Re: [mi] watchpoint-scope exec async command

Mirror of the gdb mailing list
 help / color / mirror / Atom feed

From: Daniel Jacobowitz <drow@false.org>
To: Eli Zaretskii <eliz@gnu.org>
Cc: GDB <gdb@sources.redhat.com>
Subject: Re: [mi] watchpoint-scope exec async command
Date: Tue, 29 Mar 2005 21:43:00 -0000	[thread overview]
Message-ID: <20050329214414.GA3498@nevyn.them.org> (raw)
In-Reply-To: <01c534a6$Blat.v2.4$944e44a0@zahav.net.il>

On Tue, Mar 29, 2005 at 11:29:48PM +0200, Eli Zaretskii wrote:
> > how did we fail to delete the watchpoint too?
> > 
> > The answer seems to be that we use disp_del_at_next_stop if we hit the
> > _watchpoint_, but not if we hit the related breakpoint.  When we delete
> > it we ought to be deleting its related breakpoint too (they point to
> > each other).  But we don't.  The only things we ever do with
> > related_breakpoints are set their dispositions.
> 
> Sorry, I'm not sure I understand correctly what you are saying,
> because of the ambiguous use of "it" and "its".  This sentence is the
> most ambiguous for me:
> 
> > When we delete it we ought to be deleting its related breakpoint too
> > (they point to each other).
> 
> Who is "it" here?  If it's the watchpoint, then I don't understand
> your reasoning, because if the scope breakpoint rather than the
> watchpoint itself triggered, we don't delete anything.

"it" was intended to be the scope breakpoint.  Sorry, I had to read
that three times to work out what I meant, and it was only yesterday.

If the scope breakpoint triggers, we delete it.  From watch_command_1:
          /* Automatically delete the breakpoint when it hits.  */
          scope_breakpoint->disposition = disp_del;

That's what's happening in this case.  Then, shortly thereafter, the
watchpoint triggers.  That's when we detect that it has gone out of
scope, and set it to delete at next stop; and we crash, because we
already deleted the scope breakpoint when it was hit.

> > > Please look at the comments at breakpoint.c:6723 and breakpoint.c:1325.
> > 
> > The comment at 6723 doesn't apply to this case, because that's bpstats
> > dangling a pointer; the breakpoint chain should never do this.
> 
> ??? My interpretation of that comment is that a breakpoint/watchpoint
> that was already deleted should have its type set to bp_none, and in
> that case we don't delete it again.  What am I missing?

Generally, when we delete a breakpoint, we free it; so it doesn't
matter what its type gets set to.

  /* On the chance that someone will soon try again to delete this same
     bp, we mark it as deleted before freeing its storage. */
  bpt->type = bp_none;

  xfree (bpt->loc);
  xfree (bpt);

All the code surrounding bp_none is horribly bogus; we're walking freed
memory if we hit it.  I don't know if it still triggers today; probably
it does in some cases, and no one's been brave enough to fix them.

-- 
Daniel Jacobowitz
CodeSourcery, LLC

next prev parent reply	other threads:[~2005-03-29 21:43 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-03-25 16:12 Bob Rossi
2005-03-25 16:25 ` gdbserver question james osburn
2005-03-25 16:33   ` Daniel Jacobowitz
2005-03-26 13:27 ` [mi] watchpoint-scope exec async command Eli Zaretskii
2005-03-26 13:44   ` Bob Rossi
2005-03-27 14:10   ` Bob Rossi
2005-03-28 21:57   ` Bob Rossi
2005-03-28 22:40     ` Daniel Jacobowitz
2005-03-28 22:54       ` Bob Rossi
2005-03-28 22:59         ` Daniel Jacobowitz
2005-03-29  0:43           ` Bob Rossi
2005-03-29  1:35             ` Daniel Jacobowitz
2005-03-29  1:51               ` Bob Rossi
2005-03-29  2:00                 ` Daniel Jacobowitz
2005-03-29 21:33                   ` Eli Zaretskii
2005-03-29 21:39                     ` Mark Kettenis
2005-03-29 21:47                       ` Bob Rossi
2005-03-30  5:15                       ` Eli Zaretskii
2005-03-29 21:43                     ` Daniel Jacobowitz [this message]
2005-03-30 20:10                       ` Eli Zaretskii
2005-03-31  0:49                         ` Bob Rossi
2005-03-31  4:43                           ` Eli Zaretskii
2005-03-31 19:59                             ` Bob Rossi
2005-04-01  8:10                               ` Eli Zaretskii
2005-04-01 14:09                                 ` Daniel Jacobowitz
2005-04-02  9:54                                   ` Eli Zaretskii
2005-04-06  2:13                                     ` Bob Rossi
2005-04-06  3:51                                       ` Eli Zaretskii
2005-03-31  2:32                         ` Daniel Jacobowitz
2005-03-31  4:48                           ` Eli Zaretskii
2005-03-31  6:00                             ` Daniel Jacobowitz
2005-03-31 19:49                               ` Eli Zaretskii
2005-03-29 23:29                     ` Bob Rossi
2005-03-30  5:12                       ` Eli Zaretskii
2005-03-30  0:29                     ` Bob Rossi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050329214414.GA3498@nevyn.them.org \
    --to=drow@false.org \
    --cc=eliz@gnu.org \
    --cc=gdb@sources.redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox