From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id ZfxQIS8Kq18cGQAAWB0awg (envelope-from ) for ; Tue, 10 Nov 2020 16:46:23 -0500 Received: by simark.ca (Postfix, from userid 112) id 7AD641F09B; Tue, 10 Nov 2020 16:46:23 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id BADC91E590 for ; Tue, 10 Nov 2020 16:46:20 -0500 (EST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5C9D23987010; Tue, 10 Nov 2020 21:46:20 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5C9D23987010 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1605044780; bh=6jELZ8R841d3ZfA5r2sQtbEpBvlChufMm2I0T+R7M94=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=IQO+6ptdk5w8zfEzYuY+BmMeZhfSmEoZmm2x+jVMnOkks6v6Vummfg0woQO1/i+d0 LKCqJ/UxV7EeGqShNAw11UomC/Zdut4rXtIcaMiGTtS0Y/PCHK40Y5ys0Em7TnRlIn fOyxG66dsp7Dlqu1/AFQXZQjmtmMRwgoq41aKOrE= Received: from barracuda.ebox.ca (barracuda.ebox.ca [96.127.255.19]) by sourceware.org (Postfix) with ESMTPS id 17CCC3986824 for ; Tue, 10 Nov 2020 21:46:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 17CCC3986824 X-ASG-Debug-ID: 1605044775-0c856e6cd671670001-fS2M51 Received: from smtp.ebox.ca (smtp.ebox.ca [96.127.255.82]) by barracuda.ebox.ca with ESMTP id ipERchH22RKCdFyQ (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 10 Nov 2020 16:46:16 -0500 (EST) X-Barracuda-Envelope-From: simon.marchi@efficios.com X-Barracuda-RBL-Trusted-Forwarder: 96.127.255.82 Received: from epycamd.internal.efficios.com (192-222-181-218.qc.cable.ebox.net [192.222.181.218]) by smtp.ebox.ca (Postfix) with ESMTP id BBCA2441D65; Tue, 10 Nov 2020 16:46:15 -0500 (EST) X-Barracuda-RBL-IP: 192.222.181.218 X-Barracuda-Effective-Source-IP: 192-222-181-218.qc.cable.ebox.net[192.222.181.218] X-Barracuda-Apparent-Source-IP: 192.222.181.218 To: gdb-patches@sourceware.org Subject: [PATCH 02/12] gdb: clear inferior displaced stepping state on exec Date: Tue, 10 Nov 2020 16:46:04 -0500 X-ASG-Orig-Subj: [PATCH 02/12] gdb: clear inferior displaced stepping state on exec Message-Id: <20201110214614.2842615-3-simon.marchi@efficios.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201110214614.2842615-1-simon.marchi@efficios.com> References: <20201110214614.2842615-1-simon.marchi@efficios.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Barracuda-Connect: smtp.ebox.ca[96.127.255.82] X-Barracuda-Start-Time: 1605044776 X-Barracuda-Encrypted: DHE-RSA-AES256-SHA X-Barracuda-URL: https://96.127.255.19:443/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at ebox.ca X-Barracuda-Scan-Msg-Size: 3452 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=8.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.85785 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Simon Marchi via Gdb-patches Reply-To: Simon Marchi Cc: Simon Marchi Errors-To: gdb-patches-bounces@sourceware.org Sender: "Gdb-patches" When a process does an exec, all its program space is replaced with the newly loaded executable. All non-main threads disappear and the main thread starts executing at the entry point of the new executable. Things can go wrong if a displaced step operation is in progress while we process the exec event. If the main thread is the one executing the displaced step: when that thread (now executing in the new executable) stops somewhere (say, at a breakpoint), displaced_step_fixup will run and clear up the state. We will execute the "fixup" phase for the instruction we single-stepped in the old program space. We are now in a completely different context, so doing the fixup may corrupt the state. If it is a non-main thread that is doing the displaced step: while handling the exec event, GDB deletes the thread_info representing that thread (since the thread doesn't exist in the inferior after the exec). But inferior::displaced_step_state::step_thread will still point to it. When handling events later, this condition, in displaced_step_fixup, will likely never be true: /* Was this event for the thread we displaced? */ if (displaced->step_thread != event_thread) return 0; ... since displaced->step_thread points to a deleted thread (unless that storage gets re-used for a new thread_info, but that wouldn't be good either). This effectively makes the displaced stepping buffer occupied for ever. When a thread in the new program space will want to do a displaced step, it will wait for ever. I think we simply need to reset the displaced stepping state of the inferior on exec. Everything execution-related that existed before the exec is now gone. I tried to write a test where a non-main thread displaced-steps an exec syscall, where things would hang due to the displaced step buffer not getting released. However, due to PR 26754 [1], it is hard to make it stable. So I'm not including a test for this patch. If you have an idea for another way to test this without triggering this bug, I'd like to hear it. [1] https://sourceware.org/bugzilla/show_bug.cgi?id=26754 gdb/ChangeLog: * infrun.c (infrun_inferior_execd): New function. (_initialize_infrun): Attach inferior_execd observer. Change-Id: I1bbc8538e683f53af5b980091849086f4fec5ff9 --- gdb/infrun.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/gdb/infrun.c b/gdb/infrun.c index d59f6945285..bb881f3510d 100644 --- a/gdb/infrun.c +++ b/gdb/infrun.c @@ -1528,6 +1528,12 @@ infrun_inferior_exit (struct inferior *inf) inf->displaced_step_state.reset (); } +static void +infrun_inferior_execd (inferior *inf) +{ + inf->displaced_step_state.reset (); +} + /* If ON, and the architecture supports it, GDB will use displaced stepping to step over breakpoints. If OFF, or if the architecture doesn't support it, GDB will instead use the traditional @@ -9509,6 +9515,7 @@ enabled by default on some platforms."), gdb::observers::thread_stop_requested.attach (infrun_thread_stop_requested); gdb::observers::thread_exit.attach (infrun_thread_thread_exit); gdb::observers::inferior_exit.attach (infrun_inferior_exit); + gdb::observers::inferior_execd.attach (infrun_inferior_execd); /* Explicitly create without lookup, since that tries to create a value with a void typed value, and when we get here, gdbarch -- 2.28.0