From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 30391 invoked by alias); 4 Jan 2012 20:55:56 -0000 Received: (qmail 30381 invoked by uid 22791); 4 Jan 2012 20:55:55 -0000 X-SWARE-Spam-Status: No, hits=-1.5 required=5.0 tests=AWL,BAYES_00,TW_EB,TW_XB,TW_XF X-Spam-Check-By: sourceware.org Received: from xvm-20-226.ghst.net (HELO fruli.krunch.be) (92.243.20.226) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 04 Jan 2012 20:55:41 +0000 Received: from localhost (localhost [127.0.0.1]) by fruli.krunch.be (Postfix) with ESMTP id 5A099227F5; Wed, 4 Jan 2012 20:52:32 +0000 (UTC) Date: Wed, 04 Jan 2012 20:55:00 -0000 From: Adrien Kunysz To: Laris Benkis Cc: systemtap@sourceware.org Subject: Re: probe process.function on libc not working Message-ID: <20120104205832.GA771@chouffe> References: <4EF3BCE4.4070309@tpn.cc> <4F03E22D.2060809@tpn.cc> <20120104085702.GA7427@chouffe> <4F045DAF.9050002@tpn.cc> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline In-Reply-To: <4F045DAF.9050002@tpn.cc> User-Agent: Mutt/1.5.20 (2009-06-14) X-IsSubscribed: yes Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: systemtap-owner@sourceware.org X-SW-Source: 2012-q1/txt/msg00004.txt.bz2 --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1728 On Wed, Jan 04, 2012 at 09:09:51AM -0500, Laris Benkis wrote: > >> Warning: child process exited with signal 11 (Segmentation fault) > > What does the backtrace, the EIP and the code around the EIP in that > > core look like? > I've attached the core file. Here are the registers and backtrace. Than= ks > Laris >=20 > (gdb) info registers > eax 0xfffff000 -4096 > ecx 0x2400 9216 > edx 0x800000 8388608 > ebx 0x44fdeff4 1157492724 > esp 0xbf84c85c 0xbf84c85c > ebp 0x44e16000 0x44e16000 > esi 0x8 8 > edi 0x1 1 > eip 0xbf850070 0xbf850070 > eflags 0x10206 [ PF IF RF ] > cs 0x73 115 > ss 0x7b 123 > ds 0x7b 123 > es 0x7b 123 > fs 0x0 0 > gs 0x33 51 > (gdb) bt > #0 0xbf850070 in ?? () > #1 0x0000000b in ?? () > #2 0x44e16a54 in ?? () > #3 0x44e0ee78 in ?? () from /lib/ld-2.14.90.so > Backtrace stopped: Not enough registers or memory available to unwind > further That core file is pretty much useless without de debug symbols and I don't have a Fedora machine. What do you see if you disassemble the code around the instruction pointer? (0xbf850070). Another idea to try to understand this would be to see whether probing only part of the libc functions cause the problem. Is this just with one execve()-related function? All the functions? Or does this happen only when probing many functions? If you are familiar with Python an adaptation of the script Timo posted last month might be helpful to explore this: http://sourceware.org/ml/systemtap/2011-q4/msg00402.html --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline Content-length: 198 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk8EvXgACgkQKLX03ZSPZGxHpACdGD2uD9NA+umJvocw721YE/7U hAUAoKYZeMhgqL1X6Bwm7dOvZ0W8GWj6 =Uf4U -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI--