This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[commit] remote -> close -> generic_mourn -> TUI crash.


If you happen to be connected to a remote target, using the TUI,
with the asm view open ("layout asm"), and then issue a "quit" to bail
out of GDB, GDB segfaults.  Most of the backtrace is uninteresting,
so here's a cut down version:

#0  0x00000000005c079f in serial_write (scb=0x0, str=0x7fffc4fbdab0 "$Hg0#df", len=7) at ../../src/gdb/serial.c:411
                                        ^^^^^^^
#1  0x000000000048bfa5 in putpkt_binary (buf=0xc66580 "Hg0", cnt=3) at ../../src/gdb/remote.c:6049
#2  0x000000000048bdc1 in putpkt (buf=0xc66580 "Hg0") at ../../src/gdb/remote.c:5981
:
#5  0x000000000048e28a in remote_xfer_partial (ops=0xace3c0, object=TARGET_OBJECT_MEMORY, annex=0x0,
:
#8  0x000000000054543b in target_xfer_partial (ops=0xae8740, object=TARGET_OBJECT_MEMORY, annex=0x0,
    readbuf=0x7fffc4fbe0b8, writebuf=0x0, offset=4236757, len=1) at ../../src/gdb/target.c:1175
:
#11 0x0000000000545685 in target_read_memory (memaddr=4236757, myaddr=0x7fffc4fbe0b8 "...", len=1)
    at ../../src/gdb/target.c:1247
#12 0x00000000004d73eb in dis_asm_read_memory (memaddr=4236757, myaddr=0x7fffc4fbe0b8 "...", len=1,
    info=0x7fffc4fbe380) at ../../src/gdb/disasm.c:51
:
#20 0x00000000004b1389 in tui_disassemble (asm_lines=0x7fffc4fbe4c0, pc=4236757, count=20)
    at ../../src/gdb/tui/tui-disasm.c:75
:
#25 0x00000000004baf82 in tui_update_source_windows_with_addr (addr=4236757) at ../../src/gdb/tui/tui-winsource.c:144
#26 0x00000000004bade5 in tui_display_main () at ../../src/gdb/tui/tui-winsource.c:57
#27 0x00000000004b2ee0 in tui_detach_hook () at ../../src/gdb/tui/tui-hooks.c:244
#28 0x000000000054785b in generic_mourn_inferior () at ../../src/gdb/target.c:2496
#29 0x000000000048571b in remote_close (quitting=0) at ../../src/gdb/remote.c:2402
#30 0x0000000000547aff in target_close (targ=0xace3c0, quitting=0) at ../../src/gdb/target.c:2592
#31 0x0000000000544967 in unpush_target (t=0xace3c0) at ../../src/gdb/target.c:786
#32 0x000000000048cb2e in remote_mourn_1 (target=0xace3c0) at ../../src/gdb/remote.c:6605
#33 0x000000000048cb17 in remote_mourn (ops=0xace3c0) at ../../src/gdb/remote.c:6598
#34 0x0000000000546b49 in target_mourn_inferior () at ../../src/gdb/target.c:1941
#35 0x000000000048c9cc in remote_kill (ops=0xace3c0) at ../../src/gdb/remote.c:6541
#36 0x0000000000543788 in target_kill () at ../../src/gdb/target.c:268
#37 0x000000000045a031 in kill_or_detach (inf=0xc656b0, args=0x7fffc4fbebf0) at ../../src/gdb/top.c:1235
#38 0x0000000000461f85 in iterate_over_inferiors (callback=0x459fb4 <kill_or_detach>, data=0x7fffc4fbebf0)
    at ../../src/gdb/inferior.c:226
#39 0x000000000045a064 in quit_target (arg=0x7fffc4fbebf0) at ../../src/gdb/top.c:1250

The crash is due to remote_desc being NULL, which indicates that we
are trying to talk to the remote side when the target is
mostly closed, but not unpushed yet.

The problem starts at frame 28.  The call to tui_detach_hook from
within generic_mourn_inferior happens since tui_detach_hook is what
is registered as deprecated_detach_hook.  This callback assumes the
target is still active.

I had moved the call to generic_mourn_inferior to remote_close
a while ago, since at the time, even in multi-process,
generic_mourn_inferior was only called once when the target was
being closed.  Calling it here meant that the call was shared
between remote and extended remote.  I've some some cleaning
up since, and now even in extended/multi-process, generic_mourn_inferior
is called whenever we mourn a single inferior.  This means that
I can move back the generic_mourn_inferior call to
remote_mourn_1, like below.

Checked in.  Crash fixed.  Long live the TUI!

-- 
Pedro Alves

2009-03-18  Pedro Alves  <pedro@codesourcery.com>

	* remote.c (remote_close): Don't call generic_mourn_inferior.
	(remote_mourn_1): Call generic_mourn_inferior after closing the
	target.

---
 gdb/remote.c |    5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

Index: src/gdb/remote.c
===================================================================
--- src.orig/gdb/remote.c	2009-03-18 01:35:33.000000000 +0000
+++ src/gdb/remote.c	2009-03-18 01:51:02.000000000 +0000
@@ -2398,8 +2398,6 @@ remote_close (int quitting)
     delete_async_event_handler (&remote_async_inferior_event_token);
   if (remote_async_get_pending_events_token)
     delete_async_event_handler (&remote_async_get_pending_events_token);
-
-  generic_mourn_inferior ();
 }
 
 /* Query the remote side for the text, data and bss offsets.  */
@@ -6604,7 +6602,8 @@ remote_mourn_1 (struct target_ops *targe
 {
   unpush_target (target);
 
-  /* remote_close takes care of cleaning up.  */
+  /* remote_close takes care of doing most of the clean up.  */
+  generic_mourn_inferior ();
 }
 
 static int


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]