Bug 30705 - [gdb] UNRESOLVED: gdb.base/all-architectures-2.exp: tests: osabi=AIX: arch=bpf: endian=auto: disassemble 0x100,+4 (segfault)
Summary: [gdb] UNRESOLVED: gdb.base/all-architectures-2.exp: tests: osabi=AIX: arch=bp...
Status: RESOLVED FIXED
Alias: None
Product: gdb
Classification: Unclassified
Component: tdep (show other bugs)
Version: HEAD
: P2 normal
Target Milestone: 14.1
Assignee: Jose E. Marchesi
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-07-31 09:59 UTC by Tom de Vries
Modified: 2023-07-31 21:04 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tom de Vries 2023-07-31 09:59:46 UTC 
I'm running into:
...
ERROR: GDB process no longer exists
FAIL: gdb.base/all-architectures-2.exp: all passed
ERROR: GDB process no longer exists
FAIL: gdb.base/all-architectures-7.exp: all passed
...

In more detail:
...
(gdb) IPASS: gdb.base/all-architectures-2.exp: tests: osabi=AIX: arch=bpf: endian=auto: print, float
disassemble 0x100,+4
Dump of assembler code from 0x100 to 0x104:

Fatal signal: Segmentation fault
----- Backtrace -----
0x59ef98 gdb_internal_backtrace_1
	/data/vries/gdb/src/gdb/bt-utils.c:122
0x59f03b _Z22gdb_internal_backtracev
	/data/vries/gdb/src/gdb/bt-utils.c:168
0x79029e handle_fatal_signal
	/data/vries/gdb/src/gdb/event-top.c:889
0x79040a handle_sigsegv
	/data/vries/gdb/src/gdb/event-top.c:962
0x7f9076c3f90f ???
	/usr/src/debug/glibc-2.31-150300.52.2.x86_64/nptl/../sysdeps/unix/sysv/linux/x86_64/sigaction.c:0
0xefcdc4 print_insn_bpf
	/data/vries/gdb/src/opcodes/bpf-dis.c:152
0x4d0725 _Z18default_print_insnmP16disassemble_info
	/data/vries/gdb/src/gdb/arch-utils.c:1041
0x54f544 bpf_gdb_print_insn
	/data/vries/gdb/src/gdb/bpf-tdep.c:128
0x4d9af9 _Z18gdbarch_print_insnP7gdbarchmP16disassemble_info
	/data/vries/gdb/src/gdb/gdbarch.c:3329
0x69ed16 gdb_print_insn_1
	/data/vries/gdb/src/gdb/disasm.c:1099
0x69edde _ZN16gdb_disassembler10print_insnEmPi
	/data/vries/gdb/src/gdb/disasm.c:1116
0x69cd98 _ZN29gdb_pretty_print_disassembler17pretty_print_insnEPK11disasm_insn10enum_flagsI20gdb_disassembly_flagE
	/data/vries/gdb/src/gdb/disasm.c:446
0x69d26c dump_insns
	/data/vries/gdb/src/gdb/disasm.c:543
0x69e784 do_assembly_only
	/data/vries/gdb/src/gdb/disasm.c:957
0x69f1fc _Z15gdb_disassemblyP7gdbarchP6ui_out10enum_flagsI20gdb_disassembly_flagEimm
	/data/vries/gdb/src/gdb/disasm.c:1199
0x5f0e77 print_disassembly
	/data/vries/gdb/src/gdb/cli/cli-cmds.c:1518
0x5f16ba disassemble_command
	/data/vries/gdb/src/gdb/cli/cli-cmds.c:1694
0x5f7b4e do_simple_func
	/data/vries/gdb/src/gdb/cli/cli-decode.c:95
0x5fcb62 _Z8cmd_funcP16cmd_list_elementPKci
	/data/vries/gdb/src/gdb/cli/cli-decode.c:2735
0xc5ee29 _Z15execute_commandPKci
	/data/vries/gdb/src/gdb/top.c:575
0x78fa57 _Z15command_handlerPKc
	/data/vries/gdb/src/gdb/event-top.c:552
0x78ff5f _Z20command_line_handlerOSt10unique_ptrIcN3gdb13xfree_deleterIcEEE
	/data/vries/gdb/src/gdb/event-top.c:788
0xc8b209 tui_command_line_handler
	/data/vries/gdb/src/gdb/tui/tui-interp.c:104
0x78f3ad gdb_rl_callback_handler
	/data/vries/gdb/src/gdb/event-top.c:259
0xd98279 rl_callback_read_char
	/data/vries/gdb/src/readline/readline/callback.c:290
0x78f215 gdb_rl_callback_read_char_wrapper_noexcept
	/data/vries/gdb/src/gdb/event-top.c:195
0x78f2b1 gdb_rl_callback_read_char_wrapper
	/data/vries/gdb/src/gdb/event-top.c:234
0xcb4743 stdin_event_handler
	/data/vries/gdb/src/gdb/ui.c:155
0x14a62ab handle_file_event
	/data/vries/gdb/src/gdbsupport/event-loop.cc:573
0x14a6841 gdb_wait_for_event
	/data/vries/gdb/src/gdbsupport/event-loop.cc:694
0x14a5707 _Z16gdb_do_one_eventi
	/data/vries/gdb/src/gdbsupport/event-loop.cc:264
0x919c46 start_event_loop
	/data/vries/gdb/src/gdb/main.c:412
0x919da0 captured_command_loop
	/data/vries/gdb/src/gdb/main.c:476
0x91b58c captured_main
	/data/vries/gdb/src/gdb/main.c:1320
0x91b626 _Z8gdb_mainP18captured_main_args
	/data/vries/gdb/src/gdb/main.c:1339
0x4195cd main
	/data/vries/gdb/src/gdb/gdb.c:32
---------------------
A fatal error internal to GDB has been detected, further
debugging is not possible.  GDB will now terminate.

This is a bug, please report it.  For instructions, see:
<https://www.gnu.org/software/gdb/bugs/>.

ERROR: GDB process no longer exists
GDB process exited with wait status 25141 exp9 0 0 CHILDKILLED SIGSEGV {segmentation violation}
UNRESOLVED: gdb.base/all-architectures-2.exp: tests: osabi=AIX: arch=bpf: endian=auto: disassemble 0x100,+4
...
Comment 1 Tom de Vries 2023-07-31 10:01:16 UTC 
(In reply to Tom de Vries from comment #0)
> UNRESOLVED: gdb.base/all-architectures-2.exp: tests: osabi=AIX: arch=bpf:
> endian=auto: disassemble 0x100,+4

The other one is the same, for arch=xbfp:
...
UNRESOLVED: gdb.base/all-architectures-7.exp: tests: osabi=AIX: arch=xbpf: endian=auto: disassemble 0x100,+4
...
Comment 2 Tom de Vries 2023-07-31 10:07:48 UTC 
Reproducer:
...
$ cat gdb.in
set osabi AIX
set endian little
set architecture bpf
disassemble 0x100,+4
$ gdb -q -batch -x gdb.in
...
Comment 3 Tom de Vries 2023-07-31 10:09:21 UTC 
It's because we dereference info->section, which is a nullptr:
...
#0  0x0000000000efcdc4 in print_insn_bpf (pc=256, info=0x7fffffffcb28) at /data/vries/gdb/src/opcodes/bpf-dis.c:152
152	      struct bfd *abfd = info->section->owner;
(gdb) p info->section
$3 = (asection *) 0x0
...
Comment 4 Tom de Vries 2023-07-31 10:14:30 UTC 
Regression since commit 1e18ffc9915 ("bpf: include, bfd, opcodes: add EF_BPF_CPUVER ELF header flags").
Comment 5 Tom de Vries 2023-07-31 11:03:44 UTC 
Also, I'm seeming in gdb.gdb/unittest.exp:
...
Running selftest buffered_insn_length::bpf.^M
^M
^M
Fatal signal: Segmentation fault^M
...

Reproducer:
...
$ gdb -q -batch -ex "maint selftest buffered_insn_length::bpf"
...

In this case, we're segfaulting here because abfd is nullptr:
...
Thread 1 "gdb" received signal SIGSEGV, Segmentation fault.
print_insn_bpf (pc=0, info=0x7fffffffd398) at /data/vries/gdb/src/opcodes/bpf-dis.c:153
153	      Elf_Internal_Ehdr *header = elf_elfheader (abfd);
...
which gets it's value in the same line as mentioned in comment 3:
...
152	      struct bfd *abfd = info->section->owner;
...
Comment 6 Tom de Vries 2023-07-31 11:16:00 UTC 
(In reply to Tom de Vries from comment #5)
> $ gdb -q -batch -ex "maint selftest buffered_insn_length::bpf"

FTR, likewise for "maint selftest buffered_insn_length::bpf::xbfp".
Comment 7 Mark Wielaard 2023-07-31 13:03:15 UTC 
(In reply to Tom de Vries from comment #4)
> Regression since commit 1e18ffc9915 ("bpf: include, bfd, opcodes: add
> EF_BPF_CPUVER ELF header flags").

That is https://builder.sourceware.org/buildbot/#/changes/29867 which indeed sees a lot of RED for the gdb check results.
Comment 8 Sourceware Commits 2023-07-31 13:46:58 UTC 
The master branch has been updated by Jose E. Marchesi <jemarch@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5b512234c874d5f82734dc6115765bc691c2c982

commit 5b512234c874d5f82734dc6115765bc691c2c982
Author: Jose E. Marchesi <jose.marchesi@oracle.com>
Date:   Mon Jul 31 15:44:36 2023 +0200

    bpf: opcodes: fix regression in BPF disassembler
    
    This patch fixes a regression recently introduced in the BPF
    disassembler, that was assuming an abfd was always available in
    info->section->owner.  Apparently this is not so in GDB, and therefore
    https://sourceware.org/bugzilla/show_bug.cgi?id=30705.
    
    Tested in bpf-unkonwn-none.
    
    opcodes/ChangeLog:
    
    2023-07-31  Jose E. Marchesi  <jose.marchesi@oracle.com>
    
            PR 30705
            * bpf-dis.c (print_insn_bpf): Check that info->section->owner is
            actually available before using it.
Comment 9 Tom de Vries 2023-07-31 14:15:56 UTC 
The commit fixes the regressions for me, thanks.
Comment 10 Tom de Vries 2023-07-31 21:04:04 UTC 
Fixed by commit.  Also buildbot seems happy again.