1389223 – Segmentation fault (core dumped) if trace-cmd snapshot after trace-cmd start -p wakeup

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1389223 - Segmentation fault (core dumped) if trace-cmd snapshot after trace-cmd start -p wakeup

Summary: Segmentation fault (core dumped) if trace-cmd snapshot after trace-cmd start ...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	trace-cmd
Sub Component:
Version:	7.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	John Kacur
QA Contact:	Ziqian SUN (Zamir)
Docs Contact:
URL:
Whiteboard:
Depends On:	1389219
Blocks:	1353018
TreeView+	depends on / blocked

Reported:	2016-10-27 08:36 UTC by Ziqian SUN (Zamir)
Modified:	2018-11-16 05:53 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1389219
Environment:
Last Closed:	2017-08-01 12:47:53 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
trace-cmd: Fix segmentation fault in trace-snapshot (1.03 KB, patch) 2017-03-21 11:11 UTC, John Kacur	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:2219	0	normal	SHIPPED_LIVE	trace-cmd bug fix update	2017-08-01 16:10:22 UTC

Description Ziqian SUN (Zamir) 2016-10-27 08:36:24 UTC

This also happens on RHEL 7.3. So clone this bug.

+++ This bug was initially created as a clone of Bug #1389219 +++

Description of problem:
Segmentation fault (core dumped) if trace-cmd snapshot after trace-cmd start -p wakeup
Version-Release number of selected component (if applicable):
Fedora Rawhide x86_64
[root@nec-em13 ~]# uname -r
4.9.0-0.rc1.git4.1.fc26.x86_64
[root@nec-em13 ~]# dnf info trace-cmd
Last metadata expiration check: 0:06:30 ago on Thu Oct 27 04:21:22 2016 EDT.
Installed Packages
Name         : trace-cmd
Version      : 2.6
Release      : 2.fc26
Arch         : x86_64
Size         : 485 k
Source       : trace-cmd-2.6-2.fc26.src.rpm


How reproducible:
Always

Steps to Reproduce:
1.Start a new machine with Fedora Rawhide 
2.# trace-cmd start -p wakeup
3.# trace-cmd snapshot -s

Actual results:
[root@nec-em13 ~]# trace-cmd snapshot -s
trace-cmd: Device or resource busy
  Segmentation fault (core dumped)


Expected results:
Success without error. Or return an error (instead of segmentation fault) if this is not supported.

Additional info:

Comment 1 Ziqian SUN (Zamir) 2016-10-27 08:38:59 UTC

strace information on RHEL 7.3 like the following

[root@ibm-x3550m3-03 ~]# strace trace-cmd snapshot -s
execve("/usr/bin/trace-cmd", ["trace-cmd", "snapshot", "-s"], [/* 38 vars */]) = 0
brk(0)                                  = 0x10d6000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7efdd7a5a000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=37368, ...}) = 0
mmap(NULL, 37368, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7efdd7a50000
close(3)                                = 0
open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`\16\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19776, ...}) = 0
mmap(NULL, 2109744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7efdd7638000
mprotect(0x7efdd763a000, 2097152, PROT_NONE) = 0
mmap(0x7efdd783a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7efdd783a000
close(3)                                = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2118128, ...}) = 0
mmap(NULL, 3932672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7efdd7277000
mprotect(0x7efdd742d000, 2097152, PROT_NONE) = 0
mmap(0x7efdd762d000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b6000) = 0x7efdd762d000
mmap(0x7efdd7633000, 16896, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7efdd7633000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7efdd7a4f000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7efdd7a4d000
arch_prctl(ARCH_SET_FS, 0x7efdd7a4d740) = 0
mprotect(0x7efdd762d000, 16384, PROT_READ) = 0
mprotect(0x7efdd783a000, 4096, PROT_READ) = 0
mprotect(0x65b000, 4096, PROT_READ)     = 0
mprotect(0x7efdd7a5b000, 4096, PROT_READ) = 0
munmap(0x7efdd7a50000, 37368)           = 0
brk(0)                                  = 0x10d6000
brk(0x10f7000)                          = 0x10f7000
brk(0)                                  = 0x10f7000
open("/proc/mounts", O_RDONLY)          = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7efdd7a59000
read(3, "rootfs / rootfs rw 0 0\nsysfs /sy"..., 1024) = 1024
read(3, " 0 0\ncgroup /sys/fs/cgroup/memor"..., 1024) = 1024
read(3, "lbfs rw,seclabel,relatime 0 0\nsu"..., 1024) = 376
read(3, "", 1024)                       = 0
read(3, "", 1024)                       = 0
close(3)                                = 0
munmap(0x7efdd7a59000, 4096)            = 0
stat("/sys/kernel/tracing", 0x7ffdf68b4870) = -1 ENOENT (No such file or directory)
stat("/sys/kernel/debug/tracing/snapshot", {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
open("/sys/kernel/debug/tracing/snapshot", O_WRONLY) = 3
write(3, "1", 1)                        = -1 EBUSY (Device or resource busy)
dup(2)                                  = 4
fcntl(4, F_GETFL)                       = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat(4, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7efdd7a59000
write(4, "trace-cmd: Device or resource bu"..., 35trace-cmd: Device or resource busy
) = 35
close(4)                                = 0
munmap(0x7efdd7a59000, 4096)            = 0
write(2, "  ", 2  )                       = 2
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x1} ---
+++ killed by SIGSEGV +++
Segmentation fault

Comment 2 John Kacur 2017-03-21 11:11:34 UTC

Created attachment 1265011 [details]
trace-cmd: Fix segmentation fault in trace-snapshot

Comment 3 John Kacur 2017-03-21 11:22:20 UTC

Patch was also sent upstream (lkml and to the trace-cmd maintainer Steve Rostedt)

Comment 12 errata-xmlrpc 2017-08-01 12:47:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2219

Note You need to log in before you can comment on or make changes to this bug.