Summary: | Segmentation fault of probed SSHD program | ||
---|---|---|---|
Product: | systemtap | Reporter: | fahadaliarshad |
Component: | uprobes | Assignee: | Unassigned <systemtap> |
Status: | RESOLVED WORKSFORME | ||
Severity: | normal | CC: | fche |
Priority: | P2 | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
fahadaliarshad
2015-04-28 03:15:55 UTC
We've tracked several kernel uprobes bugs that have symptoms like this, including bug #18171. Try removing the .return probes from your script to be sure. Removing the .return probe did not help and I am observing the same behavior (Segmentation fault). FYI, the following log entry in /var/log/messages is generated when segfault occurs. Apr 28 11:12:04 centos7 kernel: traps: sshd[27333] general protection ip:7fffffffe080 sp:7fff9bba5cd0 error:0 > Removing the .return probe did not help and I am observing the same behavior
> (Segmentation fault).
OK. A number of kernel uprobe bugs were fixed after 3.13; would you be able to test with a more recent version?
Frank, Thanks for providing feedback on this. I was going to build from source a kernel version > 3.13. But before that, I updated my system (yum update) and kernel version updated from "3.10.0-123.9.3.el7.x86_64" to the latest version "3.10.0-229.1.2.el7.x86_64" available by Centos7 repo. Apparently, this fixed the issue! I am still not sure what was the root-cause though. There is no segfault anymore but I do see a "WARNING: function _start return" as below. [root@centos7 ~]# stap -v -e 'probe process("/usr/local/openssh-5.3p1/sbin/sshd").function("*") {printf("[%d] funcname:%s->\n", gettimeofday_us(), pp())} probe process("/usr/local/openssh-5.3p1/sbin/sshd").function("*").return {printf("[%d] funcname:%s<-\n", gettimeofday_us(), pp())}' Pass 1: parsed user script and 106 library script(s) using 217156virt/34680res/2992shr/32188data kb, in 220usr/60sys/288real ms. WARNING: function _start return probe is blacklisted: keyword at <input>:1:131 source: probe process("/usr/local/openssh-5.3p1/sbin/sshd").function("*") {printf("[%d] funcname:%s->\n", gettimeofday_us(), pp())} probe process("/usr/local/openssh-5.3p1/sbin/sshd").function("*").return {printf("[%d] funcname:%s<-\n", gettimeofday_us(), pp())} ^ Pass 2: analyzed script: 1982 probe(s), 3 function(s), 1 embed(s), 0 global(s) using 225440virt/43964res/3732shr/40472data kb, in 180usr/20sys/183real ms. Pass 3: using cached /root/.systemtap/cache/a6/stap_a6c26ef9098b1d31ec5d9d07d982715b_652697.c Pass 4: using cached /root/.systemtap/cache/a6/stap_a6c26ef9098b1d31ec5d9d07d982715b_652697.ko Pass 5: starting run. Yes, the rhel7 kernel contains many uprobe fixes. The _start-related warning is due to bug #16662 (the ABI of the _start function being incompatible with uretprobes). |