Re: systemtap 2.2.1 installcheck => kernel BUG at .. kprobes.c:707

[Timo Juhani Lindfors <timo dot lindfors at iki dot fi>]

Timo Juhani Lindfors <timo.lindfors@iki.fi> writes:
> Thanks! After "echo 0 > /proc/sys/debug/kprobes-optimization" the kernel
> does not crash anymore and the testsuite completes. I see however a few
> stap segfaults and OOM killer hits.

First segfault:

lindi3:~/tmp/systemtap-2.2.1/testsuite$ gdb --args stap --rlimit-stack=1 --rlimit-stack=999999999999 -p4 ./systemtap.base/rlimit.stp
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/stap...(no debugging symbols found)...done.
(gdb) r
Starting program: /usr/bin/stap --rlimit-stack=1 --rlimit-stack=999999999999 -p4 ./systemtap.base/rlimit.stp
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Unable to set resource limits for rlimit_stack : Operation not permitted

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7bb17f9 in dwarf_getsrclines () from /usr/lib/x86_64-linux-gnu/libdw.so.1
(gdb) bt
#0  0x00007ffff7bb17f9 in dwarf_getsrclines () from /usr/lib/x86_64-linux-gnu/libdw.so.1
#1  0x00007ffff7bb5ce1 in dwarf_decl_file () from /usr/lib/x86_64-linux-gnu/libdw.so.1
#2  0x0000000000541d1b in ?? ()
#3  0x00000000004b9782 in ?? ()
#4  0x0000000000545bac in ?? ()
#5  0x00000000004ccebf in ?? ()
#6  0x0000000000546a42 in ?? ()
#7  0x00000000004ce287 in ?? ()
#8  0x00000000004ce438 in ?? ()
#9  0x00000000004b246d in ?? ()
#10 0x00007ffff7bbf3d2 in dwfl_getmodules () from /usr/lib/x86_64-linux-gnu/libdw.so.1
#11 0x00000000004caa91 in ?? ()
#12 0x000000000045b27b in ?? ()
#13 0x000000000045b2fc in ?? ()
#14 0x000000000045b2fc in ?? ()
#15 0x000000000045b2fc in ?? ()
#16 0x000000000045c2bf in ?? ()
#17 0x000000000045e2f3 in ?? ()
#18 0x000000000046af1c in ?? ()
#19 0x0000000000414892 in ?? ()
#20 0x000000000040ff1a in ?? ()
#21 0x00007ffff54d5a55 in __libc_start_main (main=0x40f650, argc=5, ubp_av=0x7fffffffe978, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe968)
    at libc-start.c:260
#22 0x0000000000412895 in ?? ()
(gdb) info register
rax            0x7ffffffdcff0   140737488211952
rbx            0xffffffff816bba78       -2123646344
rcx            0x0                      0
rdx            0x0                      0
rsi            0x7ffff2bad3bc           140737265718204
rdi            0x0                      0
rbp            0x7fffffffb780           0x7fffffffb780
rsp            0x7ffffffdcff0           0x7ffffffdcff0
r8             0x7ffff2bad3bb           140737265718203
r9             0x0                      0
r10            0x0                      0
r11            0x7ffffffdd030           140737488212016
r12            0x7fffffffb7a0           140737488336800
r13            0x0                      0
r14            0xa99                    2713
r15            0x257f088                39317640
rip            0x7ffff7bb17f9           0x7ffff7bb17f9 <dwarf_getsrclines+1897>
eflags         0x10256                  [ PF AF ZF IF RF ]
cs             0xe033                   57395
ss             0xe02b                   57387
ds             0x0                      0
es             0x0                      0
fs             0x0                      0
gs             0x0                      0
(gdb) x/4i $rip
=> 0x7ffff7bb17f9 <dwarf_getsrclines+1897>:     mov    %rbx,0x8(%rax)
   0x7ffff7bb17fd <dwarf_getsrclines+1901>:     mov    %r14d,0x14(%rax)
   0x7ffff7bb1801 <dwarf_getsrclines+1905>:     mov    %r9w,0x18(%rax)
   0x7ffff7bb1806 <dwarf_getsrclines+1910>:     and    $0xe01f,%dx

The version of libdw1 is 0.153-2. I rebuilt it with -O0 -g and now I see bit more:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7ba24ce in add_new_line (new_line=0x7ffffffdd020, end_sequence=false) at dwarf_getsrclines.c:361
361                      {
(gdb) bt
#0  0x00007ffff7ba24ce in add_new_line (new_line=0x7ffffffdd020, end_sequence=false) at dwarf_getsrclines.c:361
#1  0x00007ffff7ba1144 in dwarf_getsrclines (cudie=0x7fffffffb7b0, lines=0x7fffffffb778, nlines=0x7fffffffb780) at dwarf_getsrclines.c:421
#2  0x00007ffff7ba7b14 in dwarf_decl_file (die=0x2e5cd78) at dwarf_decl_file.c:87
#3  0x0000000000541d1b in ?? ()
#4  0x00000000004b9782 in ?? ()
#5  0x0000000000545bac in ?? ()
#6  0x00000000004ccebf in ?? ()
#7  0x0000000000546a42 in ?? ()
#8  0x00000000004ce287 in ?? ()
#9  0x00000000004ce438 in ?? ()
#10 0x00000000004b246d in ?? ()
#11 0x00007ffff7bb6ab5 in dwfl_getmodules (dwfl=0x1e028b0, callback=0x4b2310, arg=0x7fffffffc3b0, offset=0) at dwfl_getmodules.c:103
#12 0x00000000004caa91 in ?? ()
#13 0x000000000045b27b in ?? ()
#14 0x000000000045b2fc in ?? ()
#15 0x000000000045b2fc in ?? ()
#16 0x000000000045b2fc in ?? ()
#17 0x000000000045c2bf in ?? ()
#18 0x000000000045e2f3 in ?? ()
#19 0x000000000046af1c in ?? ()
#20 0x0000000000414892 in ?? ()
#21 0x000000000040ff1a in ?? ()
#22 0x00007ffff54c2a55 in __libc_start_main (main=0x40f650, argc=5, ubp_av=0x7fffffffe978, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe968)
    at libc-start.c:260
#23 0x0000000000412895 in ?? ()

(gdb) l
356					    end_seq)))				\
357		  goto invalid_data;						\
358	      } while (0)
359	
360	      inline bool add_new_line (struct linelist *new_line, bool end_sequence)
361	      {
362		/* Set the line information.  For some fields we use bitfields,
363		   so we would lose information if the encoded values are too large.
364		   Check just for paranoia, and call the data "invalid" if it
365		   violates our assumptions on reasonable limits for the values.  */
(gdb) p *new_line
$2 = {line = {files = 0x0, addr = 0, file = 0, line = 0, column = 0, is_stmt = 0, basic_block = 0, end_sequence = 0, prologue_end = 0, epilogue_begin = 0, op_index = 0, isa = 0, discriminator = 0}, 
  next = 0x7ffffffdd060}
(gdb) p *new_line->next
$3 = {line = {files = 0x0, addr = 18446744071585905164, file = 4, line = 2702, column = 0, is_stmt = 1, basic_block = 0, end_sequence = 0, prologue_end = 0, epilogue_begin = 0, op_index = 0, isa = 0, 
    discriminator = 0}, next = 0x7ffffffdd0a0}
(gdb) up
#1  0x00007ffff7ba1144 in dwarf_getsrclines (cudie=0x7fffffffb7b0, lines=0x7fffffffb778, nlines=0x7fffffffb780) at dwarf_getsrclines.c:421
421		      NEW_LINE (0);
(gdb) l
416		      /* Perform the increments.  */
417		      line += line_increment;
418		      advance_pc ((opcode - opcode_base) / line_range);
419	
420		      /* Add a new line with the current state machine values.  */
421		      NEW_LINE (0);
422	
423		      /* Reset the flags.  */
424		      basic_block = false;
425		      prologue_end = false;