SEGV on start of dyn linked exec on ARM

M P buserror at gmail.com
Tue Jan 11 08:58:21 UTC 2011


Hi guys, I'm being bitten by
https://bugs.busybox.net/show_bug.cgi?id=1075 -- I have exactly the
same problem, using crosstool-ng to build a uclibc 0.9.30.3, then a
range of packages using shared libraries, MOST of them work, but some
(seemingly randomly) fail before they reach main()

According to strace, the libraries are found and mapped, but it seems
to jump at 0x0 at some point in the init phase...

I can reproduce the problem using qemu-arm as well, but I can't seem
to dig any deeper than this easily. Is there a workaround ?


Heres a typical gcc build line:
/opt/minifs/toolchain/arm-v4t-linux-uclibcgnueabi/bin/arm-v4t-linux-uclibcgnueabi-gcc
-I/opt/minifs/build-df3120/staging/include
-I/opt/minifs/build-df3120/staging/usr/include -Os -march=armv4t
-mtune=arm920t -mthumb-interwork -mthumb -std=gnu99 -Wall
/opt/minifs/conf/board/df3120/fbvncslave.c -o
/opt/minifs/build-df3120/staging/usr/bin/fbvncslave
-L/opt/minifs/build-df3120/staging/lib
-L/opt/minifs/build-df3120/staging/usr/lib -Wl,-rpath -Wl,/usr/lib
-Wl,-rpath-link -Wl,/opt/minifs/build-df3120/staging/lib
-Wl,-rpath-link -Wl,/opt/minifs/build-df3120/staging/usr/lib
-lvncclient -ljpeg -lz

Typical strace session:

% qemu-arm -strace -L . ./usr/bin/fbvncslave
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x42081000
30594 stat("/etc/ld.so.cache",0x4007f6d8) = 0
30594 open("/etc/ld.so.cache",O_RDONLY) = 3
30594 mmap2(NULL,99928,PROT_READ,MAP_SHARED,3,0) = 0x42082000
30594 close(3) = 0
30594 stat("/etc/ld.so.preload",0x4007f86c) = -1 errno=2 (No such file
or directory)
30594 open("/usr/lib/libvncclient.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ee48) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x4209b000
30594 read(3,0x4209b000,4096) = 4096
30594 mmap2(NULL,106496,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x4209c000
30594 mmap2(0x4209c000,67068,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x4209c000
30594 mmap2(0x420b4000,4573,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0x10)
= 0x420b4000
30594 close(3) = 0
30594 munmap(0x4209b000,4096) = 0
30594 open("/usr/lib/libjpeg.so.8",O_RDONLY) = 3
30594 fstat(3,0x4007ee38) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x420b6000
30594 read(3,0x420b6000,4096) = 4096
30594 mmap2(NULL,192512,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x420b7000
30594 mmap2(0x420b7000,152312,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x420b7000
30594 mmap2(0x420e4000,4716,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0x25)
= 0x420e4000
30594 close(3) = 0
30594 munmap(0x420b6000,4096) = 0
30594 open("/usr/lib/libz.so.1",O_RDONLY) = 3
30594 fstat(3,0x4007ee28) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x420e6000
30594 read(3,0x420e6000,4096) = 4096
30594 mmap2(NULL,94208,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x420e7000
30594 mmap2(0x420e7000,54688,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x420e7000
30594 mmap2(0x420fc000,4360,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0xd)
= 0x420fc000
30594 close(3) = 0
30594 munmap(0x420e6000,4096) = 0
30594 open("/usr/lib/libgcc_s.so.1",O_RDONLY) = -1 errno=2 (No such
file or directory)
30594 open("/lib/libgcc_s.so.1",O_RDONLY) = 3
30594 fstat(3,0x4007ee18) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x420fe000
30594 read(3,0x420fe000,4096) = 4096
30594 mmap2(NULL,77824,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x420ff000
30594 mmap2(0x420ff000,40464,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x420ff000
30594 mmap2(0x42110000,4376,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0x9)
= 0x42110000
30594 close(3) = 0
30594 munmap(0x420fe000,4096) = 0
30594 open("/usr/lib/libc.so.0",O_RDONLY) = -1 errno=2 (No such file
or directory)
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ee08) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x42112000
30594 read(3,0x42112000,4096) = 4096
30594 mmap2(NULL,352256,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x42113000
30594 mmap2(0x42113000,302340,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x42113000
30594 mmap2(0x42164000,5600,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0x49)
= 0x42164000
30594 mmap2(0x42166000,9744,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED,-1,0)
= 0x42166000
30594 close(3) = 0
30594 munmap(0x42112000,4096) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libnsl.so.0",O_RDONLY)
= -1 errno=2 (No such file or directory)
30594 open("/lib/libnsl.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007edf8) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x42169000
30594 read(3,0x42169000,4096) = 4096
30594 mmap2(NULL,40960,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x4216a000
30594 mmap2(0x4216a000,708,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x4216a000
30594 mmap2(0x42172000,4108,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x42172000
30594 close(3) = 0
30594 munmap(0x42169000,4096) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libpthread.so.0",O_RDONLY)
= -1 errno=2 (No such file or directory)
30594 open("/lib/libpthread.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ede8) = 0
30594 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)
= 0x42174000
30594 read(3,0x42174000,4096) = 4096
30594 mmap2(NULL,106496,PROT_NONE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x42175000
30594 mmap2(0x42175000,44412,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_FIXED,3,0)
= 0x42175000
30594 mmap2(0x42187000,7480,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,3,0xa)
= 0x42187000
30594 mmap2(0x42189000,24040,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED,-1,0)
= 0x42189000
30594 close(3) = 0
30594 munmap(0x42174000,4096) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libz.so.1",O_RDONLY) = 3
30594 fstat(3,0x4007edb8) = 0
30594 close(3) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libjpeg.so.8",O_RDONLY) = 3
30594 fstat(3,0x4007eda8) = 0
30594 close(3) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libgcc_s.so.1",O_RDONLY)
= -1 errno=2 (No such file or directory)
30594 open("/lib/libgcc_s.so.1",O_RDONLY) = 3
30594 fstat(3,0x4007edb8) = 0
30594 close(3) = 0
30594 open("/opt/minifs/build-df3120/staging/usr/lib/libc.so.0",O_RDONLY)
= -1 errno=2 (No such file or directory)
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007eda8) = 0
30594 close(3) = 0
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ed98) = 0
30594 close(3) = 0
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ed88) = 0
30594 close(3) = 0
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ed78) = 0
30594 close(3) = 0
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ed68) = 0
30594 close(3) = 0
30594 open("/lib/libc.so.0",O_RDONLY) = 3
30594 fstat(3,0x4007ed58) = 0
30594 close(3) = 0
30594 munmap(0x42082000,99928) = 0
30594 stat("/lib/ld-uClibc.so.0",0x4007f86c) = 0
30594 mprotect(0x00011000,4096,PROT_READ) = 0
30594 mprotect(0x420b4000,4096,PROT_READ) = 0
30594 mprotect(0x420e4000,4096,PROT_READ) = 0
30594 mprotect(0x420fc000,4096,PROT_READ) = 0
30594 mprotect(0x42110000,4096,PROT_READ) = 0
30594 mprotect(0x42164000,4096,PROT_READ) = 0
30594 mprotect(0x42172000,4096,PROT_READ) = 0
30594 mprotect(0x42187000,4096,PROT_READ) = 0
30594 mprotect(0x4008d000,4096,PROT_READ) = 0
30594 ioctl(0,21505,1074263444,1074263436,1074263500,688) = 0
30594 ioctl(1,21505,1074263444,1074263436,1074263500,272) = 0
30594 ugetrlimit(3,1074262736,1108824064,516,1108901888,0) = 0
30594 setrlimit(3,1074262736,1108768996,8388608,1108901888,2093056) = 0
30594 getpid(0,1074262736,2093056,1069547520,1108901888,0) = 30594
30594 rt_sigaction(32,1074262596,0,8,0,1108758528) = 0
30594 rt_sigaction(33,1074262596,0,8,0,1108758528) = -1 errno=22
(Invalid argument)
30594 rt_sigaction(34,1074262596,0,8,0,1108758528) = 0
30594 rt_sigprocmask(0,1074263420,0,8,1108901888,1074263420) = 0
30594 rt_sigprocmask(1,1074263420,0,8,1108901888,1074263420) = 0
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault  qemu-arm -strace -L . ./usr/bin/fbvncslave


More information about the busybox mailing list