This is the mail archive of the crossgcc@sourceware.org mailing list for the crossgcc project.

See the CrossGCC FAQ for lots more information.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

SIGSEGV after infinite recursion in __vfprintf_chk?


Hi,

I'm trying to set up a build environment from scratch for Beagle board
(Cortex A8, http://elinux.org/BeagleBoard) with crosstool-NG 1.6.0.
I'm stuck at a problem that seems toolchain-related.

Sympthom: most programs (but not all) end with a segmentation fault.
Details follow.

I configured CT-NG to build the arm-cortex_a8-linux-gnueabi (glibc)
toolchain and used it to build:
- barebox
- U-boot
- Linux
  (git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6.git)

and they work without any problem as far as I could test them.

Then I set up a minimal root filesystem by means of buildroot and busybox,
using on the same toolchain, but I get "Segmentation fault" when I try to do
almost anything except logging in, "cat <file>", pwd and cd.

So I wrote a minimal C program and run it through CT-NG's gdb (which luckily
does not segfault!), and it seems it infinitely recurses in
__vfprintf_chk(). SIGSEGV comes immediately after.

I'm not sure which details might be useful, so I'll paste a clean gdb
session for now. The target file is statically compiled.

It could be worth saying that CT-NG uses by default Linux headers from
2.6.31.12, while my kernel is the OMAP fork, derived from 2.6.32.
I also tried to configure CT-NG to use the 2.6.32 headers, without
noticeable difference.

Anybody can suggest in which direction I should investigate?
Thank you in advance.

Luca Ceresoli


--------------8<---------------

# /bin/hw_s
Hello, world!
Hello again.
Segmentation fault
# /usr/bin/gdb /bin/hw_s


dlopen failed on 'libthread_db.so.1' - libthread_db.so.1: cannot open shared object file: No such file or directory
GDB will not be able to debug pthreads.

GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-cortex_a8-linux-gnueabi"...

(gdb) break main
Breakpoint 1 at 0x8260: file hw.c, line 7.
(gdb) break printf
Breakpoint 2 at 0x8fe8
(gdb) break __vfprintf_chk
Breakpoint 3 at 0x14c5c
(gdb) run
Starting program: /bin/hw_s 

Breakpoint 1, main () at hw.c:7
7	  FILE *f = 0xabcd;
(gdb) list
2	#include <stdio.h>
3	#include <mntent.h>
4	
5	int main(void)
6	{
7	  FILE *f = 0xabcd;
8	  int number = 123;
9	
10	  printf("Hello, world!\n");
11	  sleep(1);
(gdb) 
12	  printf("Hello again.\n");
13	  printf("number = %d\n", number);    <<-- SIGSEGV HERE!!!!
14	  printf("f = %p\n", f);              <<-- Never reaches this line
15	
16	  /*  printf("f = %p\n", f);*/
17	  printf("Now call setmntent()...\n");
18	  sleep(1);
19	  f = setmntent("/proc/mounts", "r");
20	  /*  printf("f = %p\n", f);*/
21	
(gdb) 
22	  return 0;
23	}
(gdb) cont
Continuing.
Hello, world!
Hello again.

Breakpoint 2, 0x00008fe8 in printf ()
(gdb) bt full
#0  0x00008fe8 in printf ()
No symbol table info available.
#1  0x000082a4 in main () at hw.c:13
	f = (FILE *) 0xabcd
	number = 123
(gdb) cont
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) bt full
#0  0x00014c5c in __vfprintf_chk ()
No symbol table info available.
#1  0x00009014 in printf ()
No symbol table info available.
#2  0x000082a4 in main () at hw.c:13
	f = (FILE *) 0xabcd
	number = 123
(gdb) disas
Dump of assembler code for function __vfprintf_chk:
0x00014c5c <__vfprintf_chk+0>:	push	{r4, r5, r6, r7, r8, r9, r10, lr}
0x00014c60 <__vfprintf_chk+4>:	ldr	r4, [r0]
0x00014c64 <__vfprintf_chk+8>:	mov	r5, r0
0x00014c68 <__vfprintf_chk+12>:	mov	r7, r1
0x00014c6c <__vfprintf_chk+16>:	ands	r4, r4, #32768	; 0x8000
0x00014c70 <__vfprintf_chk+20>:	mov	r8, r2
0x00014c74 <__vfprintf_chk+24>:	mov	r10, r3
0x00014c78 <__vfprintf_chk+28>:	bne	0x14ce0 <__vfprintf_chk+132>
0x00014c7c <__vfprintf_chk+32>:	ldr	r6, [r0, #72]
0x00014c80 <__vfprintf_chk+36>:	bl	0x8a10 <__aeabi_read_tp>
0x00014c84 <__vfprintf_chk+40>:	sub	r9, r0, #1184	; 0x4a0
0x00014c88 <__vfprintf_chk+44>:	ldr	r3, [r6, #8]
0x00014c8c <__vfprintf_chk+48>:	cmp	r3, r9
0x00014c90 <__vfprintf_chk+52>:	beq	0x14cd4 <__vfprintf_chk+120>
0x00014c94 <__vfprintf_chk+56>:	mov	r1, #1	; 0x1
0x00014c98 <__vfprintf_chk+60>:	mov	r2, r6
0x00014c9c <__vfprintf_chk+64>:	ldr	r3, [r2]
0x00014ca0 <__vfprintf_chk+68>:	cmp	r3, r4
0x00014ca4 <__vfprintf_chk+72>:	bne	0x14cc0 <__vfprintf_chk+100>
0x00014ca8 <__vfprintf_chk+76>:	mov	r0, r4
0x00014cac <__vfprintf_chk+80>:	mvn	r3, #61440	; 0xf000
0x00014cb0 <__vfprintf_chk+84>:	mov	lr, pc
0x00014cb4 <__vfprintf_chk+88>:	sub	pc, r3, #63	; 0x3f
0x00014cb8 <__vfprintf_chk+92>:	bcc	0x14c9c <__vfprintf_chk+64>
0x00014cbc <__vfprintf_chk+96>:	mov	r3, r4
0x00014cc0 <__vfprintf_chk+100>:cmp	r3, #0	; 0x0
0x00014cc4 <__vfprintf_chk+104>:bne	0x14db4 <__vfprintf_chk+344>
0x00014cc8 <__vfprintf_chk+108>:ldr	r3, [r5, #72]
0x00014ccc <__vfprintf_chk+112>:mov	r6, r3
0x00014cd0 <__vfprintf_chk+116>:str	r9, [r3, #8]
0x00014cd4 <__vfprintf_chk+120>:ldr	r3, [r6, #4]
0x00014cd8 <__vfprintf_chk+124>:add	r3, r3, #1	; 0x1
0x00014cdc <__vfprintf_chk+128>:str	r3, [r6, #4]
0x00014ce0 <__vfprintf_chk+132>:cmp	r7, #0	; 0x0
0x00014ce4 <__vfprintf_chk+136>:mov	r2, r8
0x00014ce8 <__vfprintf_chk+140>:mov	r0, r5
0x00014cec <__vfprintf_chk+144>:mov	r1, #1	; 0x1
0x00014cf0 <__vfprintf_chk+148>:ldrgt	r3, [r5, #60]
0x00014cf4 <__vfprintf_chk+152>:orrgt	r3, r3, #4	; 0x4
0x00014cf8 <__vfprintf_chk+156>:strgt	r3, [r5, #60]
0x00014cfc <__vfprintf_chk+160>:mov	r3, r10
0x00014d00 <__vfprintf_chk+164>:bl	0x14c5c <__vfprintf_chk>
0x00014d04 <__vfprintf_chk+168>:cmp	r7, #0	; 0x0
0x00014d08 <__vfprintf_chk+172>:mov	r8, r0
0x00014d0c <__vfprintf_chk+176>:ldrle	r3, [r5, #60]
0x00014d10 <__vfprintf_chk+180>:ldrgt	r3, [r5, #60]
0x00014d14 <__vfprintf_chk+184>:bicgt	r3, r3, #4	; 0x4
0x00014d18 <__vfprintf_chk+188>:strgt	r3, [r5, #60]
0x00014d1c <__vfprintf_chk+192>:ldr	r2, [r5]
0x00014d20 <__vfprintf_chk+196>:bic	r3, r3, #20	; 0x14
0x00014d24 <__vfprintf_chk+200>:str	r3, [r5, #60]
0x00014d28 <__vfprintf_chk+204>:tst	r2, #32768	; 0x8000
0x00014d2c <__vfprintf_chk+208>:bne	0x14d90 <__vfprintf_chk+308>
0x00014d30 <__vfprintf_chk+212>:ldr	r6, [r5, #72]
0x00014d34 <__vfprintf_chk+216>:ldr	r3, [r6, #4]
0x00014d38 <__vfprintf_chk+220>:sub	r3, r3, #1	; 0x1
0x00014d3c <__vfprintf_chk+224>:str	r3, [r6, #4]
0x00014d40 <__vfprintf_chk+228>:cmp	r3, #0	; 0x0
0x00014d44 <__vfprintf_chk+232>:bne	0x14d90 <__vfprintf_chk+308>
0x00014d48 <__vfprintf_chk+236>:str	r3, [r6, #8]
0x00014d4c <__vfprintf_chk+240>:ldr	r5, [r6]
0x00014d50 <__vfprintf_chk+244>:mov	r1, #0	; 0x0
0x00014d54 <__vfprintf_chk+248>:mov	r2, r6
0x00014d58 <__vfprintf_chk+252>:mov	r4, r5
0x00014d5c <__vfprintf_chk+256>:ldr	r3, [r2]
0x00014d60 <__vfprintf_chk+260>:cmp	r3, r4
0x00014d64 <__vfprintf_chk+264>:bne	0x14d80 <__vfprintf_chk+292>
0x00014d68 <__vfprintf_chk+268>:mov	r0, r4
0x00014d6c <__vfprintf_chk+272>:mvn	r3, #61440	; 0xf000
0x00014d70 <__vfprintf_chk+276>:mov	lr, pc
0x00014d74 <__vfprintf_chk+280>:sub	pc, r3, #63	; 0x3f
0x00014d78 <__vfprintf_chk+284>:bcc	0x14d5c <__vfprintf_chk+256>
0x00014d7c <__vfprintf_chk+288>:mov	r3, r4
0x00014d80 <__vfprintf_chk+292>:cmp	r5, r3
0x00014d84 <__vfprintf_chk+296>:bne	0x14d4c <__vfprintf_chk+240>
0x00014d88 <__vfprintf_chk+300>:cmp	r5, #1	; 0x1
0x00014d8c <__vfprintf_chk+304>:bgt	0x14d98 <__vfprintf_chk+316>
0x00014d90 <__vfprintf_chk+308>:mov	r0, r8
0x00014d94 <__vfprintf_chk+312>:pop	{r4, r5, r6, r7, r8, r9, r10, pc}
0x00014d98 <__vfprintf_chk+316>:mov	r3, r1
0x00014d9c <__vfprintf_chk+320>:mov	r0, r6
0x00014da0 <__vfprintf_chk+324>:mov	r2, #1	; 0x1
0x00014da4 <__vfprintf_chk+328>:add	r1, r1, #129	; 0x81
0x00014da8 <__vfprintf_chk+332>:mov	r7, #240	; 0xf0
0x00014dac <__vfprintf_chk+336>:svc	0x00000000
0x00014db0 <__vfprintf_chk+340>:b	0x14d90 <__vfprintf_chk+308>
0x00014db4 <__vfprintf_chk+344>:mov	r0, r6
0x00014db8 <__vfprintf_chk+348>:bl	0x143f0 <__lll_lock_wait_private>
0x00014dbc <__vfprintf_chk+352>:b	0x14cc8 <__vfprintf_chk+108>
0x00014dc0 <__vfprintf_chk+356>:ldr	r3, [r5]
0x00014dc4 <__vfprintf_chk+360>:mov	r8, r0
0x00014dc8 <__vfprintf_chk+364>:ldr	r2, [r5, #60]
0x00014dcc <__vfprintf_chk+368>:tst	r3, #32768	; 0x8000
0x00014dd0 <__vfprintf_chk+372>:bic	r3, r2, #20	; 0x14
0x00014dd4 <__vfprintf_chk+376>:str	r3, [r5, #60]
0x00014dd8 <__vfprintf_chk+380>:bne	0x14e54 <__vfprintf_chk+504>
0x00014ddc <__vfprintf_chk+384>:ldr	r6, [r5, #72]
0x00014de0 <__vfprintf_chk+388>:ldr	r3, [r6, #4]
0x00014de4 <__vfprintf_chk+392>:sub	r3, r3, #1	; 0x1
0x00014de8 <__vfprintf_chk+396>:str	r3, [r6, #4]
0x00014dec <__vfprintf_chk+400>:cmp	r3, #0	; 0x0
0x00014df0 <__vfprintf_chk+404>:bne	0x14e54 <__vfprintf_chk+504>
0x00014df4 <__vfprintf_chk+408>:str	r3, [r6, #8]
0x00014df8 <__vfprintf_chk+412>:ldr	r5, [r6]
0x00014dfc <__vfprintf_chk+416>:mov	r1, #0	; 0x0
0x00014e00 <__vfprintf_chk+420>:mov	r2, r6
0x00014e04 <__vfprintf_chk+424>:mov	r4, r5
0x00014e08 <__vfprintf_chk+428>:ldr	r3, [r2]
0x00014e0c <__vfprintf_chk+432>:cmp	r3, r4
0x00014e10 <__vfprintf_chk+436>:bne	0x14e2c <__vfprintf_chk+464>
0x00014e14 <__vfprintf_chk+440>:mov	r0, r4
0x00014e18 <__vfprintf_chk+444>:mvn	r3, #61440	; 0xf000
0x00014e1c <__vfprintf_chk+448>:mov	lr, pc
0x00014e20 <__vfprintf_chk+452>:sub	pc, r3, #63	; 0x3f
0x00014e24 <__vfprintf_chk+456>:bcc	0x14e08 <__vfprintf_chk+428>
0x00014e28 <__vfprintf_chk+460>:mov	r3, r4
0x00014e2c <__vfprintf_chk+464>:cmp	r5, r3
0x00014e30 <__vfprintf_chk+468>:bne	0x14df8 <__vfprintf_chk+412>
0x00014e34 <__vfprintf_chk+472>:cmp	r5, #1	; 0x1
0x00014e38 <__vfprintf_chk+476>:ble	0x14e54 <__vfprintf_chk+504>
0x00014e3c <__vfprintf_chk+480>:mov	r3, r1
0x00014e40 <__vfprintf_chk+484>:mov	r0, r6
0x00014e44 <__vfprintf_chk+488>:mov	r2, #1	; 0x1
0x00014e48 <__vfprintf_chk+492>:add	r1, r1, #129	; 0x81
0x00014e4c <__vfprintf_chk+496>:mov	r7, #240	; 0xf0
0x00014e50 <__vfprintf_chk+500>:svc	0x00000000
0x00014e54 <__vfprintf_chk+504>:mov	r0, r8
0x00014e58 <__vfprintf_chk+508>:bl	0x61de0 <___Unwind_Resume>
End of assembler dump.

(gdb) cont
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) bt
#0  0x00014c5c in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00009014 in printf ()
#3  0x000082a4 in main () at hw.c:13
(gdb) c
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) bt
#0  0x00014c5c in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00014d04 in __vfprintf_chk ()
#3  0x00009014 in printf ()
#4  0x000082a4 in main () at hw.c:13
(gdb) c
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) bt
#0  0x00014c5c in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00014d04 in __vfprintf_chk ()
#3  0x00014d04 in __vfprintf_chk ()
#4  0x00009014 in printf ()
#5  0x000082a4 in main () at hw.c:13
(gdb) c
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) bt
#0  0x00014c5c in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00014d04 in __vfprintf_chk ()
#3  0x00014d04 in __vfprintf_chk ()
#4  0x00014d04 in __vfprintf_chk ()
#5  0x00009014 in printf ()
#6  0x000082a4 in main () at hw.c:13
(gdb) break *0x00014d04
Breakpoint 4 at 0x14d04
(gdb) cont
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) 
Continuing.

Breakpoint 3, 0x00014c5c in __vfprintf_chk ()
(gdb) break *0x00014d00
Breakpoint 5 at 0x14d00
(gdb) cont
Continuing.

Breakpoint 5, 0x00014d00 in __vfprintf_chk ()
(gdb) bt
#0  0x00014d00 in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00014d04 in __vfprintf_chk ()
#3  0x00014d04 in __vfprintf_chk ()
#4  0x00014d04 in __vfprintf_chk ()
#5  0x00014d04 in __vfprintf_chk ()
#6  0x00014d04 in __vfprintf_chk ()
#7  0x00009014 in printf ()
#8  0x000082a4 in main () at hw.c:13
(gdb) info registers
r0             0x83118	536856
r1             0x1	1
r2             0x6339c	406428
r3             0xbef95c3c	3204013116
r4             0x0	0
r5             0x83118	536856
r6             0x8400c	540684
r7             0x1	1
r8             0x6339c	406428
r9             0x85000	544768
r10            0xbef95c3c	3204013116
r11            0xbef95c54	3204013140
r12            0xbef95c3c	3204013116
sp             0xbef95b48	0xbef95b48
lr             0x14c84	85124
pc             0x14d00	0x14d00 <__vfprintf_chk+164>
fps            0x1001000	16781312
cpsr           0x20000010	536870928

(gdb) clear __vfprintf_chk
Deleted breakpoint 3 
(gdb) clear *0x14d00
Deleted breakpoint 5 
(gdb) cont
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x00014c5c in __vfprintf_chk ()
(gdb) bt
#0  0x00014c5c in __vfprintf_chk ()
#1  0x00014d04 in __vfprintf_chk ()
#2  0x00014d04 in __vfprintf_chk ()
#3  0x00014d04 in __vfprintf_chk ()
#4  0x00014d04 in __vfprintf_chk ()
#5  0x00014d04 in __vfprintf_chk ()
#6  0x00014d04 in __vfprintf_chk ()

...and, after some time...

#120383 0x00014d04 in __vfprintf_chk ()
#120384 0x00014d04 in __vfprintf_chk ()
#120385 0x00014d04 in __vfprintf_chk ()
#120386 0xgdb invoked oom-killer: gfp_mask=0x200da, order=0, oom_adj=0
00014d04 in __vfprintf_chk ()
#[<c002d3b0>] (unwind_backtrace+0x0/0xd8) from [<c007c6f4>] (T.278+0x3c/0x108)

...

#120427 0x00014d04 in __vfprintf_chk ()
#120428 0x00014d04 in __vfprintf_chk ()
Killed
# 




--
For unsubscribe information see http://sourceware.org/lists.html#faq


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]