-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spurious segfaults in sv-benchmarks runs #1520
Comments
Iirc, StackOverflows that happen while executing native code (e.g., in Apron) also produce segfaults, right? |
That's true and that can even be true without things like Apron. If the C stack happens to exactly overflow during some OCaml runtime implementation (in C), then that could also be the case. However, I'm still doubtful that it's what's happening here. If a particular program causes a stack overflow (whether in OCaml or C at the time), this should be consistent and repeatable. We don't invoke any randomness, so Goblint should be deterministic at what it does and how deep each recursion goes. It shouldn't be that one run somehow goes into deeper recursion than the second identical run. |
#1522 doesn't seem to have helped with this, sadly. avsm/ocaml-yaml#75 fixed a segfault in YAML with large values, but that doesn't seem to have been the case here. |
I just noticed something in my latest ghost witness generation runs (https://goblint.cs.ut.ee/results/188-concurrency-witness-simpl/table-generator.table.html#/table): EDIT: I managed to coincidentally reproduce this under
Although this doesn't necessarily mean Apron did something wrong. It just means that when Apron wanted to allocate on the OCaml heap, the GC ran and something in the OCaml heap has been screwed up at some earlier point, such that GC now crashes following an invalid pointer. |
After a day of debugging, I think I found camlidl of all things to be the cause: xavierleroy/camlidl#29. Apron uses camlidl to generate the bindings. |
Wow, that is quite the find! There would have been many other things I would have suspected before turning to camlidl.... |
I found some hand-written instances in Apron itself as well: antoinemine/apron#112. |
I now did a sv-benchmarks run with the camlidl and Apron fixes on top of #1522: all segfaults now disappeared. |
Since this has been fixed in upstream repositories, but not yet released to opam, I've added opam pins for them for now. There's nothing more for us to do about this issue, other than remove the pins eventually. |
For a while now, sv-benchmarks runs have been showing a number of spurious
SEGMENTATION FAULT
results which are on different tasks on every run. In our latest run, it was 157/31498 tasks (0.5%). These make BenchExec diff tables particularly annoying to look at: one has to filter out those statuses from both columns to focus on actual differences.In SV-COMP 2024 results we had zero of them, so something must have happened. AFAIK, segfaults in OCaml can only be due to misuse of
Obj
or bad C stubs (which we use for float domains). I opened #1371 at one point but convinced myself that our stubs were actually fine. Maybe they still are not? But they were such also at SV-COMP 2024, so the same issues should've popped up then as well.Their spurious nature makes them extremely difficult to debug as well. Since it's not any specific task, one cannot just bisect and run that under
gdb
. Rather, at every bisect step, a full sv-benchmarks run needs to be done. And that only gives the first problematic commit at best, there's still no way to get the full backtrace fromgdb
while running Goblint under BenchExec.The text was updated successfully, but these errors were encountered: