this only happens with _syscall6, all other _syscall* work fine. And only with x86, works fine under amd64. I think there is something wrong with the unistd.h-i386-pic.patch applied to the linux-headers. see attached test case. Reproducible: Always Steps to Reproduce: 1. gcc -fPIC -o test test.c 2. ./test Actual Results: ~ $ ./test Segmentation fault Expected Results: it shouldnt segfault ;) Gentoo Base System version 1.6.12 Portage 2.0.51.22-r1 (default-linux/x86/2005.0, gcc-3.4.4, glibc-2.3.5-r0, 2.6.12-gentoo-r5 i686) ================================================================= System uname: 2.6.12-gentoo-r5 i686 AMD Athlon(tm) 64 Processor 3200+ dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.10 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.18-r1 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=athlon-xp -msse -msse2 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=athlon-xp -msse -msse2 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig candy distlocks sandbox sfperms strict" GENTOO_MIRRORS="ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X a52 aac alsa apm audiofile avi bash-completion berkdb bitmap-fonts bzip2 crypt cscope dts dvd emboss encode ffmpeg flac foomaticdb gdbm gif glut gtk gtk2 imlib java jpeg kde lcms libg++ libwww mad mikmod mng motif mozilla mp3 mpeg ncurses nls nptl ogg oggvorbis opengl pam pcre pdflib perl png python qt quicktime readline sdl spell ssl tcltk tcpd truetype truetype-fonts type1-fonts v4l vcd vim-with-x vorbis xml2 xmms xv xvid zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTDIR_OVERLAY
Created attachment 64586 [details, diff] testcase
hmm looking at the assembler output its quite obvious that it couldnt work: futex: pushl %ebp movl %esp, %ebp pushl %edi pushl %esi pushl %ebx subl $12, %esp call __i686.get_pc_thunk.bx addl $_GLOBAL_OFFSET_TABLE_, %ebx movl 12(%ebp), %ecx // get param #2 movl 16(%ebp), %edx // get param #3 movl 20(%ebp), %esi // get param #4 movl 24(%ebp), %edi // get param #5 movl 28(%ebp), %eax // get param #6 #APP pushl %ebp // save ebp movl %eax,%ebp // put param #6 in ebp !!!! movl $240,%eax // syscall number pushl %ebx // save GOT movl 8(%ebp),%ebx // get param #2 <--- segfault int $0x80 popl %ebx popl %ebp it segfaults when trying to get param #2 because ebp was just overwritten 3 instructions above. i attach a patch for the unistd.h file
Created attachment 64587 [details, diff] fix for syscall6 with PIC
> pushl %ebx // save GOT > movl 8(%ebp),%ebx // get param #2 <---segfault ^^^^^^^^^^ that's param #1 of course
Note: This is for linux-headers-2.4.22 presumably, the 2.6 headers don't have this code. solar, you added the patch, can you have a look at this please?
Lets reassign this to kevin quinn who provided the initial patch
Ahh; took me a few minutes to get what's happening, but Peter is right, and the patch is indeed broken on both the 2.4 and 2.6 headers. Good catch, Peter. When the compiler inserts the asm code, '%2' gets replaced with whatever the calling code has as a reference for the parameter; if this happens to be an offset from %%ebp (e.g. local data or parameter of the function that invokes the macro) then since ebp has been modified by its use to store %%eax, it all goes pear-shaped. It's only syscall6 that's affected, because it's the only one that save/restores ebp (something the original code did). I'll rework the unistd patch as Peter suggested and submit to this bug in a short while.
Created attachment 64718 [details, diff] reworked patch for unistd.h resolving syscall6 bug This was made against 2.6.11 - it applies against 2.4.22 with a bit of offset & fuzz. It's a replacement for the old patch, rather than a patch on the patch (!). Tim, if you want me to make the patch up another way, let me know (I notice on 2.6 it's merged into 2.6.11-appCompat.patch in the gentoo-headers-2.6.11-4 tarball).
is there still anything missing and preventing the patch from being applied?
My guess is kevin is waiting for feedback from you on how well the patch is working out.
Maybe I should have re-assigned this a while ago. Tim, as far as I'm concerned this should go in, both to 2.4 and 2.6 kernel headers. If you want me to work anything up for you, let me know - but it's probably easiest to apply the change in Peter's patch to your existing patchsets - move: + "movl %%eax,%%ebp\n\t" \ + "movl %1,%%eax\n\t" \ down a couple of lines so that they're immediately prior to: + "int $0x80\n\t" \ in the syscall6 patch.
I think spanky may of gotten this one fixed up today. (or said he would)
added the first patch to cvs as obvious
Fixed in 2.6.11-r3, thanks!