[uClibc 0003124]: smbd segfaults on arm architecture
bugs at busybox.net
bugs at busybox.net
Sat Apr 26 13:11:01 UTC 2008
The following issue has been CLOSED
======================================================================
http://busybox.net/bugs/view.php?id=3124
======================================================================
Reported By: naffarin
Assigned To: uClibc
======================================================================
Project: uClibc
Issue ID: 3124
Category: Architecture Specific
Reproducibility: always
Severity: crash
Priority: normal
Status: closed
Resolution: fixed
Fixed in Version:
======================================================================
Date Submitted: 04-26-2008 01:53 PDT
Last Modified: 04-26-2008 06:11 PDT
======================================================================
Summary: smbd segfaults on arm architecture
Description:
Using a buildroot compiled uclibc toolchain and version 0.9.29 of uclibc a
samba smbd (actually all samba binaries) segfaults immediately after
starting.
The toolchain has been compiled using linuxthreads.old/stable. Other
programs compiled with the toolchain work, e.g. busybox.
a gdb session shows the following output:
bash-3.2# gdb smbd
ELF header=0x40000000
First Dynamic section entry=0x40013ea8
Scanning DYNAMIC section
Done scanning DYNAMIC section
About to do library loader relocations
Done relocating ldso; we can now use globals and make function calls!
_dl_get_ready_to_run:169: Cool, ldso survived making function calls
_dl_malloc:892: mmapping more memory
_dl_get_ready_to_run:340: Lib Loader: (0x40000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:609: Loading: (0x40015000)
/mnt/HD_a2/uclibc_db/lib/libncurses.so.5
_dl_get_ready_to_run:609: Loading: (0x40060000)
/mnt/HD_a2/uclibc_db/lib/libm.so.0
_dl_get_ready_to_run:609: Loading: (0x4008e000)
/mnt/HD_a2/uclibc_db/lib/libdl.so.0
_dl_get_ready_to_run:609: Loading: (0x4009a000)
/mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1
_dl_get_ready_to_run:609: Loading: (0x400a3000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x400a3000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x4009a000)
/mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1
_dl_get_ready_to_run:609: Loading: (0x400a3000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x400a3000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x400a3000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:736: Beginning relocation fixups
transfering control to application @ 0x39ea0
GNU gdb 6.6
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "arm-linux-uclibc"...
Using host libthread_db library
"/mnt/HD_a2/uclibc_db/lib/libthread_db.so.1".
(gdb) set -args --help
No symbol "args" in current context.
(gdb) set args --help
(gdb) r
Starting program: /mnt/HD_a2/uclibc_db/usr/sbin/smbd --help
ELF header=0x40000000
First Dynamic section entry=0x40013ea8
Scanning DYNAMIC section
Done scanning DYNAMIC section
About to do library loader relocations
Done relocating ldso; we can now use globals and make function calls!
_dl_get_ready_to_run:169: Cool, ldso survived making function calls
_dl_get_ready_to_run:261: Position Independent Executable:
app_tpnt->loadaddr=0x2a000000
_dl_malloc:892: mmapping more memory
_dl_get_ready_to_run:340: Lib Loader: (0x40000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:609: Loading: (0x40015000)
/mnt/HD_a2/uclibc_db/lib/libcrypt.so.0
_dl_get_ready_to_run:609: Loading: (0x40033000)
/mnt/HD_a2/uclibc_db/lib/libresolv.so.0
_dl_get_ready_to_run:609: Loading: (0x4003c000)
/mnt/HD_a2/uclibc_db/lib/libdl.so.0
_dl_get_ready_to_run:609: Loading: (0x40048000)
/mnt/HD_a2/uclibc_db/lib/libgcc_s.so.1
_dl_get_ready_to_run:609: Loading: (0x40051000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x40051000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x40051000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x40051000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:609: Loading: (0x40051000)
/mnt/HD_a2/uclibc_db/lib/libc.so.0
_dl_get_ready_to_run:736: Beginning relocation fixups
Program received signal SIGSEGV, Segmentation fault.
0x400034e8 in elf_machine_relative (load_off=704643072,
rel_addr=704883812, relative_count=7007)
at ./ldso/ldso/arm/dl-sysdep.h:140
140 ./ldso/ldso/arm/dl-sysdep.h: No such file or directory.
in ./ldso/ldso/arm/dl-sysdep.h
(gdb) bt
http://busybox.net/bugs/view.php?id=0 0x400034e8 in elf_machine_relative
(load_off=704643072,
rel_addr=704883812, relative_count=7007)
at ./ldso/ldso/arm/dl-sysdep.h:140
http://busybox.net/bugs/view.php?id=1 0x40009df0 in _dl_fixup (rpnt=0x4000c130,
now_flag=0) at
ldso/ldso/dl-elf.c:685
http://busybox.net/bugs/view.php?id=2 0x40005ddc in _dl_get_ready_to_run
(tpnt=0x0, load_addr=1073741824,
auxvt=0xbe833a4c, envp=0xbe833bf0, argv=0xbe833be4)
at ldso/ldso/ldso.c:753
http://busybox.net/bugs/view.php?id=3 0x40002e10 in _dl_start (args=3196271584)
at
ldso/ldso/dl-startup.c:307
http://busybox.net/bugs/view.php?id=4 0x40001bec in _start () at
ldso/ldso/arm/elfinterp.c:332
Backtrace stopped: frame did not save the PC
======================================================================
----------------------------------------------------------------------
naffarin - 04-26-08 05:09
----------------------------------------------------------------------
Further tests showed that this bug is due to a patch to ldso.c i found in
the mailing list. The patch was supposed to fix the segfault as described
in http://busybox.net/bugs/view.php?id=1583 and can be fixed by applying
the following fix taken from
http://www.mail-archive.com/toolchain-commits@blackfin.uclinux.org/msg00485.html
which should be in already in the current snapshot of uclibc.
Modified: trunk/uClibc/ldso/ldso/ldso.c (2014 => 2015)
--- trunk/uClibc/ldso/ldso/ldso.c 2007-11-23 14:06:03 UTC (rev 2014)
+++ trunk/uClibc/ldso/ldso/ldso.c 2007-11-23 15:11:13 UTC (rev 2015)
@@ -289,6 +289,7 @@
_dl_debug_early("calling mprotect on the application program\n");
/* Now cover the application program. */
if (app_tpnt->dynamic_info[DT_TEXTREL]) {
+ ElfW(Phdr) *ppnt_outer = ppnt;
ppnt = (ElfW(Phdr) *) auxvt[AT_PHDR].a_un.a_val;
for (i = 0; i < auxvt[AT_PHNUM].a_un.a_val; i++, ppnt++) {
if (ppnt->p_type == PT_LOAD && !(ppnt->p_flags & PF_W))
@@ -297,7 +298,13 @@
(unsigned long) ppnt->p_filesz,
PROT_READ | PROT_WRITE | PROT_EXEC);
}
+ ppnt = ppnt_outer;
}
+#else
+ if (app_tpnt->dynamic_info[DT_TEXTREL]) {
+ _dl_dprintf(_dl_debug_file, "Can't modify application's text section;
use the GCC option -fPIE for position-independent executables.\n");
+ _dl_exit(1);
+ }
#endif
#ifndef ALLOW_ZERO_PLTGOT
Issue can be closed. ( I suppose this is also the solution for bug 1583)
----------------------------------------------------------------------
carmelo73 - 04-26-08 06:10
----------------------------------------------------------------------
Fixed in r20438
Issue History
Date Modified Username Field Change
======================================================================
04-26-08 01:53 naffarin New Issue
04-26-08 01:53 naffarin Status new => assigned
04-26-08 01:53 naffarin Assigned To => uClibc
04-26-08 05:09 naffarin Note Added: 0007224
04-26-08 06:10 carmelo73 Status assigned => resolved
04-26-08 06:10 carmelo73 Resolution open => fixed
04-26-08 06:10 carmelo73 Note Added: 0007234
04-26-08 06:11 carmelo73 Status resolved => closed
======================================================================
More information about the uClibc-cvs
mailing list