[uClibc 0005694]: uClibc-0.9.30-rc2 apps always segfault
bugs at busybox.net
bugs at busybox.net
Sun Oct 26 11:29:07 UTC 2008
A NOTE has been added to this issue.
======================================================================
http://busybox.net/bugs/view.php?id=5694
======================================================================
Reported By: rhabarber1848
Assigned To: uClibc
======================================================================
Project: uClibc
Issue ID: 5694
Category: Other
Reproducibility: always
Severity: major
Priority: normal
Status: assigned
======================================================================
Date Submitted: 10-23-2008 06:48 PDT
Last Modified: 10-26-2008 04:29 PDT
======================================================================
Summary: uClibc-0.9.30-rc2 apps always segfault
Description:
I am working on extending the Tuxbox environment with working uClibc
support[2].
Currently uClibc 0.9.28.3 is working well with our setup but getting
0.9.30-rc2
to work seems impossible.
Our compile environment includes:
- binutils 2.17.50.0.9 (2.19.50.0.1 shows the same result)
- gcc-3.4.6 including uClibc-patches
- Linux kernel 2.4.36.6
- Busybox 1.7.2
Booting into a uClibc 0.9.30-rc2 environment shows this:
[...]
Mounted devfs on /dev
Freeing unused kernel memory: 72k init
ELF0x30000000
ELF0x3001d09c
ELELELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups
After this point the boot process hangs.
Booting into a uClibc-0.9.28.3 environment, then chroot'ing into
uClibc 0.9.30-rc2 produces SEGFAULT for all binaries tested.
Here is a gdb backtrace, please note that both uClibc 0.9.28.3 and
0.9.30-rc2
were compiled with debug options enabled:
# gdb --args chroot /mnt /bin/busybox ash
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libintl.so.0
_dl_get_ready_to_run:621: Loading: (0x30028000) /lib/libncurses.so.5
_dl_get_ready_to_run:621: Loading: (0x30097000) /lib/libm.so.0
_dl_get_ready_to_run:621: Loading: (0x300cb000) /lib/libdl.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10033cb0
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox ash
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340 dl-elf.c: No such file or directory.
in dl-elf.c
(gdb) bt full
http://busybox.net/bugs/view.php?id=0 0x300026d4 in _dl_load_elf_shared_library
(secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
dynamic_addr = 0
tpnt = (struct elf_resolve *) 0x0
ppnt = (Elf32_Phdr *) 0x0
status = 0x0
dynamic_info = {2147483501, 2147483511, 2147483518, 2147483531,
2147483543, 2147483554, 2147483570,
2147483584, 2147483590, 2147483599, 0, 22, 22, 22, 22, 19, 16, 20, 16,
21, 0, 16, 2214592512, 6, 4096, 17,
100, 3, 268435508, 4, 32, 5, 7, 7, 805306368, 8}
lpnt = (long unsigned int *) 0x0
minvma = 0
maxvma = 0
i = 0
flags = 0
piclib = 0
relro_addr = 0
relro_size = 0
st = {st_dev = 0, st_ino = 9, st_mode = 268449032, st_nlink = 0,
st_uid = 0, st_gid = 12, st_rdev = 0,
st_size = 13, st_blksize = 0, st_blocks = 14, st_atime = 0, __unused1 =
0, st_mtime = 0, __unused2 = 0,
st_ctime = 0, __unused3 = 0, __unused4 = 0, __unused5 = 0}
__FUNCTION__ =
"\201)\000\020\200\037\0008\220\t\000\024\201?\0008\200\t\000\020\220\037\0008H\000\001\020"
http://busybox.net/bugs/view.php?id=1 0x54483d2f in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
[1] Tuxbox is a Linux-based software for digital TV receivers like
Dbox2/Dreambox
[2] http://tuxbox-forum.dreambox-fan.de/forum/viewtopic.php?f=7&t=46625
======================================================================
----------------------------------------------------------------------
rhabarber1848 - 10-23-08 06:50
----------------------------------------------------------------------
Attached you will find .config for uClibc 0.9.30-rc2-svn. This code is
based
on yesterdays snapshot but the segfaults also happen with 0.9.30-rc2
tarball.
----------------------------------------------------------------------
rhabarber1848 - 10-23-08 06:54
----------------------------------------------------------------------
gcc-3.4.6 is compiled using two patches, one general uClibc patch[1] based
on
trunk/buildroot/toolchain/gcc/3.4.6/200-uclibc-locale.patch which is
working
well with 0.9.28.3 and another patch consisting of back-ported code from
trunk/buildroot/toolchain/gcc/4.2.4/203-uclibc-locale-no__x.patch
trunk/buildroot/toolchain/gcc/4.2.4/204-uclibc-locale-wchar_fix.patch
trunk/buildroot/toolchain/gcc/4.2.4/205-uclibc-locale-update.patch
to fix locale-related compile bugs. This gcc-uclibc-locale.diff you will
find attached to this bug report.
[1] http://cvs.tuxbox.org/tuxbox/cdk/Patches/gcc-uclibc.diff?view=markup
----------------------------------------------------------------------
rhabarber1848 - 10-23-08 06:57
----------------------------------------------------------------------
Please note that updating gcc is not an option for us.
Weird enough binaries linked against uClibc-0.9.30-rc2 work in uClibc
0.9.28.3
environments:
# pwd
/
# ls -la /lib/libuC*
-rw-r--r-- 1 root root 45305281 Oct 23 2008
/lib/libuClibc-0.9.28.so
# /mnt/bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003508
BusyBox v1.7.2 (2008-10-23 14:19:27 CEST) multi-call binary
Copyright (C) 1998-2006 Erik Andersen, Rob Landley, and others.
Licensed under GPLv2. See source distribution for full notice.
[...]
----------------------------------------------------------------------
rhabarber1848 - 10-23-08 06:59
----------------------------------------------------------------------
Attached as kernel_dot_config you will also find the kernel .config used.
----------------------------------------------------------------------
rhabarber1848 - 10-23-08 14:57
----------------------------------------------------------------------
In my compile environment I was able to get uClibc 0.9.29 to work,
even including gcc-3.4.6 patched with gcc-uclibc-locale.diff, so I
think this patch is not the reason for the segfaults reported here.
----------------------------------------------------------------------
bernhardf - 10-25-08 01:28
----------------------------------------------------------------------
Please provide a "bt f" at the time of the segfault (on current trunk), not
your breakpoint.
----------------------------------------------------------------------
rhabarber1848 - 10-25-08 05:28
----------------------------------------------------------------------
(gdb) bt f
http://busybox.net/bugs/view.php?id=0 0x300d5c30 in _dl_run_init_array () from
/lib/libdl.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=1 0x300d5cbc in _dl_app_init_array () from
/lib/libdl.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=2 0x305e82b4 in __uClibc_main () from
/lib/libc.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=3 0x00000000 in ?? ()
No symbol table info available.
----------------------------------------------------------------------
bernhardf - 10-25-08 11:14
----------------------------------------------------------------------
.. with DOASSERTS, and debugging enabled..
----------------------------------------------------------------------
rhabarber1848 - 10-26-08 04:22
----------------------------------------------------------------------
I recompiled uClibc 0.9.28.3 and 0.9.30 (yesterdays SVN snapshot) with
debug options enabled and booted into 0.9.28.3.
When starting "chroot /mnt /bin/busybox" I receive
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x3001d09c
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups
Segmentation fault
but when using gdb I can only see a SIGTRAP like the one I posted above.
Weird is that the segfault happens immediatly while SIGTRAP occurs after
~ 60s of visual inactivity:
Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340 dl-elf.c: No such file or directory.
in dl-elf.c
Please note that I am not an expert with gdb. I tried to run gdb with some
options to adjust to the chroot:
# gdb --args chroot /mnt /bin/busybox
GNU gdb 6.8
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) set sysroot /mnt
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_start (args=Cannot access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
72 ./ldso/include/dl-syscall.h: No such file or directory.
in ./ldso/include/dl-syscall.h
Do you need more informations?
----------------------------------------------------------------------
rhabarber1848 - 10-26-08 04:29
----------------------------------------------------------------------
Forgot to add "bt f".
This after the 60s pause:
(gdb) set solib-search-path /mnt/lib
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340 dl-elf.c: No such file or directory.
in dl-elf.c
(gdb) bt f
http://busybox.net/bugs/view.php?id=0 0x300026d4 in _dl_load_elf_shared_library
(secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
dynamic_addr = 0
tpnt = (struct elf_resolve *) 0x0
ppnt = (Elf32_Phdr *) 0x0
status = 0x0
dynamic_info = {2147483511, 2147483518, 2147483531, 2147483543,
2147483554, 2147483570, 2147483584,
2147483590, 2147483599, 0, 22, 22, 22, 22, 19, 16, 20, 16, 21, 0, 16,
2214592512, 6, 4096, 17, 100, 3,
268435508, 4, 32, 5, 7, 7, 805306368, 8, 0}
lpnt = (long unsigned int *) 0x0
minvma = 0
maxvma = 0
i = 0
flags = 0
piclib = 0
relro_addr = 0
relro_size = 0
st = {st_dev = 9, st_ino = 268448996, st_mode = 11, st_nlink = 0,
st_uid = 12, st_gid = 0, st_rdev = 13,
st_size = 0, st_blksize = 14, st_blocks = 0, st_atime = 0, __unused1 =
0, st_mtime = 794978670,
__unused2 = 794981747, st_ctime = 2036494200, __unused3 = 5591877,
__unused4 = 1379758703,
__unused5 = 1869873224}
__FUNCTION__ =
"\201)\000\020\200\037\0008\220\t\000\024\201?\0008\200\t\000\020\220\037\0008H\000\001\020"
http://busybox.net/bugs/view.php?id=1 0x2f004c49 in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
Issue History
Date Modified Username Field Change
======================================================================
10-23-08 06:48 rhabarber1848 New Issue
10-23-08 06:48 rhabarber1848 Status new => assigned
10-23-08 06:48 rhabarber1848 Assigned To => uClibc
10-23-08 06:50 rhabarber1848 File Added: .config
10-23-08 06:50 rhabarber1848 Note Added: 0014044
10-23-08 06:50 rhabarber1848 Issue Monitored: rhabarber1848
10-23-08 06:54 rhabarber1848 File Added: gcc-uclibc-locale.diff
10-23-08 06:54 rhabarber1848 Note Added: 0014054
10-23-08 06:57 rhabarber1848 Note Added: 0014064
10-23-08 06:58 rhabarber1848 File Added: kernel_dot_config
10-23-08 06:59 rhabarber1848 Note Added: 0014074
10-23-08 14:57 rhabarber1848 Note Added: 0014094
10-25-08 01:28 bernhardf Note Added: 0014144
10-25-08 05:28 rhabarber1848 Note Added: 0014164
10-25-08 11:14 bernhardf Note Added: 0014174
10-26-08 04:22 rhabarber1848 Note Added: 0014224
10-26-08 04:29 rhabarber1848 Note Added: 0014234
======================================================================
More information about the uClibc-cvs
mailing list