From: "wcohen at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: systemtap@sourceware.org
Subject: [Bug translator/27785] New: The ioctl_handler.stp example causes stap to segmentation fault
Date: Tue, 27 Apr 2021 18:46:17 +0000 [thread overview]
Message-ID: <bug-27785-6586@http.sourceware.org/bugzilla/> (raw)
https://sourceware.org/bugzilla/show_bug.cgi?id=27785
Bug ID: 27785
Summary: The ioctl_handler.stp example causes stap to
segmentation fault
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: translator
Assignee: systemtap at sourceware dot org
Reporter: wcohen at redhat dot com
Target Milestone: ---
When looking through the test results for systemtap examples I found that the
ioctl_handler.stp example failed to build. This can be replicated on the
previous systemtap-4.4 and the systemtap built from the current git repo. It
is pretty easy to replicate:
$ stap --example -v -p4 ioctl_handler.stp
Pass 1: parsed user script and 494 library scripts using
331292virt/95960res/12460shr/83072data kb, in 140usr/20sys/157real ms.
Segmentation fault (core dumped)
Ran stap in gdb to get a backtrace of where the problem occurred. Looks like
catch_error_var field of the try_block is null:
Reading symbols from
/usr/lib/debug/usr/bin/stap-4.5-1.202104221025.fc33.x86_64.debug...
(gdb) run --example -v -p4 ioctl_handler.stp
Starting program: /usr/bin/stap --example -v -p4 ioctl_handler.stp
Missing separate debuginfos, use: dnf debuginfo-install
glibc-2.32-4.fc33.x86_64
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Pass 1: parsed user script and 494 library scripts using
331292virt/95852res/12328shr/83072data kb, in 140usr/30sys/170real ms.
Program received signal SIGSEGV, Segmentation fault.
0x0000555555616b92 in symuse_collecting_visitor::visit_try_block
(this=0x7fffffff8330, s=0x555556ff5ff0) at staptree.cxx:2534
2534 if (s->catch_error_var->referent)
(gdb) print s
$1 = (try_block *) 0x555556ff5ff0
(gdb) print *s
$2 = {<statement> = {<visitable> = {_vptr.visitable = 0x55555585eb30 <vtable
for try_block+16>}, tok = 0x55555633dbf0},
try_block = 0x55555714b220, catch_block = 0x5555571524f0, catch_error_var =
0x0}
(gdb) where
#0 0x0000555555616b92 in symuse_collecting_visitor::visit_try_block
(this=0x7fffffff8330, s=0x555556ff5ff0)
at staptree.cxx:2534
#1 0x0000555555614bcc in traversing_visitor::visit_block (this=0x7fffffff8330,
s=0x5555564f8320) at staptree.cxx:1957
#2 0x0000555555614bcc in traversing_visitor::visit_block (this=0x7fffffff8330,
s=0x55555a992f60) at staptree.cxx:1957
#3 0x0000555555614bcc in traversing_visitor::visit_block (this=0x7fffffff8330,
s=0x55555e5a80d0) at staptree.cxx:1957
#4 0x0000555555640250 in probewrite_evaluator::visit_probewrite_op
(this=0x7fffffff8980, e=0x555557c1d400)
at elaborate.cxx:4455
#5 0x000055555562726a in update_visitor::require<expression>
(this=0x7fffffff8980, src=<optimized out>,
clearok=<optimized out>) at staptree.h:1300
#6 0x000055555561bc6e in update_visitor::replace<expression> (clearok=false,
src=@0x55555e5aa3f0: 0x555557c1d400,
this=0x7fffffff8980) at staptree.h:1331
#7 update_visitor::visit_if_statement (this=0x7fffffff8980, s=0x55555e5aa3e0)
at staptree.cxx:3461
#8 0x0000555555626e9a in update_visitor::require<statement>
(this=0x7fffffff8980, src=<optimized out>,
clearok=<optimized out>) at staptree.h:1300
#9 0x000055555561b130 in update_visitor::replace<statement> (clearok=false,
src=<optimized out>, this=0x7fffffff8980)
at staptree.h:1331
#10 update_visitor::visit_block (this=0x7fffffff8980, s=0x55555e5aa3b0) at
staptree.cxx:3426
#11 0x0000555555626e9a in update_visitor::require<statement>
(this=0x7fffffff8980, src=<optimized out>,
clearok=<optimized out>) at staptree.h:1300
#12 0x000055555561b130 in update_visitor::replace<statement> (clearok=false,
src=<optimized out>, this=0x7fffffff8980)
at staptree.h:1331
#13 update_visitor::visit_block (this=0x7fffffff8980, s=0x55555e5aa770) at
staptree.cxx:3426
#14 0x0000555555626e9a in update_visitor::require<statement>
(this=0x7fffffff8980, src=<optimized out>,
--Type <RET> for more, q to quit, c to continue without paging--
clearok=<optimized out>) at staptree.h:1300
#15 0x0000555555626f9e in update_visitor::replace<statement>
(this=0x7fffffff8980, src=@0x55555e5a9b90: 0x55555e5aa770,
clearok=<optimized out>) at staptree.h:1331
#16 0x00005555556318e0 in alias_expansion_builder::build_with_suffix
(this=0x55555a874db0, sess=..., use=<optimized out>,
location=0x55555e475dd0, finished_results=std::vector of length 0, capacity
0, suffix=std::vector of length 0, capacity 0)
at elaborate.cxx:938
#17 0x000055555562d385 in alias_expansion_builder::build (this=<optimized out>,
sess=..., use=<optimized out>,
location=<optimized out>, parameters=..., finished_results=...) at
elaborate.cxx:867
#18 0x000055555562c6bc in match_node::find_and_build (this=0x55555a874d00,
s=..., p=0x55555e5a7cf0, loc=0x55555e475dd0,
pos=<optimized out>, results=std::vector of length 0, capacity 0,
builders=std::set with 0 elements) at elaborate.cxx:479
#19 0x000055555562c861 in match_node::find_and_build (this=0x555556c3a730,
s=..., p=0x55555e5a7cf0, loc=0x55555e475dd0, pos=1,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#20 0x000055555562c861 in match_node::find_and_build (this=0x55555589f1c0,
s=..., p=0x55555e5a7cf0, loc=0x55555e475dd0, pos=0,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#21 0x0000555555630875 in derive_probes (s=..., p=<optimized out>, dps=...,
optional=<optimized out>,
rethrow_errors=<optimized out>) at elaborate.cxx:1020
#22 0x000055555563191a in alias_expansion_builder::build_with_suffix
(this=0x55555a874ae0, sess=..., use=<optimized out>,
location=0x55555a992ed0, finished_results=std::vector of length 0, capacity
0, suffix=std::vector of length 0, capacity 0)
at elaborate.cxx:943
#23 0x000055555562d385 in alias_expansion_builder::build (this=<optimized out>,
sess=..., use=<optimized out>,
location=<optimized out>, parameters=..., finished_results=...) at
elaborate.cxx:867
#24 0x000055555562c6bc in match_node::find_and_build (this=0x55555a874a30,
s=..., p=0x55555a9920b0, loc=0x55555a992ed0,
pos=<optimized out>, results=std::vector of length 0, capacity 0,
builders=std::set with 0 elements) at elaborate.cxx:479
--Type <RET> for more, q to quit, c to continue without paging--
#25 0x000055555562c861 in match_node::find_and_build (this=0x555559d428a0,
s=..., p=0x55555a9920b0, loc=0x55555a992ed0, pos=1,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#26 0x000055555562c861 in match_node::find_and_build (this=0x55555589f1c0,
s=..., p=0x55555a9920b0, loc=0x55555a992ed0, pos=0,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#27 0x0000555555630875 in derive_probes (s=..., p=<optimized out>, dps=...,
optional=<optimized out>,
rethrow_errors=<optimized out>) at elaborate.cxx:1020
#28 0x000055555563191a in alias_expansion_builder::build_with_suffix
(this=0x55555a874540, sess=..., use=<optimized out>,
location=0x55555a21a5b0, finished_results=std::vector of length 0, capacity
0, suffix=std::vector of length 0, capacity 0)
at elaborate.cxx:943
#29 0x000055555562d385 in alias_expansion_builder::build (this=<optimized out>,
sess=..., use=<optimized out>,
location=<optimized out>, parameters=..., finished_results=...) at
elaborate.cxx:867
#30 0x000055555562c6bc in match_node::find_and_build (this=0x55555a874490,
s=..., p=0x55555a7acc10, loc=0x55555a21a5b0,
pos=<optimized out>, results=std::vector of length 0, capacity 0,
builders=std::set with 0 elements) at elaborate.cxx:479
#31 0x000055555562c861 in match_node::find_and_build (this=0x55555a21cf10,
s=..., p=0x55555a7acc10, loc=0x55555a21a5b0, pos=1,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#32 0x000055555562c861 in match_node::find_and_build (this=0x55555589f1c0,
s=..., p=0x55555a7acc10, loc=0x55555a21a5b0, pos=0,
results=std::vector of length 0, capacity 0, builders=std::set with 0
elements) at elaborate.cxx:653
#33 0x0000555555630875 in derive_probes (s=..., p=<optimized out>, dps=...,
optional=<optimized out>,
rethrow_errors=<optimized out>) at elaborate.cxx:1020
#34 0x00005555555e8f75 in semantic_pass_symbols (s=...) at elaborate.cxx:1950
#35 semantic_pass (s=...) at elaborate.cxx:2540
#36 passes_0_4 (s=...) at main.cxx:1049
#37 0x00005555555db94e in main (argc=<optimized out>, argv=0x7fffffffc138) at
main.cxx:1534
(gdb)
--
You are receiving this mail because:
You are the assignee for the bug.
next reply other threads:[~2021-04-27 18:46 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-27 18:46 wcohen at redhat dot com [this message]
2021-04-27 19:48 ` [Bug translator/27785] " fche at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-27785-6586@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=systemtap@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).