From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jacob.kroon@gmail.com>
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com
 [IPv6:2a00:1450:4864:20::12d])
 by sourceware.org (Postfix) with ESMTPS id 19FF63858D28
 for <gdb@sourceware.org>; Fri,  4 Feb 2022 14:45:16 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 19FF63858D28
Received: by mail-lf1-x12d.google.com with SMTP id x23so13221614lfc.0
 for <gdb@sourceware.org>; Fri, 04 Feb 2022 06:45:16 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:message-id:date:mime-version:user-agent:subject
 :content-language:to:cc:references:from:in-reply-to
 :content-transfer-encoding;
 bh=lJc2N/vTBnCHIY1obUlxY8Xds0dw5+/DHFNTfwjh5/4=;
 b=Yl4eQn7iDktO1i4q85lfvHGqfV2DiYI49CKMkycloXyfyeGRrmOewE7lkeMDd4zfgW
 gGPyfGeMsy7ImR4TxFdUMCZd/F74ld43/aYaWUrxKLNpGW98JF9+p8ooDH0Uxopbr8oV
 APoyyickjgMCZHz0AKntkhOTajNHJd9ojKVoY/k23voSvo06niKXUCui7HGYZ+qW5S2n
 nByHx8BXcAWGnyR9QhxEMMhA20Mzd0E7G5zyJqaloTWxwX3ZhXmYkyBApNpOV9yrU250
 lmIPZdWRgNpfiv6PBYPvypEdMKbOIixM5rJunhyDFRHe7G4lT6tUi/W3K+pUoKuWzMyz
 Sxcw==
X-Gm-Message-State: AOAM532O03XWBztLUJb94/Fl/8nCHd9gCTiF1AqNzPbmCjlglD5AQURK
 vzvMCb1RX5quefUVwFNeyqs=
X-Google-Smtp-Source: ABdhPJzjQRI42oG0WIkKV+5CChqOImPwyMOEjZ3kt4Z6LXnqTJ1wpKTzbK5wmgQUz4pgb2252BSFfw==
X-Received: by 2002:ac2:4c8d:: with SMTP id d13mr2461714lfl.136.1643985914999; 
 Fri, 04 Feb 2022 06:45:14 -0800 (PST)
Received: from [192.168.10.175] (37-247-29-68.customers.ownit.se.
 [37.247.29.68])
 by smtp.gmail.com with ESMTPSA id x12sm345047lfr.23.2022.02.04.06.45.14
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Fri, 04 Feb 2022 06:45:14 -0800 (PST)
Message-ID: <f4aef4f0-dc07-9477-2a63-e9a259e95f73@gmail.com>
Date: Fri, 4 Feb 2022 15:45:13 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.5.0
Subject: Re: Debugging ld.so in gdb
Content-Language: en-US
To: Florian Weimer <fweimer@redhat.com>
Cc: Jacob Kroon via Gdb <gdb@sourceware.org>
References: <29e0ef71-4706-9b0f-2a68-e12c54120d8e@gmail.com>
 <8735kypwcd.fsf@oldenburg.str.redhat.com>
 <c2a11d90-6d66-000d-f91e-fa1952382580@gmail.com>
 <87y22qognw.fsf@oldenburg.str.redhat.com>
From: Jacob Kroon <jacob.kroon@gmail.com>
In-Reply-To: <87y22qognw.fsf@oldenburg.str.redhat.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, NICE_REPLY_A,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: gdb@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gdb mailing list <gdb.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb>,
 <mailto:gdb-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb/>
List-Post: <mailto:gdb@sourceware.org>
List-Help: <mailto:gdb-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb>,
 <mailto:gdb-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2022 14:45:19 -0000

On 2/4/22 15:22, Florian Weimer wrote:
> * Jacob Kroon:
> 
>> This is what I get, following the instructions above:
>>
>>> 171966	   0x00007ffff7fd85a0 <dfs_traversal+80>:	mov    0x0(%r13),%rax
>>> 171967	   0x00007ffff7fd85a4 <dfs_traversal+84>:	lea    -0x8(%rax),%rdx
>>> 171968	   0x00007ffff7fd85a8 <dfs_traversal+88>:	mov    %rdx,0x0(%r13)
>>> 171969	   0x00007ffff7fd85ac <dfs_traversal+92>:	mov    %rbp,-0x8(%rax)
>>> 171970	   0x00007ffff7fd85b0 <dfs_traversal+96>:	add    $0x8,%rsp
>>> 171971	   0x00007ffff7fd85b4 <dfs_traversal+100>:	pop    %rbx
>>> 171972	   0x00007ffff7fd85b5 <dfs_traversal+101>:	pop    %rbp
>>> 171973	   0x00007ffff7fd85b6 <dfs_traversal+102>:	pop    %r12
>>> 171974	   0x00007ffff7fd85b8 <dfs_traversal+104>:	pop    %r13
>>> 171975	   0x00007ffff7fd85ba <dfs_traversal+106>:	ret    
>>
>> Does that make sense ? Any other information I can provide. This is with
>> glibc-2.34-24.fc35.x86_64, Fedora 35.
> 
> This doesn't really make sense.  There's probably some GDB option to get
> a longer trace.
> 
> If it is crashing at the RET, it means that either code has been mapped
> over, or the stack has been corrupted.  At the crash site, what does
> 
>   print *(void**)$rsp
> 
> print?
> 
>   disassemble *(void**)$rsp
> 
> could also be interesting.
> 
> Thanks,
> Florian
> 

I put a breakpoint in "dfs_traversal" and each time I stop in there the
backtrace looks ok, but once the crash has happened, "bt" shows:

> #0  0x00007ffff7fad590 in ?? ()
> #1  0x00007ffff7d31b70 in ?? ()
> #2  0x00007ffff7d32830 in ?? ()
> #3  0x00007ffff7fae150 in ?? ()
> #4  0x00007ffff7fae730 in ?? ()
> #5  0x00007ffff7d32160 in ?? ()
> #6  0x00007ffff7952d30 in ?? ()
> #7  0x00007ffff79d1920 in ?? ()
> #8  0x00007ffff7d31000 in ?? ()
> #9  0x00007ffff79d1ef0 in ?? ()
> #10 0x00007ffff79d24c0 in ?? ()
> #11 0x00007ffff7952000 in ?? ()
> #12 0x00007ffff7952660 in ?? ()
> #13 0x00007ffff79537a0 in ?? ()
> #14 0x00007ffff7d31570 in ?? ()
> #15 0x00007ffff7ffda30 in _rtld_local ()
> #16 0x0000000000000001 in ?? ()
> #17 0xffffffffa5c00000 in ?? ()
> #18 0xffffeffc0b0e0000 in ?? ()
> #19 0x00007ffff795a409 in ?? ()
> #20 0x0000000000000000 in ?? ()

so maybe the stack gets corrupted..

Jacob