typing "i _isvoid" (@item case) and "i -complete"
(@subheading case) in an Info reader, and checking where those took
me.
Change-Id: Idb6903b0bb39ff03f93524628dcef86b5585c97e
Suggested-By: Eli Zaretskii <eliz@gnu.org>
|
|
I fixed this a while ago for ifx, one of the two Intel compilers, in
8d624a9d8050ca96e154215c7858ac5c2d8b0b19.
Apparently I missed that the older ifort Intel compiler actually emits
slightly different debug info again:
0x0000007a: DW_TAG_base_type
DW_AT_byte_size (0x20)
DW_AT_encoding (DW_ATE_complex_float)
DW_AT_name ("COMPLEX(16)")
0x00000081: DW_TAG_base_type
DW_AT_byte_size (0x10)
DW_AT_encoding (DW_ATE_float)
DW_AT_name ("REAL(16)")
This fixes two failures in gdb.fortran/complex.exp with ifort.
Approved-By: Tom Tromey <tom@tromey.com>
|
|
I noticed that the TUI temporarily sets pagination_enabled and
gdb_stdout in one spot. However, I don't believe these settings are
necessary here, as a ui_file is passed to
gdbarch_print_registers_info. This patch removes these settings.
|
|
This renaming helps make it clearer that these entites (classes,
functions) are specific to .gdb_index only, they are not shared with the
.debug_names handling.
Change-Id: I1a3cf3dbf450b62d1a0879d9aedd26397abdfd13
Approved-By: Tom Tromey <tom@tromey.com>
|
|
My editor shows warnings like:
value.c:2784: warning: The value returned by this function should be used
value.c:2784: note: cast the expression to void to silence this warning [bugprone-unused-return-value]
These warnings come from clangd, so ultimately from one of the clang
static analyzers (probably clang-tidy).
Silence these warnings by casting to void. Add a comment to explain
why this unusual thing is done.
Change-Id: I58323959c0baf9f1b20a8d596e4c58dc77c6809a
Approved-By: Tom Tromey <tom@tromey.com>
|
|
I suppose this was possible in the CVS days for the tui directory to be
missing, but it's not really possible nowaday. Well, a user could
delete the directory from their source tree but... it doesn't make
sense. Remove the check for that directory in configure.
Change-Id: Iea1412f5e5482ed003015030132ec22150c7d0b3
Approved-By: Tom Tromey <tom@tromey.com>
|
|
While investigating something else, I noticed some weird code in
agent_run_command (use of memcpy rather than strcpy). Then I noticed
that 'cmd' is used as both an in and out parameter, despite being
const.
Casting away const like this is bad. This patch removes the const and
fixes the memcpy. I also added a static assert to assure myself that
the code in gdbserver is correct -- gdbserver is passing its own
buffer directly to agent_run_command.
Reviewed-By: Andrew Burgess <aburgess@redhat.com>
|
|
There's a HW bug affecting Processor Trace on some Intel processors
(Ice Lake to Raptor Lake microarchitectures).
The bug was exposed by linux kernel commit 670638477aed
("perf/x86/intel/pt: Opportunistically use single range output mode"),
added in version v5.5.0, and was worked around by commit ce0d998be927
("perf/x86/intel/pt: Fix sampling using single range output") in version
6.1.0.
The bug manifests (on a Performance-core of an i7-1250U, an Alder Lake cpu) in
a single test-case:
...
(gdb) python insn = r.instruction_history^M
warning: Decode error (-20) at instruction 33 (offset = 0x3d6a, \
pc = 0x400501): compressed return without call.^M
(gdb) FAIL: gdb.python/py-record-btrace.exp: prepare record: \
python insn = r.instruction_history
...
Add a corresponding XFAIL.
Note that the i7-1250U has both Performance-cores and Efficient-cores, and on
an Efficient-Core the test-case runs without any problems, so if the testsuite
run is not pinned to a specific cpu, the test may either PASS or XFAIL.
Tested on x86_64-linux:
- openSUSE Leap 15.4 with linux kernel version 5.14.21
- openSUSE Tumbleweed with linux kernel version 6.1.8
PR testsuite/30075
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30075
|
|
Factor out new proc linux_kernel_version from test-case
gdb.arch/i386-pkru.exp.
Tested on x86_64-linux.
|
|
The buildbot pointed out that my value refactoring series introduced a
bug in ppc-linux-nat.c:
../../binutils-gdb/gdb/ppc-linux-nat.c: In member function βint ppc_linux_nat_target::num_memory_accesses(const std::vector<gdb::ref_ptr<value, value_ref_policy> >&)β:
../../binutils-gdb/gdb/ppc-linux-nat.c:2458:44: error: expected unqualified-id before β->β token
2458 | if (VALUE_LVAL (v) == not_lval || v->->deprecated_modifiable () == 0)
I don't know how that happened, but I am checking in this patch which
I think should fix it. It just removes the second "->".
I can't readily test this, so perhaps there's another bug lurking
after this one.
|
|
Simon pointed out some spots were doing val.get()->mumble, where val
is a value_ref_ptr. These were introduced by the function-to-method
script, replacing older code that passed the result of .get() to a
function.
Now that value.h is using methods, we can instead rely on operator->.
This patch replaces all the newly-introduced instances of this.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This removes deprecated_lval_hack and the VALUE_LVAL macro, replacing
all uses with a call to value::lval.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This introduces the set_lval method on value, one step toward removing
deprecated_lval_hack. Ultimately I think the goal should be for some
of these set_* methods to be replaced with constructors; but I haven't
done this, as the series is already too long. Other 'deprecated'
methods can probably be handled the same way.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
At the end of this series, I belatedly realized that values should
only be destroyed by value_decref. This patch marks the the
destructor private to enforce this.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This hoists the 'private' in struct value to also encompass the data
members.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
record_latest_value now access some internals of struct value, so turn
it into a method.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This introduces a value::set_modifiable and changes a couple of spots
to use it.
I'm not completely sure the comments by deprecated_modifiable are
correct any more. Perhaps they should be removed and the method
renamed. Like so many before me, though, I've deferred investigation
of the issue.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This patch turns a grab bag of value functions to methods of value.
These are done together because their implementations are
interrelated.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This changes preserve_one_value to be a method of value. Much of this
patch was written by script.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This turns value_from_xmethod, result_type_of_xmethod, and
call_xmethod to be methods of value. value_from_xmethod is a static
"constructor" now.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
A few functions in value.c were accessing the internal fields of
struct value. However, in these cases it seemed simpler to change
them to use the public API rather than convert them to be methods.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
|
This turns set_value_component_location into a method of value.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
|
