[Bug backtrace/25239] New: gdb crashes when setting $rip in inline_frame_this_id()

avi@cloudius-systems.com sourceware-bugzilla@sourceware.org
Sun Dec 1 13:05:00 GMT 2019 

https://sourceware.org/bugzilla/show_bug.cgi?id=25239

            Bug ID: 25239
           Summary: gdb crashes when setting $rip in
                    inline_frame_this_id()
           Product: gdb
           Version: HEAD
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: backtrace
          Assignee: unassigned at sourceware dot org
          Reporter: avi@cloudius-systems.com
  Target Milestone: ---

I have a user-level threading library, and a gdb Python extension that switches
registers. As soon as it tries to switch $rip it crashes with:

../../gdb/inline-frame.c:160: internal-error: void
inline_frame_this_id(frame_info*, void**, frame_id*): Assertion `!frame_id_eq
(*this_id, outer_frame_id)' failed.

This used to work.


(gdb) bt
#0  0x00007fee93ae0625 in raise () from /lib64/libc.so.6
#1  0x00007fee93ac98d9 in abort () from /lib64/libc.so.6
#2  0x00005637b4d7c65d in dump_core() ()
#3  0x00005637b4d80d15 in internal_vproblem(internal_problem*, char const*,
int, char const*, __va_list_tag*) ()
#4  0x00005637b4d80f11 in internal_verror(char const*, int, char const*,
__va_list_tag*) ()
#5  0x00005637b4b35d05 in internal_error(char const*, int, char const*, ...) ()
#6  0x00005637b4b80376 in inline_frame_this_id(frame_info*, void**, frame_id*)
()
#7  0x00005637b4b1cb3a in compute_frame_id(frame_info*) ()
#8  0x00005637b4b1d148 in get_prev_frame_if_no_cycle(frame_info*) ()
#9  0x00005637b4b1ed80 in get_prev_frame_always_1(frame_info*) ()
#10 0x00005637b4b1f3d0 in get_prev_frame_always(frame_info*) ()
#11 0x00005637b4b1f668 in get_prev_frame(frame_info*) ()
#12 0x00005637b4b20233 in frame_find_by_id(frame_id) ()
#13 0x00005637b4d8aaec in value_assign(value*, value*) ()
#14 0x00005637b4b09058 in evaluate_subexp_standard(type*, expression*, int*,
noside) ()
#15 0x00005637b4a4ffca in evaluate_subexp_c(type*, expression*, int*, noside)
()
#16 0x00005637b4b03780 in evaluate_subexp(type*, expression*, int*, noside) ()
#17 0x00005637b4b03b71 in evaluate_expression(expression*) ()
#18 0x00005637b4c201ab in set_command(char const*, int) ()
#19 0x00005637b4a61a6a in cmd_func(cmd_list_element*, char const*, int) ()
#20 0x00005637b4d462a0 in execute_command(char const*, int) ()
#21 0x00005637b4a696fb in execute_control_command_1(command_line*, int) ()
#22 0x00005637b4a69a4a in execute_control_command(command_line*, int) ()
#23 0x00005637b4a69ada in execute_control_commands(command_line*, int) ()
#24 0x00005637b4c545cd in execute_gdb_command(_object*, _object*, _object*) ()
#25 0x00007fee9430e6c8 in _PyMethodDef_RawFastCallKeywords () from
/lib64/libpython3.7m.so.1.0
#26 0x00007fee9430e7c3 in _PyCFunction_FastCallKeywords () from
/lib64/libpython3.7m.so.1.0
#27 0x00007fee94341503 in call_function () from /lib64/libpython3.7m.so.1.0
#28 0x00007fee9437c4c2 in _PyEval_EvalFrameDefault () from
/lib64/libpython3.7m.so.1.0
#29 0x00007fee9432fc02 in _PyFunction_FastCallKeywords () from
/lib64/libpython3.7m.so.1.0
#30 0x00007fee943413ef in call_function () from /lib64/libpython3.7m.so.1.0
#31 0x00007fee94377b0c in _PyEval_EvalFrameDefault () from
/lib64/libpython3.7m.so.1.0
#32 0x00007fee9432fc02 in _PyFunction_FastCallKeywords () from
/lib64/libpython3.7m.so.1.0
#33 0x00007fee943413ef in call_function () from /lib64/libpython3.7m.so.1.0
#34 0x00007fee94377b0c in _PyEval_EvalFrameDefault () from
/lib64/libpython3.7m.so.1.0
#35 0x00007fee9433026a in _PyFunction_FastCallDict () from
/lib64/libpython3.7m.so.1.0
#36 0x00007fee94303e26 in _PyObject_Call_Prepend () from
/lib64/libpython3.7m.so.1.0
#37 0x00007fee942ffb45 in _PyObject_FastCallDict () from
/lib64/libpython3.7m.so.1.0
#38 0x00007fee9430d35f in object_vacall () from /lib64/libpython3.7m.so.1.0
#39 0x00007fee94351b7d in PyObject_CallMethodObjArgs () from
/lib64/libpython3.7m.so.1.0
#40 0x00005637b4c353c5 in cmdpy_function(cmd_list_element*, char const*, int)
()
#41 0x00005637b4a61a6a in cmd_func(cmd_list_element*, char const*, int) ()
#42 0x00005637b4d462a0 in execute_command(char const*, int) ()
#43 0x00005637b4b0c4b5 in command_handler(char const*) ()
#44 0x00005637b4b0d5b1 in command_line_handler(std::unique_ptr<char,
gdb::xfree_deleter<char> >&&) ()
#45 0x00005637b4b0cd1c in gdb_rl_callback_handler(char*) ()
#46 0x00007fee9464018e in rl_callback_read_char () from /lib64/libreadline.so.8
#47 0x00005637b4b0bfd6 in gdb_rl_callback_read_char_wrapper_noexcept() ()
#48 0x00005637b4b0cbd5 in gdb_rl_callback_read_char_wrapper(void*) ()
#49 0x00005637b4b0bef8 in stdin_event_handler(int, void*) ()
#50 0x00005637b4b0ac46 in gdb_wait_for_event(int) ()
#51 0x00005637b4b0b12c in gdb_do_one_event() [clone .part.0] ()
#52 0x00005637b4b0b23e in start_event_loop() ()
#53 0x00005637b4bb85bb in captured_command_loop() ()
#54 0x00005637b4bb9a85 in gdb_main(captured_main_args*) ()
#55 0x00005637b49a7f70 in main ()

I can supply a reproducer (quite large).

gdb-8.3.50.20190824-25.fc31.x86_64

-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the Gdb-prs mailing list