bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gprofng/32110] New: gprofng segfaults on parsing DWARF of clang++ 1

From: tim.felgentreff at oracle dot com
Subject: [Bug gprofng/32110] New: gprofng segfaults on parsing DWARF of clang++ 18.1.3 produced binary
Date: Thu, 22 Aug 2024 05:05:51 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=32110

            Bug ID: 32110
           Summary: gprofng segfaults on parsing DWARF of clang++ 18.1.3
                    produced binary
           Product: binutils
           Version: 2.44 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gprofng
          Assignee: vladimir.mezentsev at oracle dot com
          Reporter: tim.felgentreff at oracle dot com
  Target Milestone: ---

Created attachment 15682
  --> https://sourceware.org/bugzilla/attachment.cgi?id=15682&action=edit
Workaround for segv

GraalPy (built on Oracle GraalVM) uses a simple C++ file as a launcher
(https://github.com/oracle/graal/blob/master/sdk/src/org.graalvm.launcher.native/src/launcher.cc).
When compiled on my machine with clang++
(llvmorg-18.1.3-4-gd3f23e9e73-bg3b8289d0a4
d3f23e9e738460540e9d574897942c5c95d7c25e) these binaries' have a
"DW_AT_comp_dir" entry with len 0, but the actual str pointer is just invalid,
and gprofng segfaults when trying to display profiling results:

#1  0x00007ffff7af0343 in __GI___strdup (s=0x2 <error: Cannot access memory at
address 0x2>) at ./string/strdup.c:41
#2  0x00005555556ea665 in dbe_strdup (str=<optimized out>) at
/home/tim/dev/binutils-gdb/gprofng/src/util.h:108
#3  DwrCU::parse_cu_header (this=this@entry=0x55559bc83b40,
lo=lo@entry=0x555555bcece0) at DwarfLib.cc:2143
#4  0x00005555556e3c94 in Dwarf::archive_Dwarf (this=0x55559bc57000,
lo=lo@entry=0x555555bcece0) at Dwarf.cc:605
#5  0x00005555556897fd in Stabs::read_archive (this=0x555555bcf650,
lo=lo@entry=0x555555bcece0) at Stabs.cc:1561

The line DwarfLib.cc:2143 is

comp_dir = dbe_strdup (Dwarf_string (DW_AT_comp_dir));

Looking at the code for Dwarf_string, it does this:

dwrAttr ? dwrAttr->u.str : NULL


In my case, dwrAttr is not NULL here, but dwrAttr->len is 0 and dwrAttr->u.str
is some invalid value like 0x2, and then dbe_strdup segfaults.

In the attached patch, I simply check the len as well. I don't know if that is
correct, but it fixes the issue for me and I can display the profiling
information. The C++ code is straightforward, and the compile command doesn't
look like it does anything odd, either:

clang++ -MMD -MF src/launcher.o.d -Ijava/21.0.3-tem/include
-Ijava/21.0.3-tem/include/linux  -fdebug-prefix-map=dev/graal=graal
-fdebug-prefix-map=dev/graal/sdk/mxbuild/jdk21=jdk21
-fdebug-prefix-map=java/21.0.3-tem=21.0.3-tem -gno-record-gcc-switches
-std=c++17 -DCP_SEP=: -DDIR_SEP=/ -DGRAALVM_VERSION=24.2.0-dev -pthread
-stdlib=libc++ -DLAUNCHER_MAIN_MODULE=org.graalvm.py.launcher
-DLAUNCHER_CLASS=com.oracle.graal.python.shell.GraalPythonMain
-DLAUNCHER_MODULE_PATH="{\"../../../lib/graalvm/graalpython-launcher.jar\",
\"../../../lib/graalvm/jline3.jar\",
\"../../../lib/graalvm/launcher-common.jar\",
\"../../../lib/graalvm/maven-downloader.jar\"}"
-DLIBJVM_RELPATH=../../../lib/server/libjvm.so -DLANGUAGES_DIR=../..
-DTOOLS_DIR=../../../tools -DLIBLANG_RELPATH=../lib/libpythonvm.so
-DLAUNCHER_DEFAULT_VM_ARGS="{\"--vm.Xss16777216\"}" -c
dev/graal/sdk/src/org.graalvm.launcher.native/src/launcher.cc -o src/launcher.o

clang++ -fuse-ld=lld -pthread -o python src/launcher.o -stdlib=libc++
-static-libstdc++ -l:libc++abi.a -ldl

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]