This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch] segmentation fault at gdbserver
- From: Pedro Alves <pedro at codesourcery dot com>
- To: gdb-patches at sourceware dot org
- Cc: Liang Cheng <liang dot cheng555 at gmail dot com>
- Date: Fri, 1 Jul 2011 10:51:10 +0100
- Subject: Re: [patch] segmentation fault at gdbserver
- References: <BANLkTim6=jeGyYoHBBy=jM5n0tFj2obnNA@mail.gmail.com> <BANLkTik+S90C=sO2uYDr95UYZHE4PK_tgg@mail.gmail.com>
Thanks, I'll try to take a look soon. I suspect there
may be something more to this, though.
--
Pedro Alves
On Monday 27 June 2011 18:18:11, Liang Cheng wrote:
> Hi Pedro,
>
> Can you please review this change?
> thanks
> Liang
>
> 2011-06-27 Liang Cheng <liang.cheng555@gmail.com>
>
> * tracepoint.c (cmd_qtstatus): Check whether current_inferior is NULL.
>
>
> --- tracepoint.c.orig 2011-05-12 07:09:18.000000000 -0500
> +++ tracepoint.c 2011-06-22 14:05:13.553993630 -0500
> @@ -3159,7 +3159,7 @@
> trace_debug ("Returning trace status as %d, stop reason %s",
> tracing, tracing_stop_reason);
>
> - if (in_process_agent_loaded ())
> + if (in_process_agent_loaded () && current_inferior != NULL)
> {
> pause_all (1);
>
> On Fri, Jun 24, 2011 at 5:15 PM, Liang Cheng <liang.cheng555@gmail.com> wrote:
> > The repro step is:
> > 1. compile and link the test app (which contains an infinite loop)
> > against libinproctrace.so
> > 2. run the app
> > 3. start gdbserver in multiprocess mode (e.g. gdbserver --multi :5040)
> > 3. attach the running process in gdb
> > 4. detach
> > 5. quit
> >
> > Note: I did not setup any tracepoints during the experiment.
> > But at step 5, gdbserver will get segmentation fault. The
> > segmentation fault is caused by de-referencing a null pointer
> > variable: *current_inferior*. But this issue may be exposed as well
> > even you have tracepoints setup.
> >
> > The two commands "detach" and "quit" at gdb side would issue
> > *remote_get_trace_status* function call respectively in the
> > form of "qTStatus". In the handle of gdbserver side for this
> > event gdbserver/tracepoint.c::cmd_qtstatus calls
> > upload_fast_traceframes() in case the libinproctrace.so is loaded.
> > Upload_fast_traceframes() eventually references the *current_inferior*
> > , which is null at the 2nd call of cmd_qtstatus.
> >
> > Current_inferior is set to NULL at gdbserver after receiving *detach*.
> > (server.c:2751). So at the time of "quit", the pointer is already NULL.
> >
> > OK to apply the patch below?
> >
> > Thanks
> > Liang
> >
> > --- tracepoint.c.orig 2011-05-12 07:09:18.000000000 -0500
> > +++ tracepoint.c 2011-06-22 14:05:13.553993630 -0500
> > @@ -3159,7 +3159,7 @@
> > trace_debug ("Returning trace status as %d, stop reason %s",
> > tracing, tracing_stop_reason);
> >
> > - if (in_process_agent_loaded ())
> > + if (in_process_agent_loaded () && current_inferior != NULL)
> > {
> > pause_all (1);
> >
>