[uClibc 0005694]: uClibc-0.9.30-rc2 apps always segfault

bugs at busybox.net bugs at busybox.net
Thu Oct 30 11:06:21 UTC 2008


A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=5694 
====================================================================== 
Reported By:                rhabarber1848
Assigned To:                uClibc
====================================================================== 
Project:                    uClibc
Issue ID:                   5694
Category:                   Other
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     feedback
====================================================================== 
Date Submitted:             10-23-2008 06:48 PDT
Last Modified:              10-30-2008 04:06 PDT
====================================================================== 
Summary:                    uClibc-0.9.30-rc2 apps always segfault
Description: 
I am working on extending the Tuxbox environment with working uClibc
support[2].
Currently uClibc 0.9.28.3 is working well with our setup but getting
0.9.30-rc2
to work seems impossible.

Our compile environment includes:
- binutils 2.17.50.0.9 (2.19.50.0.1 shows the same result)
- gcc-3.4.6 including uClibc-patches
- Linux kernel 2.4.36.6
- Busybox 1.7.2

Booting into a uClibc 0.9.30-rc2 environment shows this:

[...]
Mounted devfs on /dev
Freeing unused kernel memory: 72k init
ELF0x30000000
ELF0x3001d09c
ELELELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups

After this point the boot process hangs.
Booting into a uClibc-0.9.28.3 environment, then chroot'ing into
uClibc 0.9.30-rc2 produces SEGFAULT for all binaries tested.
Here is a gdb backtrace, please note that both uClibc 0.9.28.3 and
0.9.30-rc2
were compiled with debug options enabled:

# gdb --args chroot /mnt /bin/busybox ash
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libintl.so.0
_dl_get_ready_to_run:621: Loading: (0x30028000) /lib/libncurses.so.5
_dl_get_ready_to_run:621: Loading: (0x30097000) /lib/libm.so.0
_dl_get_ready_to_run:621: Loading: (0x300cb000) /lib/libdl.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10033cb0
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox ash
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340     dl-elf.c: No such file or directory.
        in dl-elf.c
(gdb) bt full
http://busybox.net/bugs/view.php?id=0  0x300026d4 in _dl_load_elf_shared_library
(secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
        dynamic_addr = 0
        tpnt = (struct elf_resolve *) 0x0
        ppnt = (Elf32_Phdr *) 0x0
        status = 0x0
        dynamic_info = {2147483501, 2147483511, 2147483518, 2147483531,
2147483543, 2147483554, 2147483570,
  2147483584, 2147483590, 2147483599, 0, 22, 22, 22, 22, 19, 16, 20, 16,
21, 0, 16, 2214592512, 6, 4096, 17,
  100, 3, 268435508, 4, 32, 5, 7, 7, 805306368, 8}
        lpnt = (long unsigned int *) 0x0
        minvma = 0
        maxvma = 0
        i = 0
        flags = 0
        piclib = 0
        relro_addr = 0
        relro_size = 0
        st = {st_dev = 0, st_ino = 9, st_mode = 268449032, st_nlink = 0,
st_uid = 0, st_gid = 12, st_rdev = 0,
  st_size = 13, st_blksize = 0, st_blocks = 14, st_atime = 0, __unused1 =
0, st_mtime = 0, __unused2 = 0,
  st_ctime = 0, __unused3 = 0, __unused4 = 0, __unused5 = 0}
        __FUNCTION__ =
"\201)\000\020\200\037\0008\220\t\000\024\201?\0008\200\t\000\020\220\037\0008H\000\001\020"
http://busybox.net/bugs/view.php?id=1  0x54483d2f in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

[1] Tuxbox is a Linux-based software for digital TV receivers like
Dbox2/Dreambox
[2] http://tuxbox-forum.dreambox-fan.de/forum/viewtopic.php?f=7&t=46625
====================================================================== 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-23-08 06:50  
---------------------------------------------------------------------- 
Attached you will find .config for uClibc 0.9.30-rc2-svn. This code is
based
on yesterdays snapshot but the segfaults also happen with 0.9.30-rc2
tarball. 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-23-08 06:54  
---------------------------------------------------------------------- 
gcc-3.4.6 is compiled using two patches, one general uClibc patch[1] based
on
trunk/buildroot/toolchain/gcc/3.4.6/200-uclibc-locale.patch which is
working
well with 0.9.28.3 and another patch consisting of back-ported code from

trunk/buildroot/toolchain/gcc/4.2.4/203-uclibc-locale-no__x.patch
trunk/buildroot/toolchain/gcc/4.2.4/204-uclibc-locale-wchar_fix.patch
trunk/buildroot/toolchain/gcc/4.2.4/205-uclibc-locale-update.patch

to fix locale-related compile bugs. This gcc-uclibc-locale.diff you will
find attached to this bug report.

[1] http://cvs.tuxbox.org/tuxbox/cdk/Patches/gcc-uclibc.diff?view=markup 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-23-08 06:57  
---------------------------------------------------------------------- 
Please note that updating gcc is not an option for us.

Weird enough binaries linked against uClibc-0.9.30-rc2 work in uClibc
0.9.28.3
environments:

# pwd
/
# ls -la /lib/libuC*
-rw-r--r--    1 root     root     45305281 Oct 23  2008
/lib/libuClibc-0.9.28.so
# /mnt/bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003508
BusyBox v1.7.2 (2008-10-23 14:19:27 CEST) multi-call binary
Copyright (C) 1998-2006  Erik Andersen, Rob Landley, and others.
Licensed under GPLv2.  See source distribution for full notice.
[...] 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-23-08 06:59  
---------------------------------------------------------------------- 
Attached as kernel_dot_config you will also find the kernel .config used. 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-23-08 14:57  
---------------------------------------------------------------------- 
In my compile environment I was able to get uClibc 0.9.29 to work,
even including gcc-3.4.6 patched with gcc-uclibc-locale.diff, so I
think this patch is not the reason for the segfaults reported here. 

---------------------------------------------------------------------- 
 bernhardf - 10-25-08 01:28  
---------------------------------------------------------------------- 
Please provide a "bt f" at the time of the segfault (on current trunk), not
your breakpoint. 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-25-08 05:28  
---------------------------------------------------------------------- 
(gdb) bt f
http://busybox.net/bugs/view.php?id=0  0x300d5c30 in _dl_run_init_array () from
/lib/libdl.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=1  0x300d5cbc in _dl_app_init_array () from
/lib/libdl.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=2  0x305e82b4 in __uClibc_main () from
/lib/libc.so.0
No symbol table info available.
http://busybox.net/bugs/view.php?id=3  0x00000000 in ?? ()
No symbol table info available. 

---------------------------------------------------------------------- 
 bernhardf - 10-25-08 11:14  
---------------------------------------------------------------------- 
.. with DOASSERTS, and debugging enabled.. 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-26-08 04:22  
---------------------------------------------------------------------- 
I recompiled uClibc 0.9.28.3 and 0.9.30 (yesterdays SVN snapshot) with
debug options enabled and booted into 0.9.28.3.

When starting "chroot /mnt /bin/busybox" I receive 

transfering control to application @ 0x10003550
ELF0x30000000
ELF0x3001d09c
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups
Segmentation fault

but when using gdb I can only see a SIGTRAP like the one I posted above.
Weird is that the segfault happens immediatly while SIGTRAP occurs after
~ 60s of visual inactivity:

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340     dl-elf.c: No such file or directory.
        in dl-elf.c

Please note that I am not an expert with gdb. I tried to run gdb with some
options to adjust to the chroot:

# gdb --args chroot /mnt /bin/busybox
GNU gdb 6.8
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) set sysroot /mnt
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_start (args=Cannot access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
72      ./ldso/include/dl-syscall.h: No such file or directory.
        in ./ldso/include/dl-syscall.h

Do you need more informations? 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-26-08 04:29  
---------------------------------------------------------------------- 
Forgot to add "bt f".

This after the 60s pause:

(gdb) set solib-search-path /mnt/lib
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340     dl-elf.c: No such file or directory.
        in dl-elf.c
(gdb) bt f
http://busybox.net/bugs/view.php?id=0  0x300026d4 in _dl_load_elf_shared_library
(secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
        dynamic_addr = 0
        tpnt = (struct elf_resolve *) 0x0
        ppnt = (Elf32_Phdr *) 0x0
        status = 0x0
        dynamic_info = {2147483511, 2147483518, 2147483531, 2147483543,
2147483554, 2147483570, 2147483584,
  2147483590, 2147483599, 0, 22, 22, 22, 22, 19, 16, 20, 16, 21, 0, 16,
2214592512, 6, 4096, 17, 100, 3,
  268435508, 4, 32, 5, 7, 7, 805306368, 8, 0}
        lpnt = (long unsigned int *) 0x0
        minvma = 0
        maxvma = 0
        i = 0
        flags = 0
        piclib = 0
        relro_addr = 0
        relro_size = 0
        st = {st_dev = 9, st_ino = 268448996, st_mode = 11, st_nlink = 0,
st_uid = 12, st_gid = 0, st_rdev = 13,
  st_size = 0, st_blksize = 14, st_blocks = 0, st_atime = 0, __unused1 =
0, st_mtime = 794978670,
  __unused2 = 794981747, st_ctime = 2036494200, __unused3 = 5591877,
__unused4 = 1379758703,
  __unused5 = 1869873224}
        __FUNCTION__ =
"\201)\000\020\200\037\0008\220\t\000\024\201?\0008\200\t\000\020\220\037\0008H\000\001\020"
http://busybox.net/bugs/view.php?id=1  0x2f004c49 in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?) 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-26-08 04:30  
---------------------------------------------------------------------- 
And this is the second case using sysroot option in gdb:

(gdb) set sysroot /mnt
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_start (args=Cannot access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
72      ./ldso/include/dl-syscall.h: No such file or directory.
        in ./ldso/include/dl-syscall.h
(gdb) bt f
http://busybox.net/bugs/view.php?id=0  0x300026d4 in _dl_start (args=Cannot
access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
        tmp1 = Cannot access memory at address 0x27c
(gdb) 

---------------------------------------------------------------------- 
 bernhardf - 10-27-08 09:50  
---------------------------------------------------------------------- 
Please try this patch on top of a clean trunk checkout and let me know how
that behaves..
http://uclibc.org/~aldot/uClibc/maybe-fixup-23660+23698.patch 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-27-08 12:55  
---------------------------------------------------------------------- 
Again I recompiled uClibc 0.9.28.3 and 0.9.30 trunk (revision 23822) with
debug options enabled, booting into 0.9.30 directly does not work:

[kernel boot messages ...]
Freeing unused kernel memory: 72k init
ELF0x30000000
ELF0x3001d09c
ELELELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups

Here the boot process came to a halt. So I booted into 0.9.28.3 and tried
chroot again:

# ls -la /lib/*uC*
-rw-r--r--    1 root     root     45376884 Oct 27  2008
/lib/libuClibc-0.9.28.so
# chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x3001d09c
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:172: Cool, ldso survived making function calls
_dl_malloc:920: mmapping more memory
_dl_get_ready_to_run:354: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:620: Loading: (0x3001e000) /lib/libcrypt.so.0
_dl_get_ready_to_run:620: Loading: (0x30043000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:620: Loading: (0x30060000) /lib/libc.so.0
_dl_get_ready_to_run:747: Beginning relocation fixups
Segmentation fault
#                                                 

Here is the gdb backtrace:

# gdb --args chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libintl.so.0
_dl_get_ready_to_run:621: Loading: (0x30028000) /lib/libncurses.so.5
_dl_get_ready_to_run:621: Loading: (0x30097000) /lib/libm.so.0
_dl_get_ready_to_run:621: Loading: (0x300cb000) /lib/libdl.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10033e70
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) set sysroot /mnt
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_start (args=Cannot access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
72      ./ldso/include/dl-syscall.h: No such file or directory.
        in ./ldso/include/dl-syscall.h
(gdb) bt f
http://busybox.net/bugs/view.php?id=0  0x300026d4 in _dl_start (args=Cannot
access memory at address 0x8
) at ./ldso/include/dl-syscall.h:72
        tmp1 = Cannot access memory at address 0x27c
(gdb)

Here is another gdb backtrace using option solib-search-path,
again with 60s pause during execution:

# gdb --args chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libintl.so.0
_dl_get_ready_to_run:621: Loading: (0x30028000) /lib/libncurses.so.5
_dl_get_ready_to_run:621: Loading: (0x30097000) /lib/libm.so.0
_dl_get_ready_to_run:621: Loading: (0x300cb000) /lib/libdl.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300de000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x300fb000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10033e70
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "powerpc-tuxbox-linux-uclibc"...
(no debugging symbols found)
(gdb) set solib-search-path /mnt/lib
(gdb) run
Starting program: /sbin/chroot /mnt /bin/busybox
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550
ELF0x30000000
ELF0x30016820
ELFELFELFDone relocating ldso; we can now use globals and make function
calls!
_dl_get_ready_to_run:197: Cool, ldso survived making function calls
_dl_malloc:899: mmapping more memory
_dl_get_ready_to_run:352: Lib Loader: (0x30000000) /lib/ld-uClibc.so.0
_dl_get_ready_to_run:621: Loading: (0x30017000) /lib/libcrypt.so.0
_dl_get_ready_to_run:621: Loading: (0x3003d000) /lib/libgcc_s_nof.so.1
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:621: Loading: (0x3005a000) /lib/libc.so.0
_dl_get_ready_to_run:744: Beginning relocation fixups
transfering control to application @ 0x10003550

Program received signal SIGTRAP, Trace/breakpoint trap.
0x300026d4 in _dl_load_elf_shared_library (secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
340     dl-elf.c: No such file or directory.
        in dl-elf.c
(gdb) bt f
http://busybox.net/bugs/view.php?id=0  0x300026d4 in _dl_load_elf_shared_library
(secure=0, rpnt=0x0,
libname=0x0) at dl-elf.c:340
        dynamic_addr = 0
        tpnt = (struct elf_resolve *) 0x0
        ppnt = (Elf32_Phdr *) 0x0
        status = 0x0
        dynamic_info = {2147483511, 2147483518, 2147483531, 2147483543,
2147483554, 2147483570, 2147483584,
  2147483590, 2147483599, 0, 22, 22, 22, 22, 19, 16, 20, 16, 21, 0, 16,
2214592512, 6, 4096, 17, 100, 3,
  268435508, 4, 32, 5, 7, 7, 805306368, 8, 0}
        lpnt = (long unsigned int *) 0x0
        minvma = 0
        maxvma = 0
        i = 0
        flags = 0
        piclib = 0
        relro_addr = 0
        relro_size = 0
        st = {st_dev = 9, st_ino = 268448996, st_mode = 11, st_nlink = 0,
st_uid = 12, st_gid = 0, st_rdev = 13,
  st_size = 0, st_blksize = 14, st_blocks = 0, st_atime = 0, __unused1 =
0, st_mtime = 794978670,
  __unused2 = 794981747, st_ctime = 2036494200, __unused3 = 5591877,
__unused4 = 1379758703,
  __unused5 = 1869873224}
        __FUNCTION__ =
"\201)\000\020\200\037\0008\220\t\000\024\201?\0008\200\t\000\020\220\037\0008H\000\001\020"
http://busybox.net/bugs/view.php?id=1  0x2f004c49 in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)

So your patch does not fix the problem. Do you have any ideas
how I can further debug this problem? 

---------------------------------------------------------------------- 
 bernhardf - 10-27-08 13:38  
---------------------------------------------------------------------- 
export MALLOC_DEBUG=16
is what i aimed at with said patch.

Ok, for a start, turn off FORCE_SHAREABLE_TEXT_SEGMENTS, the "classic" is
meaningless by now, COMPAT_ATEXIT doesn't make sense, UCLIBC_SUSV3_LEGACY
is something i don't do, UCLIBC_SUSV3_LEGACY_MACROS likewise -- fix you
legacy apps instead, UCLIBC_HAS_GETPT doesn't make sense,
UCLIBC_LINUX_MODULE_24 is something you don't _want_ anyway,
UCLIBC_HAS_BSD_ERR is outdated, UCLIBC_BSD_SPECIFIC is something you
likely don't need, UCLIBC_HAS_EPOLL and UCLIBC_HAS_XATTR huh?
UCLIBC_HAS_STDIO_GETC_MACRO, UCLIBC_HAS_STDIO_PUTC_MACRO no thanks,
UCLIBC_HAS_SYS_SIGLIST and UCLIBC_HAS_GNU_GETSUBOPT what for?

So.. who trips this? Which app? Small, standalone example that i can
reproduce with qemu? 

---------------------------------------------------------------------- 
 bernhardf - 10-28-08 11:37  
---------------------------------------------------------------------- 
I cannot reproduce this with current trunk (e.g. r23829 or later). 

---------------------------------------------------------------------- 
 rhabarber1848 - 10-30-08 04:06  
---------------------------------------------------------------------- 
Still the same problem with rev 23853. 

Attached you will find the updated uClibc .config:
uclibc-0.9.30-rc3.config

turn off FORCE_SHAREABLE_TEXT_SEGMENTS, the "classic" is meaningless by
now, COMPAT_ATEXIT doesn't make sense, UCLIBC_SUSV3_LEGACY is something i
don't do, UCLIBC_SUSV3_LEGACY_MACROS likewise -- fix you legacy apps
instead, 
UCLIBC_HAS_GETPT doesn't make sense, UCLIBC_LINUX_MODULE_24 is something
you don't _want_ anyway, UCLIBC_HAS_BSD_ERR is outdated,
UCLIBC_BSD_SPECIFIC is something you likely don't need, UCLIBC_HAS_EPOLL
and UCLIBC_HAS_XATTR huh?
UCLIBC_HAS_STDIO_GETC_MACRO, UCLIBC_HAS_STDIO_PUTC_MACRO no thanks,
UCLIBC_HAS_SYS_SIGLIST and UCLIBC_HAS_GNU_GETSUBOPT what for?

I removed the options you mentioned, I only left UCLIBC_BSD_SPECIFIC
activated,
because otherwise busybox-1.7.2 would fail to compile:
login.c:(.text.print_login_issue+0x144): undefined reference to
`getdomainname' 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
10-23-08 06:48  rhabarber1848  New Issue                                    
10-23-08 06:48  rhabarber1848  Status                   new => assigned     
10-23-08 06:48  rhabarber1848  Assigned To               => uClibc          
10-23-08 06:50  rhabarber1848  File Added: .config                          
10-23-08 06:50  rhabarber1848  Note Added: 0014044                          
10-23-08 06:50  rhabarber1848  Issue Monitored: rhabarber1848                   

10-23-08 06:54  rhabarber1848  File Added: gcc-uclibc-locale.diff               
    
10-23-08 06:54  rhabarber1848  Note Added: 0014054                          
10-23-08 06:57  rhabarber1848  Note Added: 0014064                          
10-23-08 06:58  rhabarber1848  File Added: kernel_dot_config                    
10-23-08 06:59  rhabarber1848  Note Added: 0014074                          
10-23-08 14:57  rhabarber1848  Note Added: 0014094                          
10-25-08 01:28  bernhardf      Note Added: 0014144                          
10-25-08 05:28  rhabarber1848  Note Added: 0014164                          
10-25-08 11:14  bernhardf      Note Added: 0014174                          
10-26-08 04:22  rhabarber1848  Note Added: 0014224                          
10-26-08 04:29  rhabarber1848  Note Added: 0014234                          
10-26-08 04:30  rhabarber1848  Note Added: 0014244                          
10-27-08 09:50  bernhardf      Note Added: 0014384                          
10-27-08 12:55  rhabarber1848  Note Added: 0014394                          
10-27-08 13:38  bernhardf      Note Added: 0014404                          
10-28-08 11:37  bernhardf      Note Added: 0014494                          
10-28-08 11:37  bernhardf      Status                   assigned => feedback
10-30-08 04:06  rhabarber1848  Note Added: 0014604                          
======================================================================




More information about the uClibc-cvs mailing list