public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
From: "vries at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug gdb/26614] UNRESOLVED: gdb.multi/multi-target.exp: continue: non-stop=on: inferior 5
Date: Tue, 15 Sep 2020 09:41:03 +0000 [thread overview]
Message-ID: <bug-26614-4717-DXi5WvxzQq@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-26614-4717@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=26614
--- Comment #4 from Tom de Vries <vries at gcc dot gnu.org> ---
Did same as in comment 0, but build gdb with -fsanitizer=address and gcc-11,
and started a loop on the test-case, saving logs after each run. After a bit
of running we have:
...
$ grep -ic AddressSanitizer tmp.*/gdb.log
tmp.10/gdb.log:2
tmp.11/gdb.log:0
tmp.12/gdb.log:0
tmp.13/gdb.log:0
tmp.14/gdb.log:2
tmp.15/gdb.log:0
tmp.1/gdb.log:0
tmp.2/gdb.log:0
tmp.3/gdb.log:0
tmp.4/gdb.log:2
tmp.5/gdb.log:0
tmp.6/gdb.log:0
tmp.7/gdb.log:0
tmp.8/gdb.log:0
tmp.9/gdb.log:0
...
The tmp.4 one in more detail:
...
(gdb) PASS: gdb.multi/multi-target.exp: continue: non-stop=on: inferior 2
Remote debugging from host ::1, port 39192
Process
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.multi/multi-target/multi-target
created; pid = 7222
monitor exit
Killing process(es): 7222
FAIL: gdb.multi/multi-target.exp: continue: non-stop=on: $read_prompt
inferior 5
(gdb) PASS: gdb.multi/multi-target.exp: continue: non-stop=on: inferior 5
Remote debugging from host ::1, port 45000
Process
/home/vries/gdb_versions/devel/build/gdb/testsuite/outputs/gdb.multi/multi-target/multi-target
created; pid = 7234
=================================================================
==7196==ERROR: AddressSanitizer: heap-use-after-free on address 0x6170000bf258
at pc 0x000001481755 bp 0x7fff05b20840 sp 0x7fff05b20838
READ of size 8 at 0x6170000bf258 thread T0
#0 0x1481754 in std::_Hashtable<gdbarch*, std::pair<gdbarch* const,
remote_arch_state>, std::allocator<std::pair<gdbarch* const, remote_arch_state>
>, std::__detail::_Select1st, std::equal_to<gdbarch*>, std::hash<gdbarch*>,
std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash,
std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false,
false, true> >::_M_bucket_index(unsigned long) const
/usr/include/c++/11/bits/hashtable.h:719
#1 0x147c8ab in std::_Hashtable<gdbarch*, std::pair<gdbarch* const,
remote_arch_state>, std::allocator<std::pair<gdbarch* const, remote_arch_state>
>, std::__detail::_Select1st, std::equal_to<gdbarch*>, std::hash<gdbarch*>,
std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash,
std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false,
false, true> >::find(gdbarch* const&) /usr/include/c++/11/bits/hashtable.h:1500
#2 0x147852c in std::unordered_map<gdbarch*, remote_arch_state,
std::hash<gdbarch*>, std::equal_to<gdbarch*>, std::allocator<std::pair<gdbarch*
const, remote_arch_state> > >::find(gdbarch* const&)
/usr/include/c++/11/bits/unordered_map.h:869
#3 0x14306db in remote_state::get_remote_arch_state(gdbarch*)
/home/vries/gdb_versions/devel/src/gdb/remote.c:1203
#4 0x14309dc in remote_target::get_remote_state()
/home/vries/gdb_versions/devel/src/gdb/remote.c:1232
#5 0x1470c08 in remote_async_inferior_event_handler
/home/vries/gdb_versions/devel/src/gdb/remote.c:14169
#6 0xaa9f6b in check_async_event_handlers()
/home/vries/gdb_versions/devel/src/gdb/async-event.c:295
#7 0x1e93ab4 in gdb_do_one_event()
/home/vries/gdb_versions/devel/src/gdbsupport/event-loop.cc:194
#8 0x118f5f9 in start_event_loop
/home/vries/gdb_versions/devel/src/gdb/main.c:356
#9 0x118f8ed in captured_command_loop
/home/vries/gdb_versions/devel/src/gdb/main.c:416
#10 0x1192d6a in captured_main
/home/vries/gdb_versions/devel/src/gdb/main.c:1253
#11 0x1192dfa in gdb_main(captured_main_args*)
/home/vries/gdb_versions/devel/src/gdb/main.c:1268
#12 0x97b380 in main /home/vries/gdb_versions/devel/src/gdb/gdb.c:32
#13 0x7f550c211349 in __libc_start_main ../csu/libc-start.c:308
#14 0x97b199 in _start
(/home/vries/gdb_versions/devel/build/gdb/gdb+0x97b199)
0x6170000bf258 is located 600 bytes inside of 648-byte region
[0x6170000bf000,0x6170000bf288)
freed by thread T0 here:
#0 0x7f550f516a57 in operator delete(void*, unsigned long)
(/usr/lib64/libasan.so.6+0xaea57)
#1 0x148b1fe in extended_remote_target::~extended_remote_target()
/home/vries/gdb_versions/devel/src/gdb/remote.c:958
#2 0x143b483 in remote_target::close()
/home/vries/gdb_versions/devel/src/gdb/remote.c:4074
#3 0x16cb90f in target_close(target_ops*)
/home/vries/gdb_versions/devel/src/gdb/target.c:3230
#4 0x16a2635 in decref_target(target_ops*)
/home/vries/gdb_versions/devel/src/gdb/target.c:557
#5 0x16a2abb in target_stack::unpush(target_ops*)
/home/vries/gdb_versions/devel/src/gdb/target.c:645
#6 0x16d01ef in inferior::unpush_target(target_ops*)
/home/vries/gdb_versions/devel/src/gdb/inferior.h:356
#7 0x16a2877 in unpush_target(target_ops*)
/home/vries/gdb_versions/devel/src/gdb/target.c:607
#8 0x16a2adf in unpush_target_and_assert
/home/vries/gdb_versions/devel/src/gdb/target.c:655
#9 0x16a2c57 in pop_all_targets_at_and_above(strata)
/home/vries/gdb_versions/devel/src/gdb/target.c:678
#10 0x1442749 in remote_unpush_target
/home/vries/gdb_versions/devel/src/gdb/remote.c:5522
#11 0x1458c16 in remote_target::readchar(int)
/home/vries/gdb_versions/devel/src/gdb/remote.c:9137
#12 0x145b25b in remote_target::getpkt_or_notif_sane_1(std::vector<char,
gdb::default_init_allocator<char, std::allocator<char> > >*, int, int, int*)
/home/vries/gdb_versions/devel/src/gdb/remote.c:9683
#13 0x145bc9a in remote_target::getpkt_sane(std::vector<char,
gdb::default_init_allocator<char, std::allocator<char> > >*, int)
/home/vries/gdb_versions/devel/src/gdb/remote.c:9790
#14 0x145b040 in remote_target::getpkt(std::vector<char,
gdb::default_init_allocator<char, std::allocator<char> > >*, int)
/home/vries/gdb_versions/devel/src/gdb/remote.c:9623
#15 0x145780b in remote_target::remote_read_bytes_1(unsigned long, unsigned
char*, unsigned long, int, unsigned long*)
/home/vries/gdb_versions/devel/src/gdb/remote.c:8860
#16 0x145805e in remote_target::remote_read_bytes(unsigned long, unsigned
char*, unsigned long, int, unsigned long*)
/home/vries/gdb_versions/devel/src/gdb/remote.c:8987
#17 0x146113a in remote_target::xfer_partial(target_object, char const*,
unsigned char*, unsigned char const*, unsigned long, unsigned long, unsigned
long*) /home/vries/gdb_versions/devel/src/gdb/remote.c:10987
#18 0x16a4004 in raw_memory_xfer_partial(target_ops*, unsigned char*,
unsigned char const*, unsigned long, long, unsigned long*)
/home/vries/gdb_versions/devel/src/gdb/target.c:918
#19 0x16a4fcf in target_xfer_partial(target_ops*, target_object, char
const*, unsigned char*, unsigned char const*, unsigned long, unsigned long,
unsigned long*) /home/vries/gdb_versions/devel/src/gdb/target.c:1156
#20 0x16a5d65 in target_read_partial
/home/vries/gdb_versions/devel/src/gdb/target.c:1387
#21 0x16a5f19 in target_read(target_ops*, target_object, char const*,
unsigned char*, unsigned long, long)
/home/vries/gdb_versions/devel/src/gdb/target.c:1427
#22 0x16a5666 in target_read_raw_memory(unsigned long, unsigned char*,
long) /home/vries/gdb_versions/devel/src/gdb/target.c:1260
#23 0xd22f2a in dcache_read_line
/home/vries/gdb_versions/devel/src/gdb/dcache.c:336
#24 0xd232b7 in dcache_peek_byte
/home/vries/gdb_versions/devel/src/gdb/dcache.c:403
#25 0xd23845 in dcache_read_memory_partial(target_ops*, dcache_struct*,
unsigned long, unsigned char*, unsigned long, unsigned long*)
/home/vries/gdb_versions/devel/src/gdb/dcache.c:484
#26 0x16a47da in memory_xfer_partial_1
/home/vries/gdb_versions/devel/src/gdb/target.c:1041
#27 0x16a4a1e in memory_xfer_partial
/home/vries/gdb_versions/devel/src/gdb/target.c:1084
#28 0x16a4f44 in target_xfer_partial(target_ops*, target_object, char
const*, unsigned char*, unsigned char const*, unsigned long, unsigned long,
unsigned long*) /home/vries/gdb_versions/devel/src/gdb/target.c:1141
#29 0x18203d4 in read_value_memory(value*, long, int, unsigned long,
unsigned char*, unsigned long)
/home/vries/gdb_versions/devel/src/gdb/valops.c:956
previously allocated by thread T0 here:
#0 0x7f550f515c37 in operator new(unsigned long)
(/usr/lib64/libasan.so.6+0xadc37)
#1 0x14429f0 in remote_target::open_1(char const*, int, int)
/home/vries/gdb_versions/devel/src/gdb/remote.c:5562
#2 0x14405e6 in extended_remote_target::open(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/remote.c:4907
#3 0x16a0f3c in open_target
/home/vries/gdb_versions/devel/src/gdb/target.c:242
#4 0xc19ff5 in do_sfunc
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:111
#5 0xc221db in cmd_func(cmd_list_element*, char const*, int)
/home/vries/gdb_versions/devel/src/gdb/cli/cli-decode.c:2181
#6 0x16feda6 in execute_command(char const*, int)
/home/vries/gdb_versions/devel/src/gdb/top.c:668
#7 0xee9dc9 in command_handler(char const*)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:588
#8 0xeea6a8 in command_line_handler(std::unique_ptr<char,
gdb::xfree_deleter<char> >&&)
/home/vries/gdb_versions/devel/src/gdb/event-top.c:773
#9 0xee8a12 in gdb_rl_callback_handler
/home/vries/gdb_versions/devel/src/gdb/event-top.c:219
#10 0x7f550f24aead in rl_callback_read_char
(/lib64/libreadline.so.7+0x31ead)
SUMMARY: AddressSanitizer: heap-use-after-free
/usr/include/c++/11/bits/hashtable.h:719 in std::_Hashtable<gdbarch*,
std::pair<gdbarch* const, remote_arch_state>, std::allocator<std::pair<gdbarch*
const, remote_arch_state> >, std::__detail::_Select1st,
std::equal_to<gdbarch*>, std::hash<gdbarch*>,
std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash,
std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false,
false, true> >::_M_bucket_index(unsigned long) const
Shadow bytes around the buggy address:
0x0c2e8000fdf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2e8000fe00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c2e8000fe10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c2e8000fe20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c2e8000fe30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c2e8000fe40: fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd
0x0c2e8000fe50: fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2e8000fe60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c2e8000fe70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c2e8000fe80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c2e8000fe90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==7196==ABORTING
Killing process(es): 7234
FAIL: gdb.multi/multi-target.exp: continue: non-stop=on: $read_prompt
...
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2020-09-15 9:41 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-14 14:50 [Bug gdb/26614] New: " vries at gcc dot gnu.org
2020-09-14 14:52 ` [Bug gdb/26614] " vries at gcc dot gnu.org
2020-09-14 14:52 ` vries at gcc dot gnu.org
2020-09-14 14:56 ` vries at gcc dot gnu.org
2020-09-14 15:14 ` vries at gcc dot gnu.org
2020-09-15 9:41 ` vries at gcc dot gnu.org [this message]
2020-09-15 9:42 ` vries at gcc dot gnu.org
2020-09-15 10:14 ` [Bug remote/26614] AddressSanitizer: heap-use-after-free of extended_remote_target in remote_async_inferior_event_handler vries at gcc dot gnu.org
2020-09-25 23:58 ` palves at redhat dot com
2020-09-29 13:25 ` vries at gcc dot gnu.org
2020-11-29 9:19 ` vries at gcc dot gnu.org
2020-11-29 10:20 ` vries at gcc dot gnu.org
2020-11-29 11:24 ` vries at gcc dot gnu.org
2020-11-29 14:53 ` simark at simark dot ca
2020-11-29 15:15 ` simark at simark dot ca
2020-11-30 10:32 ` vries at gcc dot gnu.org
2020-11-30 11:02 ` vries at gcc dot gnu.org
2020-11-30 12:06 ` vries at gcc dot gnu.org
2020-11-30 14:11 ` simark at simark dot ca
2020-11-30 14:35 ` vries at gcc dot gnu.org
2020-11-30 14:57 ` simark at simark dot ca
2020-11-30 15:00 ` palves at redhat dot com
2020-11-30 15:10 ` simark at simark dot ca
2021-01-07 12:27 ` vries at gcc dot gnu.org
2021-01-07 12:34 ` vries at gcc dot gnu.org
2021-01-07 13:40 ` vries at gcc dot gnu.org
2021-01-07 16:10 ` vries at gcc dot gnu.org
2021-01-07 20:41 ` cvs-commit at gcc dot gnu.org
2021-01-31 6:16 ` brobecker at gnat dot com
2021-01-31 6:58 ` vries at gcc dot gnu.org
2021-01-31 7:16 ` vries at gcc dot gnu.org
2021-02-04 18:43 ` simark at simark dot ca
2021-06-27 17:52 ` ahmedsayeed1982 at yahoo dot com
2021-08-10 11:45 ` ucelsanicin at yahoo dot com
2021-08-18 13:42 ` jamesrogan59 at gmail dot com
2021-08-19 5:53 ` ucelsanicin at yahoo dot com
2021-09-02 11:00 ` donipah907 at mtlcz dot com
2021-09-02 11:18 ` mark at klomp dot org
2021-09-06 9:09 ` focixujo at livinginsurance dot co.uk
2021-09-10 19:40 ` mehmetgelisin at aol dot com
2021-09-14 17:29 ` johnb6174 at gmail dot com
2021-09-26 13:31 ` tes.vik1986 at gmail dot com
2021-10-09 11:00 ` gulsenenginar at aol dot com
2021-10-17 19:48 ` vmireskazki at gmail dot com
2021-10-19 7:15 ` progonsaytu at gmail dot com
2021-10-23 13:46 ` fiteva5725 at bomoads dot com
2021-10-24 10:03 ` glassmtech at ukr dot net
2021-11-06 21:12 ` paneki8601 at dukeoo dot com
2021-11-10 14:11 ` bryanmcsp at gmail dot com
2021-11-13 19:31 ` tesaso8237 at funboxcn dot com
2021-11-16 11:05 ` mrsrvic at yahoo dot com
2021-11-16 19:04 ` xecana8007 at funboxcn dot com
2021-11-16 19:08 ` xecana8007 at funboxcn dot com
2021-11-16 19:12 ` xecana8007 at funboxcn dot com
2021-11-22 7:38 ` gexed96894 at keagenan dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-26614-4717-DXi5WvxzQq@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=gdb-prs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).