This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Fwd: Memory violation in init on ARM Linux. in glibc mainline...]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Forwarded for Scott.

- --
- --------------.                        ,-.            444 Castro Street
Ulrich Drepper \    ,-----------------'   \ Mountain View, CA 94041 USA
Red Hat         `--' drepper at redhat.com `---------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9mISP2ijCOnn/RHQRAghwAJ9fypf/Q7qOKmPvCGhOmLOhPQIo6gCgyq7p
RwpFMLVP6js+BdGKQOV/jnE=
=a9fz
-----END PGP SIGNATURE-----
--- Begin Message --- 
Hi Uli,

I'm sorry to send this to you, but I can't post to libc-hacker.  I am 
subscribed as scottb@netwinder.org, but can no longer send mail via 
netwinder.org.  I can only send via my account sbambrough@storm.ca.

Could you post this for me please.

Thanks,

Scott Bambrough

I'm trying to build glibc on my NetWinder and am running into a memory 
violation in glibc when running rpcgen during the build of the others 
target in the sunrpc directory.

I'm trying to build glibc from CVS using the following tools:

This is the kernel I'm using:
Linux newton 2.2.17-20001122 #1 Thu Dec 7 20:24:15 EST 2000 armv4l
unknown

This is the binutils I'm using:
binutils-2.13.90.0.2-2.src.rpm

This is the compiler I'm using:
Reading specs from /usr/lib/gcc-lib/armv4l-unknown-linux-gnu/3.3/specs
Configured with: ../mainline/configure --prefix=/usr --enable-shared
--with-cpu=strongarm : (reconfigured)
Thread model: posix
gcc version 3.3 20020918 (experimental)

I'm building the glibc mainline and I get the following error:

CPP='gcc -E -x c-header'  /home/cvs/libc-build/elf/ld-linux.so.2
--library-path
/home/cvs/libc-build:/home/cvs/libc-build/math:/home/cvs/libc-build/elf:/home/cvs/libc-build/dlfcn:/home/cvs/libc-build/nss:/home/cvs/libc-build/nis:/home/cvs/libc-build/rt:/home/cvs/libc-build/resolv:/home/cvs/libc-build/crypt:/home/cvs/libc-build/linuxthreads
/home/cvs/libc-build/sunrpc/rpcgen -Y ../scripts -c
rpcsvc/bootparam_prot.x
-o /home/cvs/libc-build/sunrpc/xbootparam_prot.T
ld-linux.so.2: memory violation at pc=0x40018cac, lr=0x2aab5984 (bad
address=0x01845840, code 2)
make[2]: *** [/home/cvs/libc-build/sunrpc/xbootparam_prot.stmp]
Segmentation
fault
make[2]: Leaving directory `/home/cvs/libc/sunrpc'
make[1]: *** [sunrpc/others] Error 2
make[1]: Leaving directory `/home/cvs/libc'
make: *** [all] Error 2

I can reduce the above command to the following:

 LD_DEBUG=all ./elf/ld-linux.so.2 --library-path . sunrpc/rpcgen -Y
../scripts -c rpcsvc/bootparam_prot.x -o sunrpc/xbootparam_prot.T

This is a fragment of the output from ld.so and the kernel:
04628:  relocation processing: ./elf/ld-linux.so.2
04628:  symbol=_dl_starting_up;  lookup in file=sunrpc/rpcgen
04628:  symbol=_dl_starting_up;  lookup in file=./libc.so.6
04628:  symbol=_dl_starting_up;  lookup in file=./elf/ld-linux.so.2

17343:  symbol=free;  lookup in file=sunrpc/rpcgen
17343:  symbol=free;  lookup in file=./libc.so.6
17343:  symbol=free;  lookup in file=./elf/ld-linux.so.2
17343:  binding file ./elf/ld-linux.so.2 to ./libc.so.6: normal symbol
`free' [GLIBC_2.0]
17343:
17343:  calling init: ./libc.so.6
17343:
ld-linux.so.2: memory violation at pc=0x40018cac, lr=0x2aab5984 (bad
address=0x01845840, code 2)
Segmentation fault

The following is a fragment of the disassembly dump of libc.so showing 
the area where the memory violation occurs.

objdump -S --disassemble-all -M reg-names-gcc --adjust-vma=0x40001000
./libc.so.6 | less

The following is a fragment of the output from the above command.

Disassembly of section .text:

40018c68:	e8bd8410 	ldmia	sp!, {r4, sl, pc}
40018c6c:	00101d0c 	andeqs	r1, r0, ip, lsl #26
40018c70:	ffffffec 	swinv	0x00ffffec
40018c74:	ffffff08 	swinv	0x00ffff08
40018c78:	00001744 	andeq	r1, r0, r4, asr #14
40018c7c:	00000000 	andeq	r0, r0, r0
40018c80:	e92d4470 	stmdb	sp!, {r4, r5, r6, sl, lr}
40018c84:	e59fa09c 	ldr	sl, [pc, #156]	; 40018d28
<__bss_end__+0x3fef93b0>
40018c88:	e08fa00a 	add	sl, pc, sl
40018c8c:	e1a04000 	mov	r4, r0
40018c90:	e1a05001 	mov	r5, r1
40018c94:	e1a06002 	mov	r6, r2
40018c98:	e59f308c 	ldr	r3, [pc, #140]	; 40018d2c
<__bss_end__+0x3fef93b4>
40018c9c:	e79a3003 	ldr	r3, [sl, r3]
40018ca0:	e3a02000 	mov	r2, #0	; 0x0
40018ca4:	e1530002 	cmp	r3, r2
40018ca8:	0a000002 	beq	40018cb8 <__bss_end__+0x3fef9340>
40018cac:	e5933000 	ldr	r3, [r3]
40018cb0:	e1530002 	cmp	r3, r2
40018cb4:	03a02001 	moveq	r2, #1	; 0x1
40018cb8:	e59f3070 	ldr	r3, [pc, #112]	; 40018d30
<__bss_end__+0x3fef93b8>

The memory violation is in the function init in 
sysdeps/unix/sysv/linux/init-first.c.

static void
init (int argc, char **argv, char **envp)
{
#ifdef USE_NONOPTION_FLAGS
  extern void __getopt_clean_environment (char **);
#endif
  /* The next variable is only here to work around a bug in gcc <=
2.7.2.2.
     If the address would be taken inside the expression the optimizer
     would try to be too smart and throws it away.  Grrr.  */
  int *dummy_addr = &_dl_starting_up;

  __libc_multiple_libcs = dummy_addr && !_dl_starting_up;

The memory violation occurs when evaluating the above conditional
expression. This is the assembler code for init using -save-temps 
when compiling init-first.c with some comments added by me:
 
	.text
	.align	2
	.type	init, function
init:
.LFB20:
.LM1:
	@ args = 0, pretend = 0, frame = 0
	@ frame_needed = 0, uses_anonymous_args = 0
	stmfd	sp!, {r4, r5, r6, sl, lr}
.LCFI0:
	ldr	sl, .L6
.L5:
	add	sl, pc, sl
	mov	r4, r0		@argc
	mov	r5, r1		@argv
	mov	r6, r2		@envp
.LM2:
.LBB2:
	ldr	r3, .L6+4	@r3 = dummy_addr
	ldr	r3, [sl, r3]	@dummy_addr = &_dl_starting_up
	@at this point r3 = 0x01845840
.LM3:
	mov	r2, #0
	cmp	r3, r2		@is dummy_addr == 0, 
	@r3 = 0x01845840, so attempt to get value of _dl_starting_up
	beq	.L2
	ldr	r3, [r3, #0]	@load value of _dl_starting_up into r3
	@r3 = 0x01845840, which is invalid address, memory violation
	cmp	r3, r2		@is _dl_starting_up == 0
	moveq	r2, #1		@dummy_addr && !_dl_starting_up	is true
.L2:
	ldr	r3, .L6+8	@get __libc_multiple_libcs
	ldr	r3, [sl, r3]
	str	r2, [r3, #0]	@save expression value
.LM4:
	cmp	r2, #0
	bne	.L3
.LM5:
	ldr	r3, .L6+12	@__fpu_control
	ldr	r3, [sl, r3]
	ldr	r0, [r3, #0]
	ldr	r3, .L6+16	@_rtld_global
	ldr	r3, [sl, r3]
	ldr	r3, [r3, #96]
	cmp	r0, r3
.LM6:
	blne	__setfpucw(PLT)
.L3:
.LM7:
	ldr	r3, .L6+20	@__libc_argc
	ldr	r3, [sl, r3]
	str	r4, [r3, #0]
.LM8:
	ldr	r3, .L6+24	@__libc_argv
	ldr	r3, [sl, r3]
	str	r5, [r3, #0]
.LM9:
	ldr	r3, .L6+28	@__environ
	ldr	r3, [sl, r3]
	str	r6, [r3, #0]
.LM10:
	mov	r0, r4
	mov	r1, r5
	mov	r2, r6
	bl	__init_misc(PLT)
.LM11:
	bl	__libc_global_ctors(PLT)
.LM12:
	ldmfd	sp!, {r4, r5, r6, sl, pc}
.L7:
	.align	2
.L6:
	.word	_GLOBAL_OFFSET_TABLE_-(.L5+8)
	.word	_dl_starting_up(GOT)
	.word	__libc_multiple_libcs(GOT)
	.word	__fpu_control(GOT)
	.word	_rtld_global(GOT)
	.word	__libc_argc(GOT)
	.word	__libc_argv(GOT)
	.word	__environ(GOT)
.LBE2:
.LFE20:
	.size	init, .-init

The problem seems to be the value for the address of _dl_starting_up 
in the GOT is incorrect, and I'm not sure why.  The only obvious 
difference I can see between a working glibc (2.1.3) is the visibility 
of _dl_starting_up has changed to HIDDEN.

I could use some advice on how to proceed further.

Scott
--- End Message ---
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]