diff options
| author | Pedro Alves <palves@redhat.com> | 2015-04-01 13:38:06 +0100 |
|---|---|---|
| committer | Pedro Alves <palves@redhat.com> | 2015-04-01 13:38:06 +0100 |
| commit | 4eec2deb06db4a59966fc0669bf861fd92a4b152 (patch) | |
| tree | 9a4a9df0ae987848669f0675b033b3325c79e19f /gdb/linux-thread-db.c | |
| parent | 4106101c449e53dd6b61ec824b196f84b3f3daa5 (diff) | |
Crash on thread id wrap around
On GNU/Linux, if the target reuses the TID of a thread that GDB still
has in its list marked as THREAD_EXITED, GDB crashes, like:
(gdb) continue
Continuing.
src/gdb/thread.c:789: internal-error: set_running: Assertion `tp->state != THREAD_EXITED' failed.
A problem internal to GDB has been detected,
further debugging may prove unreliable.
Quit this debugging session? (y or n) FAIL: gdb.threads/tid-reuse.exp: continue to breakpoint: after_reuse_time (GDB internal error)
Here:
(top-gdb) bt
#0 internal_error (file=0x953dd8 "src/gdb/thread.c", line=789, fmt=0x953da0 "%s: Assertion `%s' failed.")
at src/gdb/common/errors.c:54
#1 0x0000000000638514 in set_running (ptid=..., running=1) at src/gdb/thread.c:789
#2 0x00000000004bda42 in linux_handle_extended_wait (lp=0x16f5760, status=0, stopping=0) at src/gdb/linux-nat.c:2114
#3 0x00000000004bfa24 in linux_nat_filter_event (lwpid=20570, status=198015) at src/gdb/linux-nat.c:3127
#4 0x00000000004c070e in linux_nat_wait_1 (ops=0xe193d0, ptid=..., ourstatus=0x7fffffffd2c0, target_options=1) at src/gdb/linux-nat.c:3478
#5 0x00000000004c1015 in linux_nat_wait (ops=0xe193d0, ptid=..., ourstatus=0x7fffffffd2c0, target_options=1) at src/gdb/linux-nat.c:3722
#6 0x00000000004c92d2 in thread_db_wait (ops=0xd80b60 <thread_db_ops>, ptid=..., ourstatus=0x7fffffffd2c0, options=1)
at src/gdb/linux-thread-db.c:1525
#7 0x000000000066db43 in delegate_wait (self=0xd80b60 <thread_db_ops>, arg1=..., arg2=0x7fffffffd2c0, arg3=1) at src/gdb/target-delegates.c:116
#8 0x000000000067e54b in target_wait (ptid=..., status=0x7fffffffd2c0, options=1) at src/gdb/target.c:2206
#9 0x0000000000625111 in fetch_inferior_event (client_data=0x0) at src/gdb/infrun.c:3275
#10 0x0000000000648a3b in inferior_event_handler (event_type=INF_REG_EVENT, client_data=0x0) at src/gdb/inf-loop.c:56
#11 0x00000000004c2ecb in handle_target_event (error=0, client_data=0x0) at src/gdb/linux-nat.c:4655
I managed to come up with a test that reliably reproduces this. It
spawns enough threads for the pid number space to wrap around, so
could potentially take a while. On my box that's 4 seconds; on
gcc110, a PPC box which has max_pid set to 65536, it's over 10
seconds. So I made the test compute how long that would take, and cap
the time waited if it would be unreasonably long.
Tested on x86_64 Fedora 20.
gdb/ChangeLog:
2015-04-01 Pedro Alves <palves@redhat.com>
* linux-thread-db.c (record_thread): Readd the thread to gdb's
list if it was marked exited.
gdb/testsuite/ChangeLog:
2015-04-01 Pedro Alves <palves@redhat.com>
* gdb.threads/tid-reuse.c: New file.
* gdb.threads/tid-reuse.exp: New file.
Diffstat (limited to 'gdb/linux-thread-db.c')
| -rw-r--r-- | gdb/linux-thread-db.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/gdb/linux-thread-db.c b/gdb/linux-thread-db.c index 88094a7bd9..886d8ac097 100644 --- a/gdb/linux-thread-db.c +++ b/gdb/linux-thread-db.c @@ -1346,8 +1346,10 @@ record_thread (struct thread_db_info *info, priv->tid = ti_p->ti_tid; update_thread_state (priv, ti_p); - /* Add the thread to GDB's thread list. */ - if (tp == NULL) + /* Add the thread to GDB's thread list. If we already know about a + thread with this PTID, but it's marked exited, then the kernel + reused the tid of an old thread. */ + if (tp == NULL || tp->state == THREAD_EXITED) tp = add_thread_with_info (ptid, priv); else tp->priv = priv; |