Matt reports 'top' crashes at start on mipsn32 (BE). I've reproduced it on qemu-mipsn32 as: ``` Program received signal SIGSEGV, Segmentation fault. 0x408cb908 in _dlerror_run (operate=operate@entry=0x408cadf0 <dlopen_doit>, args=args@entry=0x407feb28) at dlerror.c:163 163 result->errcode = _dl_catch_error (&result->objname, &result->errstring, (gdb) bt #0 0x408cb908 in _dlerror_run (operate=operate@entry=0x408cadf0 <dlopen_doit>, args=args@entry=0x407feb28) at dlerror.c:163 #1 0x408caf4c in __dlopen (file=file@entry=0x10012d58 "libnuma.so", mode=mode@entry=1) at dlopen.c:87 #2 0x1000306c in before (me=0x407ff382 "/usr/mips64-unknown-linux-gnu/usr/bin/top") at top/top.c:3308 #3 0x10001a10 in main (dont_care_argc=<optimized out>, argv=0x407ff1a4) at top/top.c:5721 ``` glibc-master does not SIGSEGV anymore, but I think it's a coincidence as SIGSEGV disappeared after the following commit (after 2.26): https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2449ae7b2da24c9940962304a3e44bc80e389265 Minimal reproducer is: ``` // $ mips64-unknown-linux-gnu-gcc -Wall -ggdb3 a.c -ldl -o a && ./a #include <dlfcn.h> int main() { dlopen ("libdoes-not-exist.so", RTLD_LAZY); return 0; } ``` I'm crashing it in qemu as: $ qemu-mipsn32 -L /home/slyfox/tmp/ ./elf/ld.so --library-path .:./dlfcn/ /tmp/a The crash looks complicated as it involves TLS, setjmp(), longjmp(), storing a bunch of pointers on stack and things like that. In gentoo crash was introduced when glibc enable stack protection by default in 2.25+. The plan is to disable stack protection on mips (as we do on powerpc: bug #629054) and figure out what exactly breaks in this scenario. Chances are it's another case of bad code generated by gcc.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b14c692fa08dc7bc53a81d32d36ddb1231769040 commit b14c692fa08dc7bc53a81d32d36ddb1231769040 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2017-12-05 22:19:47 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2017-12-06 22:15:25 +0000 sys-libs/glibc: disable stack protection by default on mips* targets Otherwise dlopen() crashes (found on 'top' from 'procps' package). Original backtrace from qemu-mipsn32 (fails the same way on native host): ``` Program received signal SIGSEGV, Segmentation fault. 0x408cb908 in _dlerror_run (operate=operate@entry=0x408cadf0 <dlopen_doit>, args=args@entry=0x407feb28) at dlerror.c:163 163 result->errcode = _dl_catch_error (&result->objname, &result->errstring, (gdb) bt #0 0x408cb908 in _dlerror_run (operate=operate@entry=0x408cadf0 <dlopen_doit>, args=args@entry=0x407feb28) at dlerror.c:163 #1 0x408caf4c in __dlopen (file=file@entry=0x10012d58 "libnuma.so", mode=mode@entry=1) at dlopen.c:87 #2 0x1000306c in before (me=0x407ff382 "/usr/mips64-unknown-linux-gnu/usr/bin/top") at top/top.c:3308 #3 0x10001a10 in main (dont_care_argc=<optimized out>, argv=0x407ff1a4) at top/top.c:5721 ``` Reported-by: Matt Turner Bug: https://bugs.gentoo.org/640130 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> eclass/toolchain-glibc.eclass | 5 +++++ sys-libs/glibc/glibc-2.26-r3.ebuild | 5 +++++ sys-libs/glibc/glibc-9999.ebuild | 5 +++++ 3 files changed, 15 insertions(+)}
> The plan is to disable stack protection on mips (as we do on powerpc: bug > #629054) and figure out what exactly breaks in this scenario. > > Chances are it's another case of bad code generated by gcc. I'll assign it to myself in hopes i'll be able to finish it.
Found the real bug and and the fix (upstream is still affected): diff --git a/sysdeps/mips/mips64/setjmp_aux.c b/sysdeps/mips/mips64/setjmp_aux.c index b43c36a7d5..108af4aa84 100644 --- a/sysdeps/mips/mips64/setjmp_aux.c +++ b/sysdeps/mips/mips64/setjmp_aux.c @@ -25,6 +25,7 @@ access them in C. */ int +inhibit_stack_protector __sigsetjmp_aux (jmp_buf env, int savemask, long long sp, long long fp, long long gp) { Tl;DR: setjmp()/sigsetjmp() does not save callee-save 's0' register because -fstack-protector=all corrupts 's0' right before actual store happens. Will write a bit more details how exactly breakage happens and will send patch upstream.
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22624 Proposed patch: https://sourceware.org/ml/libc-alpha/2017-12/msg00527.html Gory details of debug log: http://trofi.github.io/posts/205-stack-protection-on-mips64.html Once the change is upstreamed and cherry-picked into gentoo we can try again by reverting https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b14c692fa08dc7bc53a81d32d36ddb1231769040 on revbumped glibc.
Queued the follofing two upstream patches: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c85c564d1442f0bc09a6c80fca025f004e12d044 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=368b6c8da9f8ae453f5d70f8a62dbf3f1b6d5995 for next glibc 2.25 and 2.26 patchsets https://github.com/gentoo/glibc/commits/gentoo/2.25 https://github.com/gentoo/glibc/commits/gentoo/2.26
Fixed in 2.25-r10
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=174f19e7da9273e42144bf59488318850ef095df commit 174f19e7da9273e42144bf59488318850ef095df Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-01-21 10:37:31 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-01-21 10:37:31 +0000 sys-libs/glibc: reenable stack protection on mips, bug #640130 mips and mips64 were fixed upstream in https://sourceware.org/PR22624 Bug: https://sourceware.org/PR22624 Closes: https://bugs.gentoo.org/640130 Package-Manager: Portage-2.3.19, Repoman-2.3.6 sys-libs/glibc/glibc-2.26-r5.ebuild | 5 ----- sys-libs/glibc/glibc-9999.ebuild | 5 ----- 2 files changed, 10 deletions(-)
