[Bug gdb/31192] New: GDB hang with CPU 100% when printing a variable with reference type

[Bug gdb/31192] New: GDB hang with CPU 100% when printing a variable with reference type

[hopelee1994 at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=31192

            Bug ID: 31192
           Summary: GDB hang with CPU 100% when printing a variable with
                    reference type
           Product: gdb
           Version: 14.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: hopelee1994 at gmail dot com
  Target Milestone: ---

When debugging MySQL 8.0.13 and set a breakpoint at function `JOIN::optimize`
with gdb-14.1, the gdb will hang with 100% CPU if I print a variable named
`all_fields` which is the type `List<Item> &` in that point. If you want to
reproduce that, every simple query statement on MySQL 8.0.13 will hit this
breakpoint.

If I pstack the gdb, the stack is like this:

Thread 1 (Thread 0x7fe594ab4c40 (LWP 90562) "gdb"):
#0  0x00007fe594b44d9c in malloc () from /lib64/libc.so.6
#1  0x0000000000b3223d in operator new (sz=sz@entry=128) at
../../gdbsupport/new-op.cc:59
#2  0x0000000000700072 in __gnu_cxx::new_allocator<fnfieldlist>::allocate
(this=<optimized out>, __n=<optimized out>) at
/opt/rh/devtoolset-7/root/usr/include/c++/7/ext/new_allocator.h:111
#3  std::allocator_traits<std::allocator<fnfieldlist> >::allocate (__a=...,
__n=<optimized out>) at
/opt/rh/devtoolset-7/root/usr/include/c++/7/bits/alloc_traits.h:436
#4  std::_Vector_base<fnfieldlist, std::allocator<fnfieldlist> >::_M_allocate
(this=<optimized out>, __n=<optimized out>) at
/opt/rh/devtoolset-7/root/usr/include/c++/7/bits/stl_vector.h:172
#5  std::vector<fnfieldlist, std::allocator<fnfieldlist>
>::_M_realloc_insert<>(__gnu_cxx::__normal_iterator<fnfieldlist*,
std::vector<fnfieldlist, std::allocator<fnfieldlist> > >)
(this=this@entry=0x7ffe6913ad98, __position=..., __position@entry=...) at
/opt/rh/devtoolset-7/root/usr/include/c++/7/bits/vector.tcc:406
#6  0x00000000006f7196 in std::vector<fnfieldlist, std::allocator<fnfieldlist>
>::emplace_back<>() (this=0x38) at
/opt/rh/devtoolset-7/root/usr/include/c++/7/bits/vector.tcc:105
#7  dwarf2_add_member_fn (cu=0x25e81d730, type=<optimized out>,
die=0x2a30fd110, fip=0x0) at ../../gdb/dwarf2/read.c:12203
#8  handle_struct_member_die (child_die=child_die@entry=0x25e81d8d0,
type=<optimized out>, fi=fi@entry=0x7ffe6913ad60,
template_args=template_args@entry=0x7ffe6913ace0, cu=cu@entry=0x64fc2860) at
../../gdb/dwarf2/read.c:12949
#9  0x00000000006f2541 in process_structure_scope (cu=0x64fc2860,
die=0x25e81ced0) at ../../gdb/dwarf2/read.c:12999
#10 process_die (die=die@entry=0x25e81ced0, cu=cu@entry=0x64fc2860) at
../../gdb/dwarf2/read.c:6687
#11 0x00000000006f1c67 in read_namespace (cu=0x25e81ced0, die=0x29ae93270) at
../../gdb/dwarf2/read.c:14158
#12 process_die (die=die@entry=0x29ae93270, cu=cu@entry=0x64fc2860) at
../../gdb/dwarf2/read.c:6727
#13 0x00000000006f45da in read_file_scope (die=die@entry=0x2a0524c70,
cu=cu@entry=0x64fc2860) at ../../gdb/dwarf2/read.c:7686
#14 0x00000000006f26f3 in process_die (die=0x2a0524c70, cu=cu@entry=0x64fc2860)
at ../../gdb/dwarf2/read.c:6658
#15 0x00000000006f7928 in process_full_comp_unit (pretend_language=<optimized
out>, cu=0x64fc2860) at ../../gdb/dwarf2/read.c:6422
#16 process_queue (per_objfile=0x10fefb0) at ../../gdb/dwarf2/read.c:5696
#17 dw2_do_instantiate_symtab (skip_partial=<optimized out>,
per_objfile=0x10fefb0, per_cu=0x703d9b0) at ../../gdb/dwarf2/read.c:1770
#18 dw2_instantiate_symtab (per_cu=0x703d9b0, per_objfile=0x10fefb0,
skip_partial=skip_partial@entry=false) at ../../gdb/dwarf2/read.c:1792
#19 0x00000000006f811c in dw2_expand_symtabs_matching_one(dwarf2_per_cu_data*,
dwarf2_per_objfile*, gdb::function_view<bool (char const*, bool)>,
gdb::function_view<bool (compunit_symtab*)>) (per_cu=<optimized out>,
per_objfile=<optimized out>, file_matcher=..., expansion_notify=...) at
../../gdb/dwarf2/read.c:3042
#20 0x00000000006f8a19 in
cooked_index_functions::expand_symtabs_matching(objfile*,
gdb::function_view<bool (char const*, bool)>, lookup_name_info const*,
gdb::function_view<bool (char const*)>, gdb::function_view<bool
(compunit_symtab*)>, enum_flags<block_search_flag_values>, domain_enum,
search_domain) (this=<optimized out>, objfile=<optimized out>,
file_matcher=..., lookup_name=<optimized out>, symbol_matcher=...,
expansion_notify=..., search_flags=..., domain=VAR_DOMAIN, kind=ALL_DOMAIN) at
../../gdb/dwarf2/read.c:16954
#21 0x000000000095bcde in objfile::lookup_symbol (this=this@entry=0x1294910,
kind=<optimized out>, kind@entry=GLOBAL_BLOCK, name=name@entry=0x653f490
"List", domain=<optimized out>, domain@entry=VAR_DOMAIN) at
../../gdb/symfile-debug.c:285
#22 0x000000000096d754 in lookup_symbol_via_quick_fns (domain=VAR_DOMAIN,
name=0x653f490 "List", block_index=GLOBAL_BLOCK, objfile=0x1294910) at
../../gdb/symtab.c:2411
#23 lookup_symbol_in_objfile (objfile=0x1294910, block_index=GLOBAL_BLOCK,
name=0x653f490 "List", domain=VAR_DOMAIN) at ../../gdb/symtab.c:2542
#24 0x000000000096d8ee in gdb::function_view<bool
(objfile*)>::bind<lookup_global_or_static_symbol(char const*, block_enum,
objfile*,
domain_enum)::{lambda(objfile*)#1}>(lookup_global_or_static_symbol(char const*,
block_enum, objfile*,
domain_enum)::{lambda(objfile*)#1}&)::{lambda(gdb::fv_detail::erased_callable,
objfile*)#1}::_FUN(gdb::fv_detail::erased_callable, objfile*) () at
../../gdb/symtab.c:2588
 #25 0x000000000092b393 in gdb::function_view<bool
(objfile*)>::operator()(objfile*) const (args#0=0x1294910, this=<synthetic
pointer>) at ../../gdb/../gdbsupport/function-view.h:289
#26 svr4_iterate_over_objfiles_in_search_order (gdbarch=<optimized out>,
cb=..., current_objfile=<optimized out>) at ../../gdb/solib-svr4.c:3454
#27 0x000000000096ef75 in lookup_global_or_static_symbol
(name=name@entry=0x653f490 "List", block_index=block_index@entry=GLOBAL_BLOCK,
objfile=0x0, domain=domain@entry=VAR_DOMAIN) at ../../gdb/symtab.c:2585
#28 0x000000000096ff16 in lookup_global_symbol (name=name@entry=0x653f490
"List", block=block@entry=0x0, domain=domain@entry=VAR_DOMAIN) at
../../gdb/symtab.c:2641
#29 0x0000000000668856 in cp_lookup_bare_symbol (langdef=langdef@entry=0xb70cb0
<cplus_language_defn>, name=name@entry=0x653f490 "List", block=block@entry=0x0,
domain=domain@entry=VAR_DOMAIN, search=1) at ../../gdb/cp-namespace.c:209
#30 0x0000000000668c62 in lookup_namespace_scope
(langdef=langdef@entry=0xb70cb0 <cplus_language_defn>,
name=name@entry=0x653f490 "List", block=block@entry=0x0,
domain=domain@entry=VAR_DOMAIN, scope=scope@entry=0x52c0a0 "",
scope_len=scope_len@entry=0) at ../../gdb/cp-namespace.c:751
#31 0x0000000000669b71 in cp_lookup_symbol_nonlocal (langdef=0xb70cb0
<cplus_language_defn>, name=0x653f490 "List", block=0x0, domain=VAR_DOMAIN) at
../../gdb/cp-namespace.c:781
#32 0x00000000009767dd in lookup_symbol_aux (name=0x653f490 "List",
match_type=match_type@entry=symbol_name_match_type::FULL,
block=block@entry=0x0, domain=domain@entry=VAR_DOMAIN,
language=language@entry=language_cplus,
is_a_field_of_this=is_a_field_of_this@entry=0x0) at ../../gdb/symtab.c:2150
#33 0x0000000000976966 in lookup_symbol_in_language (name=0x653f490 "List",
block=block@entry=0x0, domain=domain@entry=VAR_DOMAIN, lang=language_cplus,
is_a_field_of_this=is_a_field_of_this@entry=0x0) at ../../gdb/symtab.c:1958
#34 0x00000000009769f2 in lookup_symbol (name=<optimized out>,
block=block@entry=0x0, domain=domain@entry=VAR_DOMAIN,
is_a_field_of_this=is_a_field_of_this@entry=0x0) at ../../gdb/symtab.c:1970
#35 0x000000000066b70b in replace_typedefs (info=info@entry=0x5a9af90,
ret_comp=0x7a2ba60, finder=finder@entry=0x61c9d0
<find_typedef_for_canonicalize(type*, void*)>, data=data@entry=0xb683a0
<default_ptype_flags>) at ../../gdb/cp-support.c:506
#36 0x000000000066b7aa in replace_typedefs (info=info@entry=0x5a9af90,
ret_comp=0x7a2bac0, finder=finder@entry=0x61c9d0
<find_typedef_for_canonicalize(type*, void*)>, data=data@entry=0xb683a0
<default_ptype_flags>) at ../../gdb/cp-support.c:539
#37 0x000000000066b1d4 in cp_canonicalize_string_full
(string=string@entry=0x4c98b70 "List<Item>", finder=finder@entry=0x61c9d0
<find_typedef_for_canonicalize(type*, void*)>, data=data@entry=0xb683a0
<default_ptype_flags>) at ../../gdb/cp-support.c:595
#38 0x000000000061cedd in print_name_maybe_canonical (name=0x4c98b70
"List<Item>", flags=flags@entry=0xb683a0 <default_ptype_flags>,
stream=stream@entry=0x127ac90) at ../../gdb/c-typeprint.c:90
#39 0x000000000061d8d0 in c_type_print_base_1 (type=<optimized out>,
stream=stream@entry=0x127ac90, show=show@entry=-1, level=level@entry=0,
language=language@entry=language_cplus, flags=flags@entry=0xb683a0
<default_ptype_flags>, podata=0x7ffe6913c2e4) at ../../gdb/c-typeprint.c:1641
#40 0x000000000061dff9 in c_type_print_base_1 (type=type@entry=0x5a9ad70,
stream=stream@entry=0x127ac90, show=show@entry=-1, level=level@entry=0,
language=language@entry=language_cplus, flags=flags@entry=0xb683a0
<default_ptype_flags>, podata=0x7ffe6913c2e4) at ../../gdb/c-typeprint.c:1476
#41 0x000000000061d638 in c_print_type_1 (type=type@entry=0x5a9ad70,
varstring=varstring@entry=0x52c0a0 "", stream=stream@entry=0x127ac90, sho
#41 0x000000000061d638 in c_print_type_1 (type=type@entry=0x5a9ad70,
varstring=varstring@entry=0x52c0a0 "", stream=stream@entry=0x127ac90,
show=show@entry=-1, level=level@entry=0,
language=language@entry=language_cplus, flags=0xb683a0 <default_ptype_flags>,
podata=0x7ffe6913c2e4) at ../../gdb/c-typeprint.c:129
#42 0x000000000061d827 in c_print_type (type=0x5a9ad70, varstring=0x52c0a0 "",
stream=0x127ac90, show=-1, level=0, language=language_cplus, flags=0xb683a0
<default_ptype_flags>) at ../../gdb/c-typeprint.c:178
#43 0x00000000009e283b in type_print (type=<optimized out>,
varstring=<optimized out>, stream=<optimized out>, show=<optimized out>) at
../../gdb/typeprint.c:391
#44 0x0000000000621208 in c_value_print (val=0x6915f10, stream=0x127ac90,
options=0x7ffe6913c440) at ../../gdb/c-valprint.c:545
#45 0x00000000009fe59d in value_print (val=val@entry=0x56a63b0,
stream=0x127ac90, options=options@entry=0x7ffe6913c440) at
../../gdb/valprint.c:1209
#46 0x0000000000862e8f in print_formatted (val=val@entry=0x56a63b0,
size=size@entry=0, options=options@entry=0x7ffe6913c440, stream=<optimized
out>) at ../../gdb/printcmd.c:337
#47 0x0000000000865b0a in print_value (val=val@entry=0x56a63b0, opts=...) at
../../gdb/printcmd.c:1260
#48 0x0000000000865d8d in print_command_1 (args=<optimized out>,
voidprint=<optimized out>) at ../../gdb/printcmd.c:1377
#49 0x000000000062fdd0 in cmd_func (cmd=<optimized out>, args=<optimized out>,
from_tty=<optimized out>) at ../../gdb/cli/cli-decode.c:2735
#50 0x00000000009ad901 in execute_command (p=<optimized out>, p@entry=0x48cb140
"p all_fields", from_tty=from_tty@entry=1) at ../../gdb/top.c:575
#51 0x000000000063367a in cli_interp::exec (this=0x1205570,
command_str=0x48cb140 "p all_fields") at ../../gdb/cli/cli-interp.c:242
#52 0x00000000007bfe7d in interp_exec (interp=interp@entry=0x1205570,
command_str=<optimized out>) at ../../gdb/interps.c:265
#53 0x0000000000828d13 in mi_cmd_interpreter_exec (command=<optimized out>,
argv=<optimized out>, argc=2) at ../../gdb/mi/mi-interp.c:189
#54 0x000000000082e25b in mi_cmd_execute (parse=parse@entry=0x5a9b1c0) at
../../gdb/mi/mi-main.c:2148
#55 0x000000000082edae in captured_mi_execute_command (context=0x5a9b1c0,
uiout=0x1240a60, mi=0x12c2e40) at ../../gdb/mi/mi-main.c:1831
#56 mi_execute_command (cmd=<optimized out>, from_tty=<optimized out>) at
../../gdb/mi/mi-main.c:1955
#57 0x00000000008275f2 in mi_execute_command_wrapper (cmd=<optimized out>) at
../../gdb/mi/mi-interp.c:222
#58 mi_execute_command_input_handler (cmd=...) at ../../gdb/mi/mi-interp.c:244
#59 0x0000000000714642 in gdb_readline_no_editing_callback
(client_data=<optimized out>) at ../../gdb/event-top.c:846
#60 0x00000000009e7410 in stdin_event_handler (error=<optimized out>,
client_data=0x10b2a00) at ../../gdb/ui.c:155
#61 0x0000000000b2eebd in gdb_wait_for_event (block=block@entry=1) at
../../gdbsupport/event-loop.cc:694
#62 0x0000000000b2f634 in gdb_do_one_event (mstimeout=mstimeout@entry=-1) at
../../gdbsupport/event-loop.cc:264
#63 0x00000000008056e7 in start_event_loop () at ../../gdb/main.c:407
#64 captured_command_loop () at ../../gdb/main.c:471
#65 0x00000000008073e5 in captured_main (data=data@entry=0x7ffe6913c960) at
../../gdb/main.c:1324
#66 gdb_main (args=args@entry=0x7ffe6913c980) at ../../gdb/main.c:1343

I have done some analysis on the stack, it seems that gdb keeps finding symbols
like `List`, `LIST`, etc and do a loop in
cooked_index_functions::expand_symtabs_matching, which causes it hanging with
100% CPU.

If I do a typecast to remove the reference before printing the variable like
this:
(gdb) p (List<Item>)all_fields

gdb will return very quickly.

And the above hang phenomenon does not appear in gdb 9.2 version. So I think
this is a regression.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/31192] GDB hang with CPU 100% when printing a variable with reference type

[ssbssa at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=31192

Hannes Domani <ssbssa at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ssbssa at sourceware dot org

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/31192] GDB hang with CPU 100% when printing a variable with reference type

[tromey at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=31192

Tom Tromey <tromey at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tromey at sourceware dot org

--- Comment #1 from Tom Tromey <tromey at sourceware dot org> ---
This sounds like another instance of bug#31010.
However I find it curious that adding that cast fixes the problem.
I would not expect that.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug gdb/31192] GDB hang with CPU 100% when printing a variable with reference type

[tromey at sourceware dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=31192

Tom Tromey <tromey at sourceware dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |29366


Referenced Bugs:

https://sourceware.org/bugzilla/show_bug.cgi?id=29366
[Bug 29366] [meta] New DWARF indexer meta bug
-- 
You are receiving this mail because:
You are on the CC list for the bug.