busybox 1.9.1 syslogd segfaults on startup

Denys Vlasenko vda.linux at googlemail.com
Tue Feb 26 01:00:08 UTC 2008 

On Tuesday 26 February 2008 01:32, Clem Taylor wrote:
> On Mon, Feb 25, 2008 at 6:30 PM, Denys Vlasenko
> <vda.linux at googlemail.com> wrote:
> >  Hmm. I have an idea.
> >  Go to libbb.h and delete "const" here:
> >  extern struct globals *const ptr_to_globals;
> 
> And the decl in messages.c
> 
> >  Then rebuild busybox. Does it segfault now?
> 
> Okay, now it doesn't segfault.
> 
> ptr_to_globals is a constant pointer, so it shouldn't be changed. But
> then in syslogd_main() it is used on the left hand side via
> PTR_TO_GLOBALS. Does that mean there are actually two different
> versions of ptrs_to_globals, the original const value (which may be
> bogus or 0) and then the overwritten version?

No, there is one. It is declared *const but is really a non-const ptr.

> Depending on the mood of 
> the optimizer, you could get either version.

The point is, I am trying hard to not allow optimizer use ptr_to_globals.
The very first operation is:

        PTR_TO_GLOBALS = xzalloc(N);
which is expanded to:
        (*(struct globals**)&ptr_to_globals) = xzalloc(N);

So, I instruct compiler to store value into ptr_to_globals. Before
any use of ptr_to_globals. And only after that I use it:

        ptr_to_globals->member = zzz;

Only now compiler does "hmm, I need this pointer, let's load it
from memory".

Your compiler is evil. It reorders these statements. Theoretically,
it is allowed to do so, because pointer is (said to be) constant.

Please add this:

 #define INIT_G() do { \
        PTR_TO_GLOBALS = memcpy(xzalloc(sizeof(G)), &init_data, sizeof(init_data)); \
+       asm volatile("": : :"memory");
 } while (0)

Does it help?

> > And how much bigger busybox
> >  now? (output of "size busybox_old busybox").
> 
> Yup, 2K.
> 
>    text    data     bss     dec     hex filename
>  528666    6082    4804  539552   83ba0 busybox_unstripped.no-const
>  526594    6086    4804  537484   8338c busybox_unstripped.const

We'd kill for 2k, not only muck with pseudo-constant pointers.
--
vda

More information about the busybox mailing list