https://sourceware.org/bugzilla/show_bug.cgi?id=32110
Bug ID: 32110
Summary: gprofng segfaults on parsing DWARF of clang++ 18.1.3
produced binary
Product: binutils
Version: 2.44 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: gprofng
Assignee: vladimir.mezentsev at oracle dot com
Reporter: tim.felgentreff at oracle dot com
Target Milestone: ---
Created attachment 15682
--> https://sourceware.org/bugzilla/attachment.cgi?id=15682&action=edit
Workaround for segv
GraalPy (built on Oracle GraalVM) uses a simple C++ file as a launcher
(https://github.com/oracle/graal/blob/master/sdk/src/org.graalvm.launcher.native/src/launcher.cc).
When compiled on my machine with clang++
(llvmorg-18.1.3-4-gd3f23e9e73-bg3b8289d0a4
d3f23e9e738460540e9d574897942c5c95d7c25e) these binaries' have a
"DW_AT_comp_dir" entry with len 0, but the actual str pointer is just invalid,
and gprofng segfaults when trying to display profiling results:
#1 0x00007ffff7af0343 in __GI___strdup (s=0x2 <error: Cannot access memory at
address 0x2>) at ./string/strdup.c:41
#2 0x00005555556ea665 in dbe_strdup (str=<optimized out>) at
/home/tim/dev/binutils-gdb/gprofng/src/util.h:108
#3 DwrCU::parse_cu_header (this=this@entry=0x55559bc83b40,
lo=lo@entry=0x555555bcece0) at DwarfLib.cc:2143
#4 0x00005555556e3c94 in Dwarf::archive_Dwarf (this=0x55559bc57000,
lo=lo@entry=0x555555bcece0) at Dwarf.cc:605
#5 0x00005555556897fd in Stabs::read_archive (this=0x555555bcf650,
lo=lo@entry=0x555555bcece0) at Stabs.cc:1561
The line DwarfLib.cc:2143 is
comp_dir = dbe_strdup (Dwarf_string (DW_AT_comp_dir));
Looking at the code for Dwarf_string, it does this:
dwrAttr ? dwrAttr->u.str : NULL
In my case, dwrAttr is not NULL here, but dwrAttr->len is 0 and dwrAttr->u.str
is some invalid value like 0x2, and then dbe_strdup segfaults.
In the attached patch, I simply check the len as well. I don't know if that is
correct, but it fixes the issue for me and I can display the profiling
information. The C++ code is straightforward, and the compile command doesn't
look like it does anything odd, either:
clang++ -MMD -MF src/launcher.o.d -Ijava/21.0.3-tem/include
-Ijava/21.0.3-tem/include/linux -fdebug-prefix-map=dev/graal=graal
-fdebug-prefix-map=dev/graal/sdk/mxbuild/jdk21=jdk21
-fdebug-prefix-map=java/21.0.3-tem=21.0.3-tem -gno-record-gcc-switches
-std=c++17 -DCP_SEP=: -DDIR_SEP=/ -DGRAALVM_VERSION=24.2.0-dev -pthread
-stdlib=libc++ -DLAUNCHER_MAIN_MODULE=org.graalvm.py.launcher
-DLAUNCHER_CLASS=com.oracle.graal.python.shell.GraalPythonMain
-DLAUNCHER_MODULE_PATH="{\"../../../lib/graalvm/graalpython-launcher.jar\",
\"../../../lib/graalvm/jline3.jar\",
\"../../../lib/graalvm/launcher-common.jar\",
\"../../../lib/graalvm/maven-downloader.jar\"}"
-DLIBJVM_RELPATH=../../../lib/server/libjvm.so -DLANGUAGES_DIR=../..
-DTOOLS_DIR=../../../tools -DLIBLANG_RELPATH=../lib/libpythonvm.so
-DLAUNCHER_DEFAULT_VM_ARGS="{\"--vm.Xss16777216\"}" -c
dev/graal/sdk/src/org.graalvm.launcher.native/src/launcher.cc -o src/launcher.o
clang++ -fuse-ld=lld -pthread -o python src/launcher.o -stdlib=libc++
-static-libstdc++ -l:libc++abi.a -ldl
--
You are receiving this mail because:
You are on the CC list for the bug.
