From mboxrd@z Thu Jan  1 00:00:00 1970
From: Moses DeJong <dejong@cs.umn.edu>
To: insight@sourceware.cygnus.com
Subject: Info about an insight core dump.
Date: Sat, 21 Aug 1999 16:25:00 -0000
Message-id: <Pine.GSO.4.05.9908211823260.24059-100000@brin.cs.umn.edu>
X-SW-Source: 1999-q3/msg00093.html

Hi all.

I have been getting some core dumps from insight and I thought
I would post what I have found so far in the hope that other
folks might find it useful.


Here is the stack trace I got.


#0  0x804e180 in get_frame_block (frame=0x829c73c)
    at ../../gdb/blockframe.c:555
#1  0x805781b in get_selected_block () at ../../gdb/stack.c:1577
#2  0x809dbd6 in parse_exp_1 (stringptr=0xbfffde8c, block=0x0, comma=0)
    at ../../gdb/parse.c:1152
#3  0x809dd00 in parse_expression (string=0xa5a7cf0 "2")
    at ../../gdb/parse.c:1201
#4  0x805c040 in parse_and_eval_address (exp=0xa5a7cf0 "2")
    at ../../gdb/eval.c:82
#5  0x805685b in parse_frame_specification (frame_exp=0xa510496 "2")
    at ../../gdb/stack.c:660
#6  0x80578a4 in select_frame_command (level_exp=0xa510496 "2", from_tty=0)
    at ../../gdb/stack.c:1640
#7  0x80578fe in frame_command (level_exp=0xa510496 "2", from_tty=0)
    at ../../gdb/stack.c:1668
#8  0x8097b5f in gdbtk_call_command (cmdblk=0x829f3d8, arg=0xa510496 "2", 
    from_tty=0) at ../../gdb/gdbtk-hooks.c:518
#9  0x80d9058 in execute_command (p=0xa510496 "2", from_tty=0)
    at ../../gdb/top.c:1321
#10 0x8093cca in gdb_cmd (clientData=0x8093c04, interp=0x82ac978, objc=2, 
    objv=0x82ad604) at ../../gdb/gdbtk-cmds.c:818
#11 0x80939b9 in wrapped_call (opaque_args=0xbfffe19c)
    at ../../gdb/gdbtk-cmds.c:524
#12 0x80d8513 in catch_errors (func=0x80939a4 <wrapped_call>, 
    args=0xbfffe19c, errstring=0x82108d6 "", mask=3) at ../../gdb/top.c:572
#13 0x8093900 in call_wrapper (clientData=0x8093c04, interp=0x82ac978, 
    objc=2, objv=0x82ad604) at ../../gdb/gdbtk-cmds.c:462
#14 0x81cc86c in TclExecuteByteCode (interp=0x82ac978, codePtr=0x9696e50)
    at ../../../tcl/unix/../generic/tclExecute.c:955
#15 0x81b54ab in Tcl_EvalObj (interp=0x82ac978, objPtr=0xa4e9790)
    at ../../../tcl/unix/../generic/tclBasic.c:2645
#16 0x8130ef8 in Itcl_EvalMemberCode (interp=0x82ac978, mfunc=0xa4c2900, 
    member=0xa4c2918, contextObj=0xa4d1c38, objc=2, objv=0x82ad5fc)
    at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_methods.c:1029
#17 0x813168c in Itcl_ExecMethod (clientData=0xa4c2900, interp=0x82ac978, 
    objc=2, objv=0x82ad5fc)
    at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_methods.c:154
#18 0x8136bd5 in Itcl_EvalArgs (interp=0x82ac978, objc=2, objv=0x82ad5fc)
    at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_util.c:1337
#19 0x8132cc1 in Itcl_HandleInstance (clientData=0xa4d1c38, 
    interp=0x82ac978, objc=3, objv=0x82ad5f8)
    at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_objects.c:658
#20 0x81cc86c in TclExecuteByteCode (interp=0x82ac978, codePtr=0xa56ea50)
    at ../../../tcl/unix/../generic/tclExecute.c:955
#21 0x81b54ab in Tcl_EvalObj (interp=0x82ac978, objPtr=0xa405420)
    at ../../../tcl/unix/../generic/tclBasic.c:2645
#22 0x81e1564 in NamespaceInscopeCmd (dummy=0x0, interp=0x82ac978, objc=4, 
    objv=0x82ad5e8) at ../../../tcl/unix/../generic/tclNamesp.c:3277
#23 0x81e0cfd in Tcl_NamespaceObjCmd (clientData=0x0, interp=0x82ac978, 
    objc=4, objv=0x82ad5e8) at ../../../tcl/unix/../generic/tclNamesp.c:2498
#24 0x81cc86c in TclExecuteByteCode (interp=0x82ac978, codePtr=0xa594130)
    at ../../../tcl/unix/../generic/tclExecute.c:955
#25 0x81b54ab in Tcl_EvalObj (interp=0x82ac978, objPtr=0x8396248)
    at ../../../tcl/unix/../generic/tclBasic.c:2645
#26 0x81b52b8 in Tcl_Eval (interp=0x82ac978, 
    string=0xa5853a8 "namespace inscope ::StackWin {::.stackwin0.stackwin change_frame 469}") at ../../../tcl/unix/../generic/tclBasic.c:2453
#27 0x81b6797 in Tcl_GlobalEval (interp=0x82ac978, 
    command=0xa5853a8 "namespace inscope ::StackWin {::.stackwin0.stackwin change_frame 469}") at ../../../tcl/unix/../generic/tclBasic.c:3983
#28 0x81a5188 in Tk_BindEvent (bindingTable=0x82c0bb0, eventPtr=0xa59aeb0, 
    tkwin=0x992f138, numObjects=0, objectPtr=0xbffff6f0)
    at ../../../tk/unix/../generic/tkBind.c:1731
#29 0x81a8912 in TkBindEventProc (winPtr=0x992f138, eventPtr=0xa59aeb0)
    at ../../../tk/unix/../generic/tkCmds.c:242
#30 0x815f747 in Tk_HandleEvent (eventPtr=0xa59aeb0)
    at ../../../tk/unix/../generic/tkEvent.c:657
#31 0x815fa31 in WindowEventProc (evPtr=0xa59aea8, flags=-3)
    at ../../../tk/unix/../generic/tkEvent.c:983
#32 0x81e1dc4 in Tcl_ServiceEvent (flags=-3)
    at ../../../tcl/unix/../generic/tclNotify.c:444
#33 0x81e1f96 in Tcl_DoOneEvent (flags=0)
    at ../../../tcl/unix/../generic/tclNotify.c:683
#34 0x815fa8c in Tk_MainLoop ()
    at ../../../tk/unix/../generic/tkEvent.c:1041
#35 0x8097972 in tk_command_loop () at ../../gdb/gdbtk-hooks.c:382
#36 0x80dfcb4 in main (argc=3, argv=0xbffff8f4) at ../../gdb/main.c:681




Here is the code from gdb/blockframe.c:555 where the crash happens.



/* Return the innermost lexical block in execution
   in a specified stack frame.  The frame address is assumed valid.  */

struct block *
get_frame_block (frame)
     struct frame_info *frame;
{
  CORE_ADDR pc;

  pc = frame->pc;
  if (frame->next != 0 && frame->next->signal_handler_caller == 0)  (# 555)
    /* We are not in the innermost frame and we were not interrupted
       by a signal.  We need to subtract one to get the correct block,
       in case the call instruction was the last instruction of the block.
       If there are any machines on which the saved pc does not point to
       after the call insn, we probably want to make frame->pc point after
       the call insn anyway.  */
    --pc;
  return block_for_pc (pc);
}



It seems like frame is not a valid address so frame->next causes a core dump.



The strange thing is that in the method right above get_frame_block
passes a valid pointer.


Inside get_selected_block

print selected_frame
$7 = (struct frame_info *) 0x829c8b4

print *selected_frame
$3 = {frame = 7237487, pc = 0, signal_handler_caller = 33, saved_regs = 0x84d97f8, extra_info = 0x90608a8, next = 0x2a, prev = 0x3}


print selected_frame->next
$5 = (struct frame_info *) 0x2a





But when you get into get_frame_block the pointer is no
longer valid.

print frame
$6 = (struct frame_info *) 0x2a

print *frame
Cannot access memory at address 0x2a.

print frame->next
Cannot access memory at address 0x3e.







I am not really sure if this is related, but I got another
core dump that looked like this.



Program received signal SIGSEGV, Segmentation fault.
0x8095b0d in gdb_loc (clientData=0x8095ad0, interp=0x82ac538, objc=1, objv=0x82ad1c0) at ../../gdb/gdbtk-cmds.c:2687


#0  0x8095b0d in gdb_loc (clientData=0x8095ad0, interp=0x82ac538, objc=1, objv=0x82ad1c0) at ../../gdb/gdbtk-cmds.c:2687
#1  0x80939b9 in wrapped_call (opaque_args=0xbfffebc4) at ../../gdb/gdbtk-cmds.c:524
#2  0x80d8513 in catch_errors (func=0x80939a4 <wrapped_call>, args=0xbfffebc4, errstring=0x82108d6 "", mask=3) at ../../gdb/top.c:572
#3  0x8093900 in call_wrapper (clientData=0x8095ad0, interp=0x82ac538, objc=1, objv=0x82ad1c0) at ../../gdb/gdbtk-cmds.c:462
#4  0x81cc86c in TclExecuteByteCode (interp=0x82ac538, codePtr=0x86beb50) at ../../../tcl/unix/../generic/tclExecute.c:955
#5  0x81b54ab in Tcl_EvalObj (interp=0x82ac538, objPtr=0x850e9a8) at ../../../tcl/unix/../generic/tclBasic.c:2645
#6  0x8130ef8 in Itcl_EvalMemberCode (interp=0x82ac538, mfunc=0x84fdc60, member=0x84fdc78, contextObj=0x84c43b8, objc=4, objv=0x82ad1ac) at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_methods.c:1029
#7  0x813168c in Itcl_ExecMethod (clientData=0x84fdc60, interp=0x82ac538, objc=4, objv=0x82ad1ac) at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_methods.c:1546
#8  0x8136bd5 in Itcl_EvalArgs (interp=0x82ac538, objc=4, objv=0x82ad1ac) at /home/mo/project/insight-19990816/itcl/itcl/generic/itcl_util.c:1337




The gdb_loc function inside gdb/gdbtk-cmds.c looks like so.



gdb_loc (clientData, interp, objc, objv)
     ClientData clientData;
     Tcl_Interp *interp;
     int objc;
     Tcl_Obj *CONST objv[];
{
  char *filename;
  struct symtab_and_line sal;
  struct symbol *sym;
  char *fname;
  CORE_ADDR pc;

  if (objc == 1)
    {
      if (selected_frame && (selected_frame->pc != read_pc ()))
        {
          /* Note - this next line is not correct on all architectures.
	     For a graphical debugger we really want to highlight the 
	     assembly line that called the next function on the stack.
	     Many architectures have the next instruction saved as the
	     pc on the stack, so what happens is the next instruction 
	     is highlighted. FIXME */
	  pc = selected_frame->pc;
(#2687)	  sal = find_pc_line (selected_frame->pc,
			      selected_frame->next != NULL
			      && !selected_frame->next->signal_handler_caller
			      && !frame_in_dummy (selected_frame->next));
	}
      else





The strange part about this SIGSEGV is that the pointer seems to
be valid in the scope of the function. I also tried calling frame_in_dummy
and find_pc_line and those did not seem to crash.

print selected_frame->pc
$19 = 0

print selected_frame->next
$20 = (struct frame_info *) 0xbffec6d4

print selected_frame->next->signal_handler_caller
$21 = 0





I hope that helps
Mo DeJong
dejong at cs.umn.edu