Subject: bin/9664: gdb can core dump unexpectedly
To: None <gnats-bugs@gnats.netbsd.org>
From: John Hawkinson <jhawk@mit.edu>
List: netbsd-bugs
Date: 03/23/2000 01:56:19
>Number: 9664
>Category: bin
>Synopsis: gdb can core dump unexpectedly
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: bin-bug-people (Utility Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Mar 23 01:54:00 2000
>Last-Modified:
>Originator: John Hawkinson
>Organization:
MIT
>Release: NetBSD 1.4.2
>Environment:
System: NetBSD zorkmid.mit.edu 1.4.2 NetBSD 1.4.2 (ZORKMID) #1: Wed Mar 22 03:24:44 EST 2000 jhawk@zorkmid.mit.edu:/usr/src/sys/arch/i386/compile/ZORKMID i386
>Description:
It appears that gdb has a propensity for core-dumping; this
is most undesirable and should be fixed in a timely fashion, if
at all feasable.
The core dump seems to be at:
0x48cfd <target_xfer_memory+53>: addl $0x14,%esp
with esp being:
esp 0xbfbfd498 0xbfbfd498
Presumably this is a BFD-based magic number (0xBF BFD 498), however
I don't see obvious references to 0xbfbfd in a cursory grep of the
binutils and gdb sources, so I'm really not sure how to procede in
debugging this (i.e. "I give up").
>How-To-Repeat:
Oh, this is a nice cascade.
SUMMARY:
Watch vi core dump while trying to save a file after invoked
with "vi -r db_interface.c". The core dump is in malloc(), so install
/usr/pkgsrc/devel/electricfence and try again under gdb. Discover that
electric fence doesn't seem to work properly ("mmap() failed: Cannot
allocate memory") and so set a breakpoint inside the electric fence
code. Watch gdb core dump.
Build gdb with COPTS=-g, and check the stack trace from the
release 1.4.2 binary against said new build of gdb. Seems to work OK
and looks plausible.
Attempt to reproduce the problem with gdb+vi+libefence under
the gdb with symbols. Success! The problem ocurrs in a slightly different
way, but in the same area of gdb code.
STEP-BY-STEP CHRONOLOGY:
I only managed to start a typescript midway through this and
my xterm's scrollback was smaller than expected, so I don't have
all the steps that led up to the initial core dump of gdb, but
I do have some. We're debugging vi+libefence (statically linked)
with the release 1.4.2 version of gdb:
---cut
Breakpoint 1, main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:62
62 if (reenter++)
(gdb) break EF_Exit
Segmentation fault (core dumped)
zorkmid% pwd
/usr/pkgsrc/devel/electricfence
zorkmid% ls -t
gdb.core dbsnap9 dbsnap6 work files Makefile
dbsnapb dbsnap8 dbsnap5 README.html patches
dbsnapa dbsnap7 dbsnap4 CVS pkg
zorkmid% file gdb.core
gdb.core: NetBSD/i386 core from 'gdb'
zorkmid% mv gdb.core gdb.core1
zorkmid% gdb gdb gdb.core1
GNU gdb 4.17
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsd"...(no debugging symbols found)...
Core was generated by `gdb'.
Program terminated with signal 11, Segmentation fault.
#0 0x0 in ?? ()
(gdb) where
#0 0x0 in ?? ()
#1 0x3ca4b in ?? ()
#2 0x48cfd in ?? ()
#3 0x48c29 in ?? ()
#4 0x748a3 in ?? ()
#5 0x3b023 in ?? ()
#6 0x3b0b2 in ?? ()
#7 0x3b245 in ?? ()
#8 0x3b68e in ?? ()
#9 0x233b6 in ?? ()
#10 0x24632 in ?? ()
#11 0x6233 in ?? ()
#12 0x6638 in ?? ()
#13 0x8f68b in ?? ()
#14 0x8f842 in ?? ()
#15 0x293d in ?? ()
#16 0x10da in ?? ()
(gdb)
---cut
After having built a gdb with symbols, running the release gdb
against the gdb with symbols on the gdb core file:
---cut
zorkmid% gdb /usr/src/gnu/usr.bin/gdb/gdb gdb.core1
GNU gdb 4.17
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsd"...
warning: exec file is newer than core file.
Core was generated by `gdb'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/libexec/ld.so...done.
Reading symbols from /usr/lib/libedit.so.2.2...done.
Reading symbols from /usr/lib/libkvm.so.5.0...done.
Reading symbols from /usr/lib/libtermcap.so.0.0...done.
Reading symbols from /usr/lib/libbfd.so.3.0...done.
Reading symbols from /usr/lib/libc.so.12.40...done.
#0 0x0 in ?? ()
(gdb) where
#0 0x0 in ?? ()
#1 0x3ca4b in child_xfer_memory (memaddr=1074106200, myaddr=0xb869c "",
len=1, write=0, target=0xc96c4)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/infptrace.c:485
#2 0x48cfd in target_xfer_memory (memaddr=1074106200, myaddr=0xb869c "",
len=1, write=0, bfd_section=0x0)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/target.c:813
#3 0x48c29 in target_read_memory (memaddr=1074106200, myaddr=0xb869c "",
len=1) at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/target.c:713
#4 0x748a3 in read_memory (memaddr=1074106200, myaddr=0xb869c "", len=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/corefile.c:223
#5 0x3b023 in codestream_fill (peek_flag=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/i386-tdep.c:79
#6 0x3b0b2 in codestream_seek (place=1074106200)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/i386-tdep.c:96
#7 0x3b245 in i386_get_frame_setup (pc=1074106200)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/i386-tdep.c:177
#8 0x3b68e in i386_skip_prologue (pc=1074106200)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/i386-tdep.c:461
#9 0x233b6 in find_function_start_sal (sym=0x4a4ee4, funfirstline=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/symtab.c:1710
#10 0x24632 in decode_line_1 (argptr=0xbfbfd6d8, funfirstline=1,
default_symtab=0x5edaa0, default_line=57, canonical=0xbfbfd6b8)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/symtab.c:2476
#11 0x6233 in break_command_1 (arg=0xcc00d "", flag=0, from_tty=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/breakpoint.c:2497
#12 0x6638 in break_command (arg=0xcc006 "EF_Exit", from_tty=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/breakpoint.c:2660
#13 0x8f68b in execute_command (p=0xcc00c "t", from_tty=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/top.c:1260
#14 0x8f842 in command_loop ()
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/top.c:1340
#15 0x293d in main (argc=2, argv=0xbfbfd898)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/main.c:560
(gdb) up
#1 0x3ca4b in child_xfer_memory (memaddr=1074106200, myaddr=0xb869c "",
len=1, write=0, target=0xc96c4)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/infptrace.c:485
485 buffer[i] = ptrace (PT_READ_I, inferior_pid,
(gdb) list
480 {
481 /* Read all the longwords */
482 for (i = 0; i < count; i++, addr += sizeof (PTRACE_XFER_TYPE))
483 {
484 errno = 0;
485 buffer[i] = ptrace (PT_READ_I, inferior_pid,
486 (PTRACE_ARG3_TYPE) addr, 0);
487 if (errno)
488 return 0;
489 QUIT;
(gdb) ptype ptrace
type = int ()
(gdb) x/i $pc
0x48cfd <target_xfer_memory+53>: addl $0x14,%esp
(gdb) info reg
eax 0xffffffff -1
ecx 0x0 0
edx 0xffffffff -1
ebx 0x401a1060 1075449952
esp 0xbfbfd498 0xbfbfd498
ebp 0xbfbfd4c4 0xbfbfd4c4
esi 0xbfbfd4ac -1077947220
edi 0x40058f58 1074106200
eip 0x48cfd 0x48cfd
eflags 0x10216 66070
cs 0x17 23
ss 0x1f 31
ds 0xbfbf001f -1078001633
es 0x1f 31
fs 0x1f 31
gs 0x1f 31
(gdb) quit
---cut
Next, run the gdb-with-symbols against the vi+libefence and attempt
to reproduce the core (success):
---cut
zorkmid% /usr/src/gnu/usr.bin/gdb/gdb /usr/src/usr.bin/vi/build/vi�
GNU gdb 4.17
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsd"...
(gdb) run -r db_interface.c
Starting program: /usr/src/usr.bin/vi/build/vi -r db_interface.c
Electric Fence 2.0.5 Copyright (C) 1987-1995 Bruce Perens.
�7�[?47h�[?1h�=�[H�[2J/*�[1;9H$NetBSD: db_interface.c,v 1.24.8.2 1999/04/12 21:27:04 pk Exp $ */�[H
/*
�* Mach Operating System
* Copyright (c) 1991,1990 Carnegie Mellon University
* All Rights Reserved.
*
�* Permission to use, copy, modify and distribute this software and its
* documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
*
�* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
*
�* Carnegie Mellon requests users of this software to return to
*
�* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
*
�* any improvements or extensions that they make and grant Carnegie the
* rights to redistribute these changes.
*
�* db_interface.c,v 2.4 1991/02/05 17:11:13 mrt (CMU)
*/
/*
�* Interface to new debugger.
*/
#include "opt_ddb.h"
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/systm.h>
#include <vm/vm.h>
#include <dev/cons.h>
#include <machine/bus.h>
#include <machine/cpufunc.h>
#include <machine/db_machdep.h>
#include <machine/pio.h>
#include <ddb/db_sym.h>
#include <ddb/db_command.h>
#include <ddb/db_extern.h>
#include <ddb/db_access.h>
#include <ddb/db_lex.h>�[H�[55;1Hdb_interface.c: new file: line 1�[H�[55;1H:�[Kw dbsnapc
ElectricFence Exiting: mmap() failed: Cannot allocate memory
Program exited with code 0377.
(gdb) break main
Breakpoint 1 at 0x1e92: file /usr/src/usr.bin/vi/build/../cl/cl_main.c, line 62.
(gdb) run
Starting program: /usr/src/usr.bin/vi/build/vi -r db_interface.c
Breakpoint 1, main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:62
62 if (reenter++)
(gdb) break EF_Exit
Breakpoint 2 at 0x3ba90: file print.c, line 147.
(gdb) c
Continuing.
Electric Fence 2.0.5 Copyright (C) 1987-1995 Bruce Perens.
�7�[?47h�[?1h�=�[H�[2J/*�[1;9H$NetBSD: db_interface.c,v 1.24.8.2 1999/04/12 21:27:04 pk Exp $ */�[H
/*
�* Mach Operating System
* Copyright (c) 1991,1990 Carnegie Mellon University
* All Rights Reserved.
*
�* Permission to use, copy, modify and distribute this software and its
* documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
*
�* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
*
�* Carnegie Mellon requests users of this software to return to
*
�* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
*
�* any improvements or extensions that they make and grant Carnegie the
* rights to redistribute these changes.
*
�* db_interface.c,v 2.4 1991/02/05 17:11:13 mrt (CMU)
*/
/*
�* Interface to new debugger.
*/
#include "opt_ddb.h"
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/systm.h>
#include <vm/vm.h>
#include <dev/cons.h>
#include <machine/bus.h>
#include <machine/cpufunc.h>
#include <machine/db_machdep.h>
#include <machine/pio.h>
#include <ddb/db_sym.h>
#include <ddb/db_command.h>
#include <ddb/db_extern.h>
#include <ddb/db_access.h>
#include <ddb/db_lex.h>�[H�[55;1Hdb_interface.c: new file: line 1�[H�[55;1H:�[Kw dbcnapd�����snapd
Breakpoint 2, EF_Exit (pattern=0x3b75f "mmap() failed: %s") at print.c:147
147 va_start(args, pattern);
(gdb) where
#0 EF_Exit (pattern=0x3b75f "mmap() failed: %s") at print.c:147
#1 0x3b7b7 in Page_Create (size=268439552) at page.c:95
#2 0x3b1ee in memalign (alignment=4, userSize=268435456) at efence.c:474
#3 0x3b6d3 in malloc (size=268435456) at efence.c:753
#4 0x66222 in __ovfl_get ()
#5 0x6eece in __rec_ret ()
#6 0x6e41a in __rec_get ()
#7 0x1d4fc in db_get (sp=0x40094b68, lno=57, flags=1, pp=0xbfbfd3f0,
lenp=0xbfbfd3f4) at /usr/src/usr.bin/vi/build/../common/line.c:158
#8 0x19fcc in ex_writefp (sp=0x40094b68, name=0x401e1ff8 "dbsnapd",
fp=0x772e0, fm=0x40073838, tm=0x40073840, nlno=0xbfbfd4b0, nch=0xbfbfd4b4,
silent=0) at /usr/src/usr.bin/vi/build/../ex/ex_write.c:329
#9 0x1b4a5 in file_write (sp=0x40094b68, fm=0x40073838, tm=0x40073840,
name=0x401e1ff8 "dbsnapd", flags=17)
at /usr/src/usr.bin/vi/build/../common/exf.c:807
#10 0x19eb0 in exwr (sp=0x40094b68, cmdp=0x400737d4, cmd=WRITE)
at /usr/src/usr.bin/vi/build/../ex/ex_write.c:263
#11 0x19b0c in ex_write (sp=0x40094b68, cmdp=0x400737d4)
at /usr/src/usr.bin/vi/build/../ex/ex_write.c:98
#12 0x6ab9 in ex_cmd (sp=0x40094b68)
at /usr/src/usr.bin/vi/build/../ex/ex.c:1352
#13 0x29a2d in v_ex (sp=0x40094b68, vp=0xbfbfd644)
at /usr/src/usr.bin/vi/build/../vi/v_ex.c:461
#14 0x3342f in vi (spp=0xbfbfd6d4) at /usr/src/usr.bin/vi/build/../vi/vi.c:235
#15 0x1f230 in editor (gp=0x40073754, argc=3, argv=0xbfbfd88c)
at /usr/src/usr.bin/vi/build/../common/main.c:450
#16 0x1f73 in main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:117
(gdb) up
#1 0x3b7b7 in Page_Create (size=268439552) at page.c:95
95 EF_Exit("mmap() failed: %s", stringErrorReport());
(gdb) list
90 */
91 startAddr = allocation + size;
92 #endif
93
94 if ( allocation == (caddr_t)-1 )
95 EF_Exit("mmap() failed: %s", stringErrorReport());
96
97 return (void *)allocation;
98 }
99 #else
(gdb) list Page_Create
54 * Create memory.
55 */
56 #if defined(MAP_ANONYMOUS)
57 void *
58 Page_Create(size_t size)
59 {
60 caddr_t allocation;
61
62 /*
63 * In this version, "startAddr" is a _hint_, not a demand.
(gdb)
64 * When the memory I map here is contiguous with other
65 * mappings, the allocator can coalesce the memory from two
66 * or more mappings into one large contiguous chunk, and thus
67 * might be able to find a fit that would not otherwise have
68 * been possible. I could _force_ it to be contiguous by using
69 * the MMAP_FIXED flag, but I don't want to stomp on memory mappings
70 * generated by other software, etc.
71 */
72 allocation = (caddr_t) mmap(
73 startAddr
(gdb) break 72
Breakpoint 3 at 0x3b77c: file page.c, line 72.
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/src/usr.bin/vi/build/vi -r db_interface.c
Breakpoint 1, main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:62
62 if (reenter++)
(gdb) c
Continuing.
Electric Fence 2.0.5 Copyright (C) 1987-1995 Bruce Perens.
Breakpoint 3, Page_Create (size=1048576) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) c
Continuing.
Breakpoint 3, Page_Create (size=1048576) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) c
Continuing.
�7�[?47h�[?1h�=�[H�[2J/*�[1;9H$NetBSD: db_interface.c,v 1.24.8.2 1999/04/12 21:27:04 pk Exp $ */�[H
/*
�* Mach Operating System
* Copyright (c) 1991,1990 Carnegie Mellon University
* All Rights Reserved.
*
�* Permission to use, copy, modify and distribute this software and its
* documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
*
�* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
*
�* Carnegie Mellon requests users of this software to return to
*
�* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
*
�* any improvements or extensions that they make and grant Carnegie the
* rights to redistribute these changes.
*
�* db_interface.c,v 2.4 1991/02/05 17:11:13 mrt (CMU)
*/
/*
�* Interface to new debugger.
*/
#include "opt_ddb.h"
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/systm.h>
#include <vm/vm.h>
#include <dev/cons.h>
#include <machine/bus.h>
#include <machine/cpufunc.h>
#include <machine/db_machdep.h>
#include <machine/pio.h>
#include <ddb/db_sym.h>
#include <ddb/db_command.h>
#include <ddb/db_extern.h>
#include <ddb/db_access.h>
#include <ddb/db_lex.h>�[H�[55;1Hdb_interface.c: new file: line 1�[H�[55;1H:�[Kw dbsna�apd�[7mdbsnapd exists, not written; use ! to override�[m�[H�[55;1H:�[Kw dbsnape
Breakpoint 3, Page_Create (size=268439552) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) c
Continuing.
Breakpoint 2, EF_Exit (pattern=0x3b75f "mmap() failed: %s") at print.c:147
147 va_start(args, pattern);
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/src/usr.bin/vi/build/vi -r db_interface.c
Breakpoint 1, main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:62
62 if (reenter++)
(gdb) c
Continuing.
Electric Fence 2.0.5 Copyright (C) 1987-1995 Bruce Perens.
Breakpoint 3, Page_Create (size=1048576) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) c
Continuing.
Breakpoint 3, Page_Create (size=1048576) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) c
Continuing.
�7�[?47h�[?1h�=�[H�[2J/*�[1;9H$NetBSD: db_interface.c,v 1.24.8.2 1999/04/12 21:27:04 pk Exp $ */�[H
/*
�* Mach Operating System
* Copyright (c) 1991,1990 Carnegie Mellon University
* All Rights Reserved.
*
�* Permission to use, copy, modify and distribute this software and its
* documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
*
�* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
*
�* Carnegie Mellon requests users of this software to return to
*
�* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
*
�* any improvements or extensions that they make and grant Carnegie the
* rights to redistribute these changes.
*
�* db_interface.c,v 2.4 1991/02/05 17:11:13 mrt (CMU)
*/
/*
�* Interface to new debugger.
*/
#include "opt_ddb.h"
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/systm.h>
#include <vm/vm.h>
#include <dev/cons.h>
#include <machine/bus.h>
#include <machine/cpufunc.h>
#include <machine/db_machdep.h>
#include <machine/pio.h>
#include <ddb/db_sym.h>
#include <ddb/db_command.h>
#include <ddb/db_extern.h>
#include <ddb/db_access.h>
#include <ddb/db_lex.h>�[H�[55;1Hdb_interface.c: new file: line 1�[H�[55;1H:�[Kw dbsnapf
Breakpoint 3, Page_Create (size=268439552) at page.c:72
72 allocation = (caddr_t) mmap(
(gdb) step
91 startAddr = allocation + size;
(gdb) where
#0 Page_Create (size=268439552) at page.c:91
#1 0x3b1ee in memalign (alignment=4, userSize=268435456) at efence.c:474
#2 0x3b6d3 in malloc (size=268435456) at efence.c:753
#3 0x66222 in __ovfl_get ()
#4 0x6eece in __rec_ret ()
#5 0x6e41a in __rec_get ()
#6 0x1d4fc in db_get (sp=0x40094b68, lno=57, flags=1, pp=0xbfbfd3f0,
lenp=0xbfbfd3f4) at /usr/src/usr.bin/vi/build/../common/line.c:158
#7 0x19fcc in ex_writefp (sp=0x40094b68, name=0x401e1ff8 "dbsnapf",
fp=0x772e0, fm=0x40073838, tm=0x40073840, nlno=0xbfbfd4b0, nch=0xbfbfd4b4,
silent=0) at /usr/src/usr.bin/vi/build/../ex/ex_write.c:329
#8 0x1b4a5 in file_write (sp=0x40094b68, fm=0x40073838, tm=0x40073840,
name=0x401e1ff8 "dbsnapf", flags=17)
at /usr/src/usr.bin/vi/build/../common/exf.c:807
#9 0x19eb0 in exwr (sp=0x40094b68, cmdp=0x400737d4, cmd=WRITE)
at /usr/src/usr.bin/vi/build/../ex/ex_write.c:263
#10 0x19b0c in ex_write (sp=0x40094b68, cmdp=0x400737d4)
at /usr/src/usr.bin/vi/build/../ex/ex_write.c:98
#11 0x6ab9 in ex_cmd (sp=0x40094b68)
at /usr/src/usr.bin/vi/build/../ex/ex.c:1352
#12 0x29a2d in v_ex (sp=0x40094b68, vp=0xbfbfd644)
at /usr/src/usr.bin/vi/build/../vi/v_ex.c:461
#13 0x3342f in vi (spp=0xbfbfd6d4) at /usr/src/usr.bin/vi/build/../vi/vi.c:235
#14 0x1f230 in editor (gp=0x40073754, argc=3, argv=0xbfbfd88c)
at /usr/src/usr.bin/vi/build/../common/main.c:450
#15 0x1f73 in main (argc=3, argv=0xbfbfd884)
at /usr/src/usr.bin/vi/build/../cl/cl_main.c:117
(gdb) step
94 if ( allocation == (caddr_t)-1 )
(gdb) print allocation
Segmentation fault (core dumped)
zorkmid% ls -t | head
gdb.core
dbsnapf
dbsnape
dbsnapd
dbsnapc
gdb.core1
dbsnapb
dbsnapa
dbsnap9
dbsnap8
zorkmid% mv gdb.core gdb.core2
zorkmid% mv gdb.core gdb.core2
---cut
Having gotten a second core (this one where the executable
and symbols guaranteed to be consistent),
---cut
zorkmid% /usr/src/gnu/usr.bin/gdb/gdb /usr/src/gnu/usr.bin/gdb/gdb gdb.core2
GNU gdb 4.17
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsd"...
Core was generated by `gdb'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/libexec/ld.so...done.
Reading symbols from /usr/lib/libedit.so.2.2...done.
Reading symbols from /usr/lib/libkvm.so.5.0...done.
Reading symbols from /usr/lib/libtermcap.so.0.0...done.
Reading symbols from /usr/lib/libbfd.so.3.0...done.
Reading symbols from /usr/lib/libc.so.12.40...done.
#0 0x1 in ?? ()
(gdb) where
#0 0x1 in ?? ()
#1 0x48cfd in target_xfer_memory (memaddr=4294967295, myaddr=0xcd2c0 " Ň\f",
len=8, write=0, bfd_section=0x0)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/target.c:813
#2 0x48c5f in target_read_memory_partial (memaddr=4294967295,
myaddr=0xcd2c0 " Ň\f", len=8, errnoptr=0xbfbfd58c)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/target.c:742
#3 0x1c7a7 in val_print_string (addr=4294967295, len=0, stream=0xca3d0)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/valprint.c:758
#4 0x82fcc in c_val_print (type=0x47b38c, valaddr=0xe3ff0 "˙˙˙˙ne 62.",
address=24, stream=0xca3d0, format=0, deref_ref=1, recurse=0,
pretty=Val_no_prettyprint)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/c-valprint.c:177
#5 0x1bf8e in val_print (type=0x47b350, valaddr=0xe3ff0 "˙˙˙˙ne 62.",
address=24, stream=0xca3d0, format=0, deref_ref=1, recurse=0,
pretty=Val_pretty_default)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/valprint.c:158
#6 0x83696 in c_value_print (val=0xe3fc0, stream=0xca3d0, format=0,
pretty=Val_pretty_default)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/c-valprint.c:470
#7 0x1c00a in value_print (val=0xe3fc0, stream=0xca3d0, format=0,
pretty=Val_pretty_default)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/valprint.c:184
#8 0x1d594 in print_formatted (val=0xe3fc0, format=0, size=0)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/printcmd.c:319
#9 0x1e15b in print_command_1 (exp=0xcc006 "allocation", inspect=0,
voidprint=1) at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/printcmd.c:863
#10 0x1e1bf in print_command (exp=0xcc006 "allocation", from_tty=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/printcmd.c:886
#11 0x8f68b in execute_command (p=0xcc00f "n", from_tty=1)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/top.c:1260
#12 0x8f842 in command_loop ()
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/top.c:1340
#13 0x293d in main (argc=2, argv=0xbfbfd87c)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/main.c:560
(gdb) p $pc
$1 = (void *) 0x1
(gdb) info reg�[8D�[Kp &$pc
Attempt to take address of value not located in memory.
(gdb) x $pc
0x1: 0x00ffffff
(gdb) x/i $pc
0x1: (bad)
(gdb) info frame
Stack level 0, frame at 0xbfbfd4f4:
eip = 0x1; saved eip 0x48cfd
called by frame at 0xbfbfd51c
Arglist at 0xbfbfd4f4, args:
Locals at 0xbfbfd4f4, Previous frame's sp is 0x0
Saved registers:
ebp at 0xbfbfd4f4, eip at 0xbfbfd4f8
(gdb) info reg
eax 0xffffffff -1
ecx 0x0 0
edx 0xffffffff -1
ebx 0x401a1060 1075449952
esp 0xbfbfd4c0 0xbfbfd4c0
ebp 0xbfbfd4f4 0xbfbfd4f4
esi 0xbfbfd4d8 -1077947176
edi 0x0 0
eip 0x1 0x1
eflags 0x10216 66070
cs 0x17 23
ss 0x1f 31
ds 0x1f 31
es 0x1f 31
fs 0x1f 31
gs 0x1f 31
(gdb) up
#1 0x48cfd in target_xfer_memory (memaddr=4294967295, myaddr=0xcd2c0 " Ň\f",
len=8, write=0, bfd_section=0x0)
at /usr/src/gnu/usr.bin/gdb/../../dist/gdb/target.c:813
x813 res = current_target.to_xfer_memory
(gdb) x/i $pc
0x48cfd <target_xfer_memory+53>: addl $0x14,%esp
(gdb) x/20i target_xfer_memory
0x48cc8 <target_xfer_memory>: pushl %ebp
0x48cc9 <target_xfer_memory+1>: movl %esp,%ebp
0x48ccb <target_xfer_memory+3>: pushl %edi
0x48ccc <target_xfer_memory+4>: pushl %esi
0x48ccd <target_xfer_memory+5>: pushl %ebx
0x48cce <target_xfer_memory+6>: movl 0x10(%ebp),%edi
0x48cd1 <target_xfer_memory+9>: movl 0x18(%ebp),%eax
0x48cd4 <target_xfer_memory+12>: movl %eax,0xad054
0x48cd9 <target_xfer_memory+17>:
call 0xac14c <_PROCEDURE_LINKAGE_TABLE_+232>
0x48cde <target_xfer_memory+22>: movl $0x0,(%eax)
0x48ce4 <target_xfer_memory+28>: pushl $0xc96c4
0x48ce9 <target_xfer_memory+33>: movl 0x14(%ebp),%edx
0x48cec <target_xfer_memory+36>: pushl %edx
0x48ced <target_xfer_memory+37>: pushl %edi
0x48cee <target_xfer_memory+38>: movl 0xc(%ebp),%edx
0x48cf1 <target_xfer_memory+41>: pushl %edx
0x48cf2 <target_xfer_memory+42>: movl 0x8(%ebp),%edx
0x48cf5 <target_xfer_memory+45>: pushl %edx
0x48cf6 <target_xfer_memory+46>: movl 0xc96f4,%eax
0x48cfb <target_xfer_memory+51>: call *%eax
(gdb) x/4i
0x48cfd <target_xfer_memory+53>: addl $0x14,%esp
0x48d00 <target_xfer_memory+56>: cmpl %edi,%eax
0x48d02 <target_xfer_memory+58>: jne 0x48d18 <target_xfer_memory+80>
0x48d04 <target_xfer_memory+60>: jmp 0x48d9c <target_xfer_memory+212>
(gdb) ^D
zorkmid%
---cut
>Fix:
WORKAROUND: Don't debug core dumps, just submit PRs with stack traces?
>Audit-Trail:
>Unformatted: