pwndbg: RecursionError when connecting to qemu target

Description

pwndbg after commit dc0e1f419a569963c76faa6125c2d5b53155255a (including current latest 2bef07faa0be17b639d3f30575e8c7971a492fd9) continuously throws RecursionErrors when connecting to a qemu target (qemu-arm and qemu-x86_64 both show the same behaviour) and doesn’t display the pwndbg UI.
Before commit dc0e1f419a569963c76faa6125c2d5b53155255a, no errors occur. This commit is “elf.py: optimize get_ehdr” and adds the pwndbg.vmmap.find() call into get_ehdr(), which is where the recursion seems to come into play, so I’m pretty sure it’s the problem.
Using a non-qemu target (including a native one running under gdbserver), no errors occur.

Steps to reproduce

qemu-x86_64 -g 1234 `which ps`
gdb `which ps` # note: need to provide the target binary on the command line or the issue won't trigger.
pwndbg> target remote :1234

Output is then:

Remote debugging using :1234
0x0000004000846100 in ?? ()
Exception occurred: Error: maximum recursion depth exceeded in comparison (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Exception occurred: Error: maximum recursion depth exceeded in comparison (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Python Exception <class 'RecursionError'> maximum recursion depth exceeded in comparison:
Exception occurred: Error: maximum recursion depth exceeded while calling a Python object (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Python Exception <class 'RecursionError'> maximum recursion depth exceeded while calling a Python object:
Exception occurred: Error: maximum recursion depth exceeded while calling a Python object (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Python Exception <class 'RecursionError'> maximum recursion depth exceeded while calling a Python object:
Exception occurred: Error: maximum recursion depth exceeded while calling a Python object (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Python Exception <class 'RecursionError'> maximum recursion depth exceeded while calling a Python object:
Exception occurred: Error: maximum recursion depth exceeded in comparison (<class 'RecursionError'>)
For more info invoke `set exception-verbose on` and rerun the command
or debug it by yourself with `set exception-debugger on`
Python Exception <class 'RecursionError'> maximum recursion depth exceeded in comparison:
pwndbg>

With set exception-debugger on, the partial traceback is:

Traceback (most recent call last):
  File "/home/user/Tools/pwndbg/pwndbg/events.py", line 165, in caller
    func()
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 194, in __reset_on_base
    base = pwndbg.elf.exe().address if pwndbg.elf.exe() else None
  File "/home/user/Tools/pwndbg/pwndbg/proc.py", line 71, in wrapper
    return func(*a, **kw)
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 182, in exe
    return load(e)
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 220, in load
    return get_ehdr(pointer)[1]
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 237, in get_ehdr
    vmmap = pwndbg.vmmap.find(pointer)
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 72, in find
    for page in get():
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 53, in get
    pages.extend(info_auxv())
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 404, in info_auxv
    pages.extend(pwndbg.elf.map(entry or phdr, exe_name))
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 326, in map
    ei_class, ehdr         = get_ehdr(pointer)
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 237, in get_ehdr
    vmmap = pwndbg.vmmap.find(pointer)
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 72, in find
    for page in get():
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 53, in get
    pages.extend(info_auxv())
  File "/home/user/Tools/pwndbg/pwndbg/memoize.py", line 46, in __call__
    value = self.func(*args, **kwargs)
  File "/home/user/Tools/pwndbg/pwndbg/vmmap.py", line 404, in info_auxv
    pages.extend(pwndbg.elf.map(entry or phdr, exe_name))
  File "/home/user/Tools/pwndbg/pwndbg/elf.py", line 326, in map
    ei_class, ehdr         = get_ehdr(pointer)
... repeat until RecursionError.

(If you want the full traceback for some reason, let me know, but it’s just recursing through the same functions until it falls over).

My setup

pwndbg> version Gdb: 9.2 Python: 3.8.2 (default, Jul 16 2020, 14:00:26) [GCC 9.3.0] Pwndbg: 1.1.0 build: 2bef07f Capstone: 4.0.1024 Unicorn: 1.0.2

Running on Ubuntu

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 34 (20 by maintainers)

Commits related to this issue

Fix coredump debugging This commit fixes our headaches with core files debugging. The TL;DR is that we will now try to parse `info proc mappings` and `maintenance info sections` to give users best p... — committed to pwndbg/pwndbg by disconnect3d 2 years ago
Fix coredump debugging (#1079) * Fix coredump debugging This commit fixes our headaches with core files debugging. The TL;DR is that we will now try to parse `info proc mappings` and `maintena... — committed to pwndbg/pwndbg by disconnect3d 2 years ago
vmmap: use pwndbg.info.auxv instead of gdb.execute This may or may not fix the issue described in https://github.com/pwndbg/pwndbg/issues/954#issuecomment-1231486726 — committed to pwndbg/pwndbg by disconnect3d 2 years ago
vmmap: use pwndbg.info.auxv instead of gdb.execute (#1107) This may or may not fix the issue described in https://github.com/pwndbg/pwndbg/issues/954#issuecomment-1231486726 — committed to pwndbg/pwndbg by disconnect3d 2 years ago

Most upvoted comments

@Erebua since this is not anymore about a recursion error, can you provide all necessary information to reproduce your issue in a new one and I will close this one?

sure,just wait a minute

Erebua on Aug 31, 2022