[Bug libgcc/78409] New: Segfault in classify_object_over_fdes when throwing and exception

Thu, 17 Nov 2016 11:00:19 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78409

            Bug ID: 78409
           Summary: Segfault in classify_object_over_fdes when throwing
                    and exception
           Product: gcc
           Version: 6.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libgcc
          Assignee: unassigned at gcc dot gnu.org
          Reporter: orion at cora dot nwra.com
  Target Milestone: ---

Running on Fedora rawhide with gcc-6.2.1-2.fc26

Core was generated by
`/home/orion/fedora/octave/octave-4.2.0/src/.libs/lt-octave-gui --no-init-path
-'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  classify_object_over_fdes (ob=ob@entry=0x7f3a4d3d4910,
this_fde=0x7f3a6f220018)
    at ../../../libgcc/unwind-dw2-fde.c:613
613       for (; ! last_fde (ob, this_fde); this_fde = next_fde (this_fde))
(gdb) print ob
$1 = (struct object *) 0x7f3a4d3d4910
(gdb) print this_fde
$2 = (const fde *) 0x7f3a6f220018
(gdb) print *this_fde
Cannot access memory at address 0x7f3a6f220018
(gdb) print *ob
$3 = {pc_begin = 0xffffffffffffffff, tbase = 0x0, dbase = 0x0, u = {single =
0x7f3a6f220018,
    array = 0x7f3a6f220018, sort = 0x7f3a6f220018}, s = {b = {sorted = 0,
from_array = 0,
      mixed_encoding = 0, encoding = 255, count = 0}, i = 2040}, next =
0x7f3a4d3c3580}
(gdb) print *(fde *)0x7f3a6f220018
Cannot access memory at address 0x7f3a6f220018

(gdb) bt
#0  0x00007f3a6ba7235e in classify_object_over_fdes
(ob=ob@entry=0x7f3a4d3d4910, this_fde=0x7f3a6f220018) at
../../../libgcc/unwind-dw2-fde.c:613
#1  0x00007f3a6ba72859 in init_object (ob=0x7f3a4d3d4910)
    at ../../../libgcc/unwind-dw2-fde.c:749
#2  0x00007f3a6ba72859 in search_object (ob=ob@entry=0x7f3a4d3d4910,
pc=pc@entry=0x7f3a6ba7125d <_Unwind_RaiseException+61>) at
../../../libgcc/unwind-dw2-fde.c:961
#3  0x00007f3a6ba730f6 in _Unwind_Find_registered_FDE (bases=0x7f3a516fd2c8,
pc=0x7f3a6ba7125d <_Unwind_RaiseException+61>) at
../../../libgcc/unwind-dw2-fde.c:1025
#4  0x00007f3a6ba730f6 in _Unwind_Find_FDE (pc=0x7f3a6ba7125d
<_Unwind_RaiseException+61>, bases=bases@entry=0x7f3a516fd2c8) at
../../../libgcc/unwind-dw2-fde-dip.c:454
#5  0x00007f3a6ba6fb93 in uw_frame_state_for
(context=context@entry=0x7f3a516fd220, fs=fs@entry=0x7f3a516fd070) at
../../../libgcc/unwind-dw2.c:1241
#6  0x00007f3a6ba70db0 in uw_init_context_1
(context=context@entry=0x7f3a516fd220,
outer_cfa=outer_cfa@entry=0x7f3a516fd5d0, outer_ra=0x7f3a6c2464cc
<__cxxabiv1::__cxa_throw(void*, std::type_info*, void (*)(void*))+92>) at
../../../libgcc/unwind-dw2.c:1562
#7  0x00007f3a6ba7125e in _Unwind_RaiseException (exc=exc@entry=0x7f3a4c5e7470)
    at ../../../libgcc/unwind.inc:88
#8  0x00007f3a6c2464cc in __cxxabiv1::__cxa_throw(void*, std::type_info*, void
(*)(void*)) (obj=obj@entry=0x7f3a4c5e7490, tinfo=0x7f3a6f10f320 <typeinfo for
octave::execution_exception>,
    tinfo@entry=0x7f3a6ebd4a98 <typeinfo for octave::execution_exception>,
dest=dest@entry=0x7f3a6e1849e0
<octave::execution_exception::~execution_exception()>)
    at ../../../../libstdc++-v3/libsupc++/eh_throw.cc:82
#9  0x00007f3a6e39a5ce in error_1(octave::execution_exception &, std::ostream
&, const char *, const char *, const char *, typedef __va_list_tag
__va_list_tag *, bool) (e=..., os=..., name=name@entry=0x7f3a6e7a1625 "error",
id=id@entry=0x7f3a6e796b04 "", fmt=<optimized out>,
    fmt@entry=0x7f3a6e79b3f7 "%s: unknown %s property %s",
args=args@entry=0x7f3a516fd710, with_cfn=false) at
libinterp/corefcn/error.cc:512
#10 0x00007f3a6e39a73e in error_1(std::ostream &, const char *, const char *,
const char *, typedef __va_list_tag __va_list_tag *, bool) (os=...,
name=name@entry=0x7f3a6e7a1625 "error", id=id@entry=0x7f3a6e796b04 "",
fmt=0x7f3a6e79b3f7 "%s: unknown %s property %s",
args=args@entry=0x7f3a516fd710, with_cfn=with_cfn@entry=false) at
libinterp/corefcn/error.cc:522
#11 0x00007f3a6e39a797 in verror(char const*, __va_list_tag*) (fmt=<optimized
out>, args=args@entry=0x7f3a516fd710) at libinterp/corefcn/error.cc:528
#12 0x00007f3a6e39a839 in error(char const*, ...) (fmt=fmt@entry=0x7f3a6e79b3f7
"%s: unknown %s property %s") at libinterp/corefcn/error.cc:536
#13 0x00007f3a6e41f28d in validate_property_name(std::__cxx11::string const&,
std::__cxx11::string const&, std::set<std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >,
std::less<std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > >, std::allocator<std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > > > const&, caseless_str const&)
(who="get", what="axes", pnames=std::set with 142 elements = {...}, pname=...)
at libinterp/corefcn/graphics.cc:101
....

(gdb) up
#1  0x00007f3a6ba72859 in init_object (ob=0x7f3a4d3d4910)
    at ../../../libgcc/unwind-dw2-fde.c:749
749               count = classify_object_over_fdes (ob, ob->u.single);
(gdb) print *ob
$5 = {pc_begin = 0xffffffffffffffff, tbase = 0x0, dbase = 0x0, u = {single =
0x7f3a6f220018,
    array = 0x7f3a6f220018, sort = 0x7f3a6f220018}, s = {b = {sorted = 0,
from_array = 0,
      mixed_encoding = 0, encoding = 255, count = 0}, i = 2040}, next =
0x7f3a4d3c3580}

Reply via email to