1069211 – gdb: stack overflow when reading debuginfo

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1069211 - gdb: stack overflow when reading debuginfo

Summary: gdb: stack overflow when reading debuginfo

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	gdb
Sub Component:
Version:	7.0
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Jan Kratochvil
QA Contact:	Miroslav Franc
Docs Contact:
URL:
Whiteboard:
Depends On:	1069382
Blocks:
TreeView+	depends on / blocked

Reported:	2014-02-24 13:25 UTC by Miroslav Franc
Modified:	2016-02-01 02:29 UTC (History)
CC List:	4 users (show)
Fixed In Version:	gdb-7.6.1-51.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-06-13 10:37:57 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Miroslav Franc 2014-02-24 13:25:08 UTC

Description of problem:
gdb segfaults when reading debuginfo


Version-Release number of selected component (if applicable):
gdb-7.6.1-50.el7.x86_64
gcc-debuginfo-4.8.2-13.el7.x86_64


How reproducible:
all the time on x86_64

Steps to Reproduce:
1. yum -y install gdb gcc-debuginfo
2. gdb -q -nx -readnow /usr/lib/debug/usr/bin/gnatbind.debug


Actual results:
segfault

Expected results:
no segfault


Additional info:
#0  0x00007ffff5c41a3d in vfprintf () from /lib64/libc.so.6
#1  0x00007ffff5d05535 in __vsnprintf_chk () from /lib64/libc.so.6
#2  0x00000000006bc945 in vsnprintf (__ap=0x7fffff7ff6e0, __fmt=0x92146a "%lx", __n=50, __s=0x32 <Address 0x32 out of bounds>) at /usr/include/bits/stdio2.h:77
#3  xsnprintf (str=str@entry=0xc2e57c <buf.27757+700> "", size=size@entry=50, format=format@entry=0x92146a "%lx") at ../../gdb/common/common-utils.c:148
#4  0x0000000000694b66 in phex_nz (l=<optimized out>, sizeof_l=sizeof_l@entry=8) at ../../gdb/utils.c:3058
#5  0x0000000000694c87 in hex_string (num=<optimized out>) at ../../gdb/utils.c:3079
#6  0x0000000000694cd8 in paddress (gdbarch=gdbarch@entry=0xf13f10, addr=<optimized out>, addr@entry=4529697) at ../../gdb/utils.c:2860
#7  0x0000000000629b41 in read_call_site_scope (cu=0x1182db0, die=0x13106d0) at ../../gdb/dwarf2read.c:9717
#8  process_die (die=die@entry=0x13106d0, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7219
#9  0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x13105c0) at ../../gdb/dwarf2read.c:9549
#10 process_die (die=die@entry=0x13105c0, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#11 0x000000000062c859 in read_lexical_block_scope (die=die@entry=0x13104d0, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:9654
#12 0x000000000062a3b5 in process_die (die=die@entry=0x13104d0, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7216
#13 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x1310400) at ../../gdb/dwarf2read.c:9549
#14 process_die (die=die@entry=0x1310400, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#15 0x000000000062c859 in read_lexical_block_scope (die=die@entry=0x130fd18, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:9654
#16 0x000000000062a3b5 in process_die (die=die@entry=0x130fd18, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7216
...

Comment 1 Miroslav Franc 2014-02-24 13:34:54 UTC

At first glance it seems to me like some kind of unbounded recursion...

...
#6758 process_die (die=die@entry=0x130fc90, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6759 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x130f980) at ../../gdb/dwarf2read.c:9549
#6760 process_die (die=die@entry=0x130f980, cu=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6761 0x000000000062b391 in inherit_abstract_dies (cu=0x1182db0, die=0xfc9600) at ../../gdb/dwarf2read.c:9432
#6762 read_func_scope (cu=0x1182db0, die=0xfc9600) at ../../gdb/dwarf2read.c:9554
#6763 process_die (die=die@entry=0x130fc90, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6764 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x130f980) at ../../gdb/dwarf2read.c:9549
#6765 process_die (die=die@entry=0x130f980, cu=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6766 0x000000000062b391 in inherit_abstract_dies (cu=0x1182db0, die=0xf813d0) at ../../gdb/dwarf2read.c:9432
#6767 read_func_scope (cu=0x1182db0, die=0xf813d0) at ../../gdb/dwarf2read.c:9554
#6768 process_die (die=die@entry=0x130fc90, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6769 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x130f980) at ../../gdb/dwarf2read.c:9549
#6770 process_die (die=die@entry=0x130f980, cu=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6771 0x000000000062b391 in inherit_abstract_dies (cu=0x1182db0, die=0xf813b0) at ../../gdb/dwarf2read.c:9432
#6772 read_func_scope (cu=0x1182db0, die=0xf813b0) at ../../gdb/dwarf2read.c:9554
#6773 process_die (die=die@entry=0x130fc90, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6774 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x130f980) at ../../gdb/dwarf2read.c:9549
#6775 process_die (die=die@entry=0x130f980, cu=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6776 0x000000000062b391 in inherit_abstract_dies (cu=<optimized out>, die=0x130f980) at ../../gdb/dwarf2read.c:9432
#6777 read_func_scope (cu=<optimized out>, die=0x130f980) at ../../gdb/dwarf2read.c:9554
#6778 process_die (die=die@entry=0x130fc90, cu=<optimized out>) at ../../gdb/dwarf2read.c:7211
#6779 0x000000000062b391 in inherit_abstract_dies (cu=0x1182db0, die=0xf813f0) at ../../gdb/dwarf2read.c:9432
#6780 read_func_scope (cu=0x1182db0, die=0xf813f0) at ../../gdb/dwarf2read.c:9554
#6781 process_die (die=die@entry=0x1314858, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6782 0x000000000062a9db in read_func_scope (cu=0x1182db0, die=0x1314740) at ../../gdb/dwarf2read.c:9549
#6783 process_die (die=die@entry=0x1314740, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7211
#6784 0x000000000062a581 in read_file_scope (cu=0x1182db0, die=0xfb7030) at ../../gdb/dwarf2read.c:8018
#6785 process_die (die=0xfb7030, cu=cu@entry=0x1182db0) at ../../gdb/dwarf2read.c:7204
#6786 0x000000000062efb8 in process_full_comp_unit (pretend_language=language_minimal, per_cu=0x106eb60) at ../../gdb/dwarf2read.c:7008
#6787 process_queue () at ../../gdb/dwarf2read.c:6573
#6788 dw2_do_instantiate_symtab (per_cu=per_cu@entry=0x106eb60) at ../../gdb/dwarf2read.c:2306
#6789 0x000000000062f4dc in dw2_instantiate_symtab (per_cu=0x106eb60) at ../../gdb/dwarf2read.c:2327
#6790 0x000000000062f612 in dw2_expand_all_symtabs (objfile=<optimized out>) at ../../gdb/dwarf2read.c:3359
#6791 0x00000000005a8e86 in symbol_file_add_with_addrs_or_offsets (abfd=abfd@entry=0xe789f0, add_flags=add_flags@entry=6, addrs=addrs@entry=0x0, flags=<optimized out>, flags@entry=0, parent=parent@entry=0x0,
    num_offsets=0, offsets=0x0) at ../../gdb/symfile.c:1162
#6792 0x00000000005a9108 in symbol_file_add_from_bfd (parent=0x0, flags=0, addrs=0x0, add_flags=6, abfd=0xe789f0) at ../../gdb/symfile.c:1234
#6793 symbol_file_add (name=name@entry=0x7fffffffe3ed "/usr/lib/debug/usr/bin/gnatbind.debug", add_flags=6, addrs=addrs@entry=0x0, flags=flags@entry=0) at ../../gdb/symfile.c:1250
#6794 0x00000000005a9155 in symbol_file_add_main_1 (args=0x7fffffffe3ed "/usr/lib/debug/usr/bin/gnatbind.debug", from_tty=1, flags=0) at ../../gdb/symfile.c:1276
#6795 0x00000000005ce77e in catch_command_errors (command=0x5a9180 <symbol_file_add_main>, arg=arg@entry=0x7fffffffe3ed "/usr/lib/debug/usr/bin/gnatbind.debug", from_tty=1, mask=mask@entry=6)
    at ../../gdb/exceptions.c:573
#6796 0x00000000005d1513 in captured_main (data=data@entry=0x7fffffffdff0) at ../../gdb/main.c:1013
#6797 0x00000000005ce68a in catch_errors (func=func@entry=0x5d02c0 <captured_main>, func_args=func_args@entry=0x7fffffffdff0, errstring=errstring@entry=0x7b74db "", mask=mask@entry=6)
    at ../../gdb/exceptions.c:546
#6798 0x00000000005d1784 in gdb_main (args=args@entry=0x7fffffffdff0) at ../../gdb/main.c:1144
#6799 0x000000000045734e in main (argc=<optimized out>, argv=<optimized out>) at ../../gdb/gdb.c:34

Comment 3 Jan Kratochvil 2014-02-24 22:05:49 UTC

[patch] gdb_assert -> complaint for weird DWARF
https://sourceware.org/ml/gdb-patches/2014-02/msg00731.html

Comment 5 Ludek Smid 2014-06-13 10:37:57 UTC

This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.