From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id 525qE2bem2AJXAAAWB0awg (envelope-from ) for ; Wed, 12 May 2021 09:55:50 -0400 Received: by simark.ca (Postfix, from userid 112) id 420CB1F11C; Wed, 12 May 2021 09:55:50 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id 6F2C61E783 for ; Wed, 12 May 2021 09:55:49 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id F0A8B3892473; Wed, 12 May 2021 13:55:48 +0000 (GMT) Received: from mx2.suse.de (mx2.suse.de [195.135.220.15]) by sourceware.org (Postfix) with ESMTPS id 9900B3892473 for ; Wed, 12 May 2021 13:55:46 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 9900B3892473 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=suse.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tdevries@suse.de X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id B096BAE27; Wed, 12 May 2021 13:55:45 +0000 (UTC) Subject: Re: [PATCH][gdb/symtab] Fix infinite recursion in dwarf2_cu::get_builder() From: Tom de Vries To: Simon Marchi , gdb-patches@sourceware.org References: <20210506120247.GA1559@delia.home> <1c7820ad-4457-b7d4-9828-63daa0f59e5e@suse.de> Message-ID: <2e69b6cc-6884-5269-eade-ec25001c85c3@suse.de> Date: Wed, 12 May 2021 15:55:44 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 MIME-Version: 1.0 In-Reply-To: <1c7820ad-4457-b7d4-9828-63daa0f59e5e@suse.de> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Tom Tromey Errors-To: gdb-patches-bounces@sourceware.org Sender: "Gdb-patches" On 5/12/21 3:20 PM, Tom de Vries wrote: > On 5/6/21 5:23 PM, Simon Marchi wrote: >> On 2021-05-06 8:02 a.m., Tom de Vries wrote: >>> Hi, >>> >>> With the test-case attached in PR26327, gdb aborts: >>> ... >>> $ gdb -q -batch 447.dealII -ex "b main" >>> Aborted (core dumped) >>> ... >>> when running out of stack due to infinite recursion: >>> ... >>> #8 0x00000000006aaba6 in dwarf2_cu::get_builder (this=0x35e4b40) >>> at src/gdb/dwarf2/read.c:700 >>> #9 0x00000000006aaba6 in dwarf2_cu::get_builder (this=0x22ee2c0) >>> at src/gdb/dwarf2/read.c:700 >>> #10 0x00000000006aaba6 in dwarf2_cu::get_builder (this=0x35e4b40) >>> at src/gdb/dwarf2/read.c:700 >>> #11 0x00000000006aaba6 in dwarf2_cu::get_builder (this=0x22ee2c0) >>> at src/gdb/dwarf2/read.c:700 >>> ... >>> >>> We're recursing in this code in dwarf2_cu::get_builder(): >>> ... >>> /* Otherwise, search ancestors for a valid builder. */ >>> if (ancestor != nullptr) >>> return ancestor->get_builder (); >>> ... >>> due to the fact that the ancestor chain is a cycle. >>> >>> Higher up in the call stack, we find some code that is responsible for >>> triggering this, in new_symbol: >>> ... >>> case DW_TAG_formal_parameter: >>> { >>> /* If we are inside a function, mark this as an argument. If >>> not, we might be looking at an argument to an inlined function >>> when we do not have enough information to show inlined frames; >>> pretend it's a local variable in that case so that the user can >>> still see it. */ >>> struct context_stack *curr >>> = cu->get_builder ()->get_current_context_stack (); >>> if (curr != nullptr && curr->name != nullptr) >>> SYMBOL_IS_ARGUMENT (sym) = 1; >>> ... >>> >>> This is code that was added to support pre-4.1 gcc, to be able to show >>> arguments of inlined functions as locals, in the absense of sufficiently >>> correct debug information. >>> >>> Removing this code (that is, doing SYMBOL_IS_ARGUMENT (sym) = 1 >>> unconditially), fixes the crash. The ancestor variable also seems to have >>> been added specifically to deal with fallout from this code, so remove that as >>> well. >>> >>> Tested on x86_64-linux: >>> - openSUSE Leap 15.2 with gcc 7.5.0, and >>> - openSUSE Tumbleweed with gcc 10.3.0. >>> >>> Any comments? >> >> I did not study the problem in depth like you did, but based on your >> explanation I think this is reasonable. If support for ancient stuff >> gets in the way of supporting modern stuff (like LTO), then it makes >> sense to remove the support for the ancient stuff. > > I committed this, but now realized that the cases I was actually trying > to fix: gcc-10 -flto code, aren't fixed, they just changed failure mode > from hang to abort. > > So it looks like I did a point fix which just fixes the 447.dealII > test-case, not the generic case. > > I may revert this patch (although atm I don't see the immediate need, > given that all the examples I looked at sofar also were problematic > before this patch). Well, that didn't take long... I found this example (minimized from gdb.cp/shadow.cc): ... $ cat shadow.cc namespace A { } int main() { using namespace A; return 0; } $ g++-10 -g shadow.cc -flto -o shadow $ ./gdb -q -batch ./shadow -ex "b main" Aborted (core dumped) ... With patch reverted: ... $ ./gdb -q -batch ./shadow -ex "b main" Breakpoint 1 at 0x4004ca: file /home/vries/gdb_versions/devel/src/gdb/testsuite/gdb.cp/shadow.cc, line 8. $ ... This clearly is a regression, so I'm reverting this. Thanks, - Tom