Menu

#285 "opreport --debug-info --symbols --demangle=smart" segfaults

open
nobody
None
5
2016-05-24
2016-05-24
PeJay
No

Hi,

First: This is a duplicate of bug #163, which was closed in 2009 as "cannot reproduce". Didn't find out how to reopen that bug again, so here goes a new one.

I have a lot of opreport calls, and some of them regularly fail with a segfault.

  • latest stable oprofile 1.1.0
  • compiled from source with gcc47-4.7.2
  • binutils 2.23.1
  • SuSE Linux Enterprise 11SP3
  • Kernel 3.0.101-0.47.52-default
Program terminated with signal 11, Segmentation fault.
#0  0x00000000004a83d0 in elf_find_function (abfd=0x93c8a0, section=0x956a88, symbols=0xbf38b0, offset=1877056, filename_ptr=0x0, functionname_ptr=0x7ffca124b100) at ../../bfd/elf.c:7589
7589    ../../bfd/elf.c: No such file or directory.
(gdb) bt
#0  0x00000000004a83d0 in elf_find_function (abfd=0x93c8a0, section=0x956a88, symbols=0xbf38b0, offset=1877056, filename_ptr=0x0, functionname_ptr=0x7ffca124b100) at ../../bfd/elf.c:7589
#1  0x00000000004a9fd5 in _bfd_elf_find_nearest_line_discriminator (abfd=0x93c8a0, section=0x956a88, symbols=0xbf38b0, offset=1877056, filename_ptr=0x0, functionname_ptr=0x7ffca124b100, line_ptr=0x7ffca124b0c8, discriminator_ptr=0x0)
    at ../../bfd/elf.c:7712
#2  0x00000000004aa02b in _bfd_elf_find_nearest_line (abfd=0x93c8a0, section=0x956a88, symbols=0xbf38b0, offset=140258792436672, filename_ptr=0x0, functionname_ptr=0x7ffca124b100, line_ptr=0x7ffca124b0c8) at ../../bfd/elf.c:7674
#3  0x0000000000478bc9 in find_nearest_line (b=..., sym=..., offset=<optimized out>, anon_obj=<optimized out>) at bfd_support.cpp:828
#4  0x00000000004720d2 in op_bfd::get_linenr (this=0xa05600, sym_idx=6061, offset=2845248, source_filename="", linenr=@0x7ffca124b448: 0) at op_bfd.cpp:504
#5  0x000000000044d525 in profile_container::add (this=0x7ffca124b890, profile=..., abfd=..., app_name="/home/user/my_bench_executable", pclass=0)
    at profile_container.cpp:108
#6  0x000000000044a0c6 in populate_for_image (samples=..., ip=..., symbol_filter=..., has_debug_info=0x0) at populate.cpp:97
#7  0x000000000041433c in (anonymous namespace)::opreport (spec=...) at opreport.cpp:577
#8  0x000000000041d52f in run_pp_tool (argc=<optimized out>, argv=0x7ffca124bc68, fct=0x413bc0 <(anonymous namespace)::opreport(options::spec const&)>) at common_option.cpp:221
#9  0x00007f908be14c36 in __libc_start_main () from /lib64/libc.so.6
#10 0x000000000040a001 in _start () at ../sysdeps/x86_64/elf/start.S:113
(gdb) i locals
last_section = 0x956a88
func = 0x7f908b7ff3c0
filename = 0x7f90873c5021 <Address 0x7f90873c5021 out of bounds>
func_size = 1

Things I have found out so far:
This seems to be a race condition, which is probably why it is so hard to reproduce. Sometimes the "normal" call to opreport will segfault everytime, but when I add "--details" as additional parameter, it might work (sometimes works, sometimes not). Same if I add other parameters, e.g. "--verbose=All". Although the callstack shows that this is somehow related to bfd, a "--verbose=bfd" did not produce any additional output.

Best regards,
PJ

Discussion

Log in to post a comment.

MongoDB Logo MongoDB