 Relationships |
|
| Anonymous | Login | Signup for a new account | 11-10-2008 12:06 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0003124 | [uClibc] Architecture Specific | crash | always | 04-26-08 01:53 | 04-26-08 06:11 | ||||
| Reporter | naffarin | View Status | public | ||||||
| Assigned To | uClibc | ||||||||
| Priority | normal | Resolution | fixed | ||||||
| Status | closed | Product Version | |||||||
| Summary | 0003124: smbd segfaults on arm architecture | ||||||||
| Description |
Using a buildroot compiled uclibc toolchain and version 0.9.29 of uclibc a samba smbd (actually all samba binaries) segfaults immediately after starting. The toolchain has been compiled using linuxthreads.old/stable. Other programs compiled with the toolchain work, e.g. busybox. a gdb session shows the following output: bash-3.2# gdb smbd ELF header=0x40000000 First Dynamic section entry=0x40013ea8 Scanning DYNAMIC section Done scanning DYNAMIC section About to do library loader relocations Done relocating ldso; we can now use globals and make function calls! _dl_get_ready_to_run:169: Cool, ldso survived making function calls _dl_malloc:892: mmapping more memory _dl_get_ready_to_run:340: Lib Loader: (0x40000000) /lib/ld-uClibc.so.0 _dl_get_ready_to_run:609: Loading: (0x40015000) /mnt/HD_a2/uclibc_db/lib/libncurses.so.5 _dl_get_ready_to_run:609: Loading: (0x40060000) /mnt/HD_a2/uclibc_db/lib/libm.so.0 _dl_get_ready_to_run:609: Loading: (0x4008e000) /mnt/HD_a2/uclibc_db/lib/libdl.so.0 _dl_get_ready_to_run:609: Loading: (0x4009a000) /mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1 _dl_get_ready_to_run:609: Loading: (0x400a3000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x400a3000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x4009a000) /mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1 _dl_get_ready_to_run:609: Loading: (0x400a3000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x400a3000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x400a3000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:736: Beginning relocation fixups transfering control to application @ 0x39ea0 GNU gdb 6.6 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "arm-linux-uclibc"... Using host libthread_db library "/mnt/HD_a2/uclibc_db/lib/libthread_db.so.1". (gdb) set -args --help No symbol "args" in current context. (gdb) set args --help (gdb) r Starting program: /mnt/HD_a2/uclibc_db/usr/sbin/smbd --help ELF header=0x40000000 First Dynamic section entry=0x40013ea8 Scanning DYNAMIC section Done scanning DYNAMIC section About to do library loader relocations Done relocating ldso; we can now use globals and make function calls! _dl_get_ready_to_run:169: Cool, ldso survived making function calls _dl_get_ready_to_run:261: Position Independent Executable: app_tpnt->loadaddr=0x2a000000 _dl_malloc:892: mmapping more memory _dl_get_ready_to_run:340: Lib Loader: (0x40000000) /lib/ld-uClibc.so.0 _dl_get_ready_to_run:609: Loading: (0x40015000) /mnt/HD_a2/uclibc_db/lib/libcrypt.so.0 _dl_get_ready_to_run:609: Loading: (0x40033000) /mnt/HD_a2/uclibc_db/lib/libresolv.so.0 _dl_get_ready_to_run:609: Loading: (0x4003c000) /mnt/HD_a2/uclibc_db/lib/libdl.so.0 _dl_get_ready_to_run:609: Loading: (0x40048000) /mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1 _dl_get_ready_to_run:609: Loading: (0x40051000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x40051000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x40051000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x40051000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:609: Loading: (0x40051000) /mnt/HD_a2/uclibc_db/lib/libc.so.0 _dl_get_ready_to_run:736: Beginning relocation fixups Program received signal SIGSEGV, Segmentation fault. 0x400034e8 in elf_machine_relative (load_off=704643072, rel_addr=704883812, relative_count=7007) at ./ldso/ldso/arm/dl-sysdep.h:140 140 ./ldso/ldso/arm/dl-sysdep.h: No such file or directory. in ./ldso/ldso/arm/dl-sysdep.h (gdb) bt 0 0x400034e8 in elf_machine_relative (load_off=704643072, rel_addr=704883812, relative_count=7007) at ./ldso/ldso/arm/dl-sysdep.h:140 0000001 0x40009df0 in _dl_fixup (rpnt=0x4000c130, now_flag=0) at ldso/ldso/dl-elf.c:685 2 0x40005ddc in _dl_get_ready_to_run (tpnt=0x0, load_addr=1073741824, auxvt=0xbe833a4c, envp=0xbe833bf0, argv=0xbe833be4) at ldso/ldso/ldso.c:753 0000003 0x40002e10 in _dl_start (args=3196271584) at ldso/ldso/dl-startup.c:307 0000004 0x40001bec in _start () at ldso/ldso/arm/elfinterp.c:332 Backtrace stopped: frame did not save the PC |
||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
|
Relationships |
|
|
Notes |
|
|
(0007224) naffarin 04-26-08 05:09 |
Further tests showed that this bug is due to a patch to ldso.c i found in the mailing list. The patch was supposed to fix the segfault as described in http://busybox.net/bugs/view.php?id=1583 [^] and can be fixed by applying the following fix taken from http://www.mail-archive.com/toolchain-commits@blackfin.uclinux.org/msg00485.html [^] which should be in already in the current snapshot of uclibc. Modified: trunk/uClibc/ldso/ldso/ldso.c (2014 => 2015) --- trunk/uClibc/ldso/ldso/ldso.c 2007-11-23 14:06:03 UTC (rev 2014) +++ trunk/uClibc/ldso/ldso/ldso.c 2007-11-23 15:11:13 UTC (rev 2015) @@ -289,6 +289,7 @@ _dl_debug_early("calling mprotect on the application program\n"); /* Now cover the application program. */ if (app_tpnt->dynamic_info[DT_TEXTREL]) { + ElfW(Phdr) *ppnt_outer = ppnt; ppnt = (ElfW(Phdr) *) auxvt[AT_PHDR].a_un.a_val; for (i = 0; i < auxvt[AT_PHNUM].a_un.a_val; i++, ppnt++) { if (ppnt->p_type == PT_LOAD && !(ppnt->p_flags & PF_W)) @@ -297,7 +298,13 @@ (unsigned long) ppnt->p_filesz, PROT_READ | PROT_WRITE | PROT_EXEC); } + ppnt = ppnt_outer; } +#else + if (app_tpnt->dynamic_info[DT_TEXTREL]) { + _dl_dprintf(_dl_debug_file, "Can't modify application's text section; use the GCC option -fPIE for position-independent executables.\n"); + _dl_exit(1); + } #endif #ifndef ALLOW_ZERO_PLTGOT Issue can be closed. ( I suppose this is also the solution for bug 1583) |
|
(0007234) carmelo73 04-26-08 06:10 |
Fixed in r20438 |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 04-26-08 01:53 | naffarin | New Issue | |
| 04-26-08 01:53 | naffarin | Status | new => assigned |
| 04-26-08 01:53 | naffarin | Assigned To | => uClibc |
| 04-26-08 05:09 | naffarin | Note Added: 0007224 | |
| 04-26-08 06:10 | carmelo73 | Status | assigned => resolved |
| 04-26-08 06:10 | carmelo73 | Resolution | open => fixed |
| 04-26-08 06:10 | carmelo73 | Note Added: 0007234 | |
| 04-26-08 06:11 | carmelo73 | Status | resolved => closed |
| Copyright © 2000 - 2006 Mantis Group |  |
