[Bug 1176095] New: pahole segfaults on SLE15 {SP1,SP2} kernel debuginfo
https://bugzilla.suse.com/show_bug.cgi?id=1176095 Bug ID: 1176095 Summary: pahole segfaults on SLE15 {SP1,SP2} kernel debuginfo Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: tdevries@suse.com Reporter: mkoutny@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- I saw this on Tumbleweed [1] dwarves-1.17-2.3.x86_64 ## Steps to reproduce:
$ sshfs l3mule.suse.de:/ ~/mule -o follow_symlinks $ pahole -C mem_cgroup ~/mule/var/cache/crash-setup/15sp2/x86_64/5.3.18-24.9-default
## Expected behavior prints information about given struct ## Actual behavior Loads (16309) of messages like:
tag__recode_dwarf_type: couldn't find 0x734713 type for 0x3e (pointer_type)! tag__recode_dwarf_type: couldn't find 0x22 type for 0x75 (array_type)! tag__recode_dwarf_type: couldn't find 0x73472d type for 0x10d (pointer_type)! tag__recode_dwarf_type: couldn't find 0xf1 type for 0x128 (typedef)! tag__recode_dwarf_type: couldn't find 0x10d type for 0x15c (const_type)! tag__recode_dwarf_type: couldn't find 0x14 type for 0x133 (variable)! [...] namespace__recode_dwarf_types: couldn't find 0x1d6 type for 0x24c (member)! namespace__recode_dwarf_types: couldn't find 0x1d6 type for 0x258 (member)! [...] ftype__recode_dwarf_types: couldn't find 0x6436 type for 0x446c7 (formal_parameter)! ftype__recode_dwarf_types: couldn't find 0x22 type for 0x446cc (formal_parameter)! ftype__recode_dwarf_types: couldn't find 0x18e0d type for 0x446d1 (formal_parameter)! ftype__recode_dwarf_types: couldn't find 0x734761 type for 0x446d6 (formal_parameter)!
and eventually segfaults in
#0 0x00007f8537ad351d tag__natural_alignment (libdwarves.so.1 + 0xf51d) #1 0x00007f8537ad359b tag__natural_alignment (libdwarves.so.1 + 0xf59b) #2 0x00007f8537ad4d29 type__check_structs_at_unnatural_alignments (libdwarves.so.1 + 0x10d29) #3 0x00007f8537ad4ebb class__infer_packed_attributes (libdwarves.so.1 + 0x10ebb) #4 0x00007f8537ada6f8 __class__fprintf (libdwarves.so.1 + 0x166f8) #5 0x00007f8537ada141 tag__fprintf (libdwarves.so.1 + 0x16141) #6 0x000055a77b4e50df pahole_stealer (pahole + 0x50df) #7 0x00007f8537ae8dbe cus__load_module (libdwarves.so.1 + 0x24dbe) #8 0x00007f8537ae9101 cus__process_dwflmod (libdwarves.so.1 + 0x25101) #9 0x00007f85378af6c1 dwfl_getmodules (libdw.so.1 + 0x506c1) #10 0x00007f8537ae107d dwarf__load_file.lto_priv.0 (libdwarves.so.1 + 0x1d07d) #11 0x00007f8537ad52e1 cus__load_file (libdwarves.so.1 + 0x112e1) #12 0x00007f8537ad8e28 cus__load_files (libdwarves.so.1 + 0x14e28) #13 0x000055a77b4e350a main (pahole + 0x350a) #14 0x00007f8537923cca __libc_start_main (libc.so.6 + 0x26cca) #15 0x000055a77b4e364a _start (pahole + 0x364a)
(Bug assignment is an educated guess.) [1] pahole from Leap 15.2 (dwarves-1.11-lp152.3.9) failed at the task too (didn't crash though) and it worked with 4.12 kernel debuginfo. I'm filing the bug against the newer version. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |msuchanek@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c1 --- Comment #1 from Tom de Vries <tdevries@suse.com> --- (In reply to Michal Koutný from comment #0)
I saw this on Tumbleweed [1] dwarves-1.17-2.3.x86_64
## Steps to reproduce:
$ sshfs l3mule.suse.de:/ ~/mule -o follow_symlinks $ pahole -C mem_cgroup ~/mule/var/cache/crash-setup/15sp2/x86_64/5.3.18-24.9-default
I get: ... $ pahole -C mem_cgroup ./mule/var/cache/crash-setup/15sp2/x86_64/5.3.18-24.9-default/ ctf__new: cannot read ./mule/var/cache/crash-setup/15sp2/x86_64/5.3.18-24.9-default/ ELF file. pahole: ./mule/var/cache/crash-setup/15sp2/x86_64/5.3.18-24.9-default/: Is a directory ... -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c2 --- Comment #2 from Tom de Vries <tdevries@suse.com> --- Reproduced using pahole master: ... $ ./build/pahole -C mem_cgroup ~/pahole/5.3.18-24.9-default/usr/lib/debug/boot/vmlinux-5.3.18-24.9-default.debug ... Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7f65d92 in tag__is_pointer (tag=0x0) at /home/vries/dwarves/src/dwarves.h:446 446 return tag->tag == DW_TAG_pointer_type; ... -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c3 --- Comment #3 from Tom de Vries <tdevries@suse.com> --- Looking at the first sign of trouble, we have: ... tag__recode_dwarf_type: couldn't find 0x734713 type for 0x3e (pointer_type)! ... Which is due to a DIE in the second partial unit: ... <0><35>: Abbrev Number: 16 (DW_TAG_partial_unit) <36> DW_AT_stmt_list : 0x185 <1><3e>: Abbrev Number: 22 (DW_TAG_pointer_type) <3f> DW_AT_byte_size : 8 <40> DW_AT_type : <0x734713> <1><44>: Abbrev Number: 0 ... which references a DIE in a later partial unit: ... <0><73470a>: Abbrev Number: 5 (DW_TAG_partial_unit) <73470b> DW_AT_stmt_list : 0x185 <1><734713>: Abbrev Number: 14 (DW_TAG_const_type) <734714> DW_AT_type : <0x1b> ... which, for completeness sake, references a DIE in the first partial unit: ... <0><b>: Abbrev Number: 47 (DW_TAG_partial_unit) <c> DW_AT_stmt_list : 0x185 <1><1b>: Abbrev Number: 42 (DW_TAG_base_type) <1c> DW_AT_byte_size : 1 <1d> DW_AT_encoding : 6 (signed char) <1e> DW_AT_name : char ... Forward references are allowed by the standard, so not a dwz bug. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c4 --- Comment #4 from Tom de Vries <tdevries@suse.com> --- The assert happens as follows. We dereference tag here, and tag is 0: ... Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7f65d92 in tag__is_pointer (tag=0x0) at /home/vries/dwarves/src/dwarves.h:446 446 return tag->tag == DW_TAG_pointer_type; ... because member_type is 0 here: ... (gdb) up #2 0x00007ffff7f69ad4 in type__natural_alignment (type=0x15b1e00, cu=0xd7ed50) at /home/vries/dwarves/src/dwarves.c:1469 1469 size_t member_natural_alignment = tag__natural_alignment(member_type, cu); (gdb) p member_type $1 = (struct tag *) 0x0 ... The member_type is set just before: ... 1468 struct tag *member_type = tag__strip_typedefs_and_modifiers(&member->tag, cu); 1469 size_t member_natural_alignment = tag__natural_alignment(member_type, cu); ... But it's set to 0 because member->tag.type is 0: ... (gdb) p *member $16 = {tag = {node = {next = 0x15b1ff0, prev = 0x15b1f30}, type = 0, tag = 13, visited = false, top_level = false, recursivity_level = 0, priv = 0x15b1440}, name = 55224, bit_offset = 128, bit_size = 0, byte_offset = 16, byte_size = 0, bitfield_offset = 0 '\000', bitfield_size = 0 '\000', bit_hole = 0 '\000', bitfield_end = 0 '\000', const_value = 0, alignment = 8, visited = 0 '\000', is_static = 0 '\000', accessibility = 0 '\000', virtuality = 0 '\000', hole = 0} ... Looking in a bit more detail, we can see that the member is at offset 0x426ba, and the type at 0x726e: ... (gdb) p /x *(struct dwarf_tag*)member.tag.priv $5 = {hash_node = {next = 0x15aad50, pprev = 0x15c4340}, type = {from_types = 0x0, off = 0x726e}, id = 0x426ba, {abstract_origin = { from_types = 0x0, off = 0x0}, containing_type = {from_types = 0x0, off = 0x0}}, tag = 0x15b1f90, small_id = 0x0, decl_file = 0x0, decl_line = 0x0} ... We have a matching complaint earlier: ... namespace__recode_dwarf_types: couldn't find 0x726e type for 0x426ba (member)! ... -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c5 --- Comment #5 from Tom de Vries <tdevries@suse.com> --- Michal, can I publish ~/pahole/5.3.18-24.9-default/usr/lib/debug/boot/vmlinux-5.3.18-24.9-default.debug ? -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c7 --- Comment #7 from Tom de Vries <tdevries@suse.com> --- Filed upstream as https://github.com/acmel/dwarves/issues/10 . -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c8 --- Comment #8 from Tom de Vries <tdevries@suse.com> --- (In reply to Tom de Vries from comment #7)
Filed upstream as https://github.com/acmel/dwarves/issues/10 .
The feedback there is that partial units are not supported yet in pahole (FWIW, v1.12 NEWS listed initial support for DW_TAG_partial_unit). This feature is planned for release v1.19. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c9 --- Comment #9 from Tom de Vries <tdevries@suse.com> --- (In reply to Tom de Vries from comment #8)
(In reply to Tom de Vries from comment #7)
Filed upstream as https://github.com/acmel/dwarves/issues/10 .
The feedback there is that partial units are not supported yet in pahole
Backported conservative fix: https://build.opensuse.org/request/show/835904 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c10 --- Comment #10 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1176095) was mentioned in https://build.opensuse.org/request/show/835930 Factory / dwarves -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c11 --- Comment #11 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1176095) was mentioned in https://build.opensuse.org/request/show/863353 Backports:SLE-15 / dwarves -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c12 --- Comment #12 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1176095) was mentioned in https://build.opensuse.org/request/show/865301 Backports:SLE-15-SP1 / dwarves -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c13 --- Comment #13 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:0151-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1176095,1177921 CVE References: JIRA References: Sources used: openSUSE Backports SLE-15-SP1 (src): dwarves-1.19-bp151.4.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c14 --- Comment #14 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:0175-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1176095,1177921 CVE References: JIRA References: Sources used: openSUSE Backports SLE-15 (src): dwarves-1.19-bp150.3.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c15 --- Comment #15 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1176095) was mentioned in https://build.opensuse.org/request/show/867307 15.2 / dwarves -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c16 --- Comment #16 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:0216-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1176095,1177921 CVE References: JIRA References: Sources used: openSUSE Leap 15.2 (src): dwarves-1.19-lp152.4.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c17 --- Comment #17 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:0233-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1176095,1177921 CVE References: JIRA References: Sources used: openSUSE Backports SLE-15-SP2 (src): dwarves-1.19-bp152.4.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1176095 https://bugzilla.suse.com/show_bug.cgi?id=1176095#c24 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #24 from Michal Suchanek <msuchanek@suse.com> --- Fix released -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com