From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 1612 invoked by alias); 6 Mar 2013 14:40:50 -0000 Received: (qmail 1497 invoked by uid 22791); 6 Mar 2013 14:40:49 -0000 X-SWARE-Spam-Status: No, hits=-8.1 required=5.0 tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,KHOP_SPAMHAUS_DROP,KHOP_THREADED,RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mga09.intel.com (HELO mga09.intel.com) (134.134.136.24) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 06 Mar 2013 14:40:38 +0000 Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga102.jf.intel.com with ESMTP; 06 Mar 2013 06:39:09 -0800 X-ExtLoop1: 1 Received: from irsmsx104.ger.corp.intel.com ([163.33.3.159]) by orsmga002.jf.intel.com with ESMTP; 06 Mar 2013 06:40:36 -0800 Received: from irsmsx102.ger.corp.intel.com ([169.254.2.244]) by IRSMSX104.ger.corp.intel.com ([169.254.5.19]) with mapi id 14.01.0355.002; Wed, 6 Mar 2013 14:40:35 +0000 From: "Metzger, Markus T" To: Jan Kratochvil CC: "gdb-patches@sourceware.org" , "markus.t.metzger@gmail.com" , "Himpel, Christian" Subject: RE: Crash of GDB with gdbserver btrace enabled [Re: [patch v9 00/23] branch tracing support for Atom] Date: Wed, 06 Mar 2013 14:40:00 -0000 Message-ID: References: <1362416770-19750-1-git-send-email-markus.t.metzger@intel.com> <20130306124334.GA29994@host2.jankratochvil.net> In-Reply-To: <20130306124334.GA29994@host2.jankratochvil.net> Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2013-03/txt/msg00216.txt.bz2 > -----Original Message----- > From: Jan Kratochvil [mailto:jan.kratochvil@redhat.com] > Sent: Wednesday, March 06, 2013 1:44 PM > ./gdbserver :1234 true > ./gdb true -ex 'target remote localhost:1234' -ex 'set debug remote 1' -e= x 'record btrace' -ex c >=20 > will crash GDB. There were a similar thread on the list before, I have n= ot > investigated it yet. >=20 > But this is sure not a regression when btrace is not involved. Thanks! Here's the problem.. When we close the record-btrace target in response to mourn_inferior (shoul= d be the same for any reason), we iterate over all threads and disable branch tr= acing for each thread. If we lose the connection to the remote target, we will pop all targets. This has several effects: - it will discard all inferiors - this will also cause us to disable tracing twice - thus we try to switch the remote thread twice - here we crash due to an unchecked null pointer access - even if we survived this it would free the thread_info we're using for= our traversal - it will remove all targets so we'll run into an internal error when forwa= rding mourn_inferior to the target after unpushing the record target We need to disable branch tracing when the thread goes away and when we stop recording. I therefore put the disabling into the to_close method. Even i= f I moved this somewhere else, I would still try to talk to the target when freeing t= he resources for a thread that goes away. As far as I understand, we may lose the connection at any time and for all = kinds of reasons. It just happens deterministically in the above example. So wh= at we would want is to be able to try to talk to the target after the connection = has been lost without crashing GDB. Do you know what others are doing to avoid this problem? Regards, Markus. Intel GmbH Dornacher Strasse 1 85622 Feldkirchen/Muenchen, Deutschland Sitz der Gesellschaft: Feldkirchen bei Muenchen Geschaeftsfuehrer: Christian Lamprechter, Hannes Schwaderer, Douglas Lusk Registergericht: Muenchen HRB 47456 Ust.-IdNr./VAT Registration No.: DE129385895 Citibank Frankfurt a.M. (BLZ 502 109 00) 600119052