Debian Bug report logs - #548842
libc6: alignment error in /lib/ld-linux.so.3 on armel

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libc6: alignment error in /lib/ld-linux.so.3 on armel
Date: Mon, 28 Sep 2009 23:34:06 -0400

Package: libc6
Version: 2.9-25
Severity: normal

I'm running alsaplayer on an armel platform, using the -text frontend 
and the -alsa output.  I've configured my armel machine to send a SIGBUS
to any process which makes an alignment error by doing this:

 echo 5 > /proc/cpu/alignment

when i launch the player (compiled with debug symbols), even before it 
gets to main() i get the SIGBUS.

Here's the backtrace i see with libc6-dbg installed:

(gdb) bt
#0  elf_machine_rel (scope=0x4001e1a0, lazy=1, consider_profiling=0) at ../ports/sysdeps/arm/dl-machine.h:429
#1  elf_dynamic_do_rel (scope=0x4001e1a0, lazy=1, consider_profiling=0) at do-rel.h:120
#2  _dl_relocate_object (scope=0x4001e1a0, lazy=1, consider_profiling=0) at dl-reloc.c:266
#3  0x400039bc in dl_main (phdr=0x8034, phnum=8, user_entry=0xbe98257c) at rtld.c:2231
#4  0x40015110 in _dl_sysdep_start (start_argptr=<value optimized out>, dl_main=0x400021d8 <dl_main>) at ../elf/dl-sysdep.c:239
#5  0x40000cd0 in _dl_start_final (arg=0xbe982870, info=0xbe9825f8) at rtld.c:332
#6  0x40000f68 in _dl_start (arg=0xbe982870) at rtld.c:560
#7  0x400007f0 in _start () from /lib/ld-linux.so.3
#8  0x400007f0 in _start () from /lib/ld-linux.so.3
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) 

that last line is just:

  *reloc_addr += value

but reloc_addr is optimized out.

unfortunately, rebuilding packages (esp. large packages like libc6) takes 
a long time on machines like this (it's an NSLU2, 266Mhz with 32MB RAM),
so i haven't had a chance to debug further.

People interested in this bug might also be interested in discussion 
from http://bugs.debian.org/397616 .  for examples of potential dangers 
of undetected memory alignment failures, see 
http://bugs.debian.org/548815 -- hopefully alignment failures in libc6 
won't cause higher-level trouble the way they do with some media codecs.

I also asked for discussion in general about alignment issues on armel:

 http://lists.debian.org/debian-arm/2009/09/msg00109.html
 
Let me know if i can provide more debugging help on this.  

	--dkg

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: armel (armv5tel)

Kernel: Linux 2.6.30-1-ixp4xx
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages libc6 depends on:
ii  libc-bin                      2.9-25     GNU C Library: Binaries
ii  libgcc1                       1:4.4.1-1  GCC support library

libc6 recommends no packages.

Versions of packages libc6 suggests:
ii  debconf [debconf-2.0]         1.5.27     Debian configuration management sy
pn  glibc-doc                     <none>     (no description available)
ii  locales                       2.9-25     GNU C Library: National Language (

-- debconf information:
* glibc/restart-services: cron
  glibc/disable-screensaver:
  glibc/restart-failed:
  glibc/upgrade: true

Message #10 received at 548842@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: 548842@bugs.debian.org, control@bugs.debian.org
Subject: Re: Bug#548842: libc6: alignment error in /lib/ld-linux.so.3 on armel
Date: Wed, 30 Sep 2009 22:21:37 -0400

[Message part 1 (text/plain, inline)]

found 548842 2.10.1-0exp1
thanks

On 09/28/2009 11:34 PM, Daniel Kahn Gillmor wrote:
> Version: 2.9-25

I tried upgrading libc6 on the machine that was experiencing
this, and it didn't improve.

I'm still seeing the alignment error during the dynamic 
linking step when i launch alsaplayer using 2.10.1-0exp1
from experimental:

Program received signal SIGBUS, Bus error.
elf_machine_rel (scope=0x4001e1a0, reloc_mode=<value optimized out>, consider_profiling=0) at ../ports/sysdeps/arm/dl-machine.h:429
429     ../ports/sysdeps/arm/dl-machine.h: No such file or directory.
        in ../ports/sysdeps/arm/dl-machine.h
Current language:  auto; currently c
(gdb) bt
#0  elf_machine_rel (scope=0x4001e1a0, reloc_mode=<value optimized out>, consider_profiling=0) at ../ports/sysdeps/arm/dl-machine.h:429
#1  elf_dynamic_do_rel (scope=0x4001e1a0, reloc_mode=<value optimized out>, consider_profiling=0) at do-rel.h:120
#2  _dl_relocate_object (scope=0x4001e1a0, reloc_mode=<value optimized out>, consider_profiling=0) at dl-reloc.c:268
#3  0x40003a30 in dl_main (phdr=0x8034, phnum=8, user_entry=0xbed9057c) at rtld.c:2229
#4  0x40015418 in _dl_sysdep_start (start_argptr=<value optimized out>, dl_main=0x40002248 <dl_main>) at ../elf/dl-sysdep.c:243
#5  0x40000ce8 in _dl_start_final (arg=0xbed90870, info=0xbed905f8) at rtld.c:333
#6  0x40000f80 in _dl_start (arg=0xbed90870) at rtld.c:561
#7  0x400007f0 in _start () from /lib/ld-linux.so.3
#8  0x400007f0 in _start () from /lib/ld-linux.so.3
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) 



fwiw, here's the contents of /proc/cpuinfo on the host in question:

Processor       : XScale-IXP42x Family rev 1 (v5l)
BogoMIPS        : 266.24
Features        : swp half thumb fastmult edsp
CPU implementer : 0x69
CPU architecture: 5TE
CPU variant     : 0x0
CPU part        : 0x41f
CPU revision    : 1

Hardware        : Linksys NSLU2
Revision        : 0000
Serial          : 0000000000000000


hth,

	--dkg

[signature.asc (application/pgp-signature, attachment)]

Message #17 received at 548842@bugs.debian.org (full text, mbox):

From: John Reiser <vendor@BitWagon.com>
To: Martin Guy <martinwguy@gmail.com>
Cc: 548842@bugs.debian.org, debian-arm@lists.debian.org
Subject: Re: Apt alignment trap.
Date: Fri, 09 Oct 2009 11:25:30 -0700

> If you'd like to help debug this, you can
> echo 5>  /proc/cpu/alignment
> and run apt-get under gdb - it will be killed with a Bus Error at the bad code.

>   *reloc_addr += value

Some shared library has been built with an initialized pointer, where the storage
for the pointer itself is not aligned on a 4-byte boundary.  The problem is not
in glibc(ld-linux); the problem lies in some shared library that the app requires.

Debug this via
    setenv LD_DEBUG reloc
    ./my_app args...
or perhaps [in bash]:
    LD_DEBUG=reloc,files  ./my_app args...

Set LD_DEBUG=help to get info on other options for debugging the processing
that ld-linux does.

-- 

Message #22 received at 548842@bugs.debian.org (full text, mbox):

From: Martin Guy <martinwguy@gmail.com>
To: John Reiser <vendor@bitwagon.com>
Cc: 548842@bugs.debian.org, debian-arm@lists.debian.org, 
	control@bugs.debian.org
Subject: Re: Apt alignment trap.
Date: Sat, 10 Oct 2009 12:31:01 +0100

reassign 548842 gcc-4.3 4.3.4-2
thanks

On 10/9/09, John Reiser <vendor@bitwagon.com> wrote:
>  Some shared library has been built with an initialized pointer, where the
> storage
>  for the pointer itself is not aligned on a 4-byte boundary.  The problem is
> not
>  in glibc(ld-linux); the problem lies in some shared library that the app
> requires.
>
>  Debug this via
>     setenv LD_DEBUG reloc
>     ./my_app args...

Thanks! It seems to affect any C++ program on armel, including hello.cc

martin@n2100:~$ LD_DEBUG=reloc ./a.out
      6836:	
      6836:	relocation processing: /lib/libc.so.6 (lazy)
      6836:	
      6836:	relocation processing: /lib/libgcc_s.so.1 (lazy)
      6836:	
      6836:	relocation processing: /lib/libm.so.6 (lazy)
      6836:	
      6836:	relocation processing: /usr/lib/libstdc++.so.6 (lazy)
Bus error

and libstdc++.so.6 seems to be provided by gcc-4.3, so I'm reassigning
the bug...

Message #33 received at 548842@bugs.debian.org (full text, mbox):

From: Martin Guy <martinwguy@gmail.com>
Cc: 548842@bugs.debian.org
Subject: Re: Apt alignment trap.
Date: Wed, 4 Nov 2009 12:16:33 +0000

A patch has turned up for glibc-2.9. I'm trying it on eglibc-2.10...
See http://sourceware.org/ml/crossgcc/2009-11/msg00008.html

--- glibc-ports-2.9/sysdeps/arm/dl-machine.h.orig	2009-11-03
22:03:57.000000000 +0100
+++ glibc-ports-2.9/sysdeps/arm/dl-machine.h	2009-11-03 22:11:45.000000000 +0100
@@ -568,13 +568,22 @@
 }
 # endif

+union arm_unaligned_data {
+  Elf32_Addr l_addr;
+} __attribute__ ((packed));
+
 auto inline void
 __attribute__ ((always_inline))
 elf_machine_rel_relative (Elf32_Addr l_addr, const Elf32_Rel *reloc,
 			  void *const reloc_addr_arg)
 {
-  Elf32_Addr *const reloc_addr = reloc_addr_arg;
-  *reloc_addr += l_addr;
+  if (((long)reloc_addr_arg) & 0x3) {
+    union arm_unaligned_data *const lpdata = reloc_addr_arg;
+    lpdata->l_addr += l_addr;
+  } else {
+    Elf32_Addr *const reloc_addr = reloc_addr_arg;
+    *reloc_addr += l_addr;
+  }
 }

 # ifndef RTLD_BOOTSTRAP

Message #38 received at 548842@bugs.debian.org (full text, mbox):

From: Martin Guy <martinwguy@gmail.com>
To: 548842@bugs.debian.org
Subject: Re: Apt alignment trap.
Date: Thu, 5 Nov 2009 11:00:02 +0000

On 11/4/09, Martin Guy <martinwguy@gmail.com> wrote:
> A patch has turned up for glibc-2.9. I'm trying it on eglibc-2.10...
>  See http://sourceware.org/ml/crossgcc/2009-11/msg00008.html
>
>  --- glibc-ports-2.9/sysdeps/arm/dl-machine.h.orig

Nope. That doesn't fix this problem

Message #43 received at submit@bugs.debian.org (full text, mbox):

From: Aurelien Jarno <aurelien@aurel32.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, 548842@bugs.debian.org
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Re: Bug#548842: libc6: alignment error in /lib/ld-linux.so.3 on
	armel
Date: Tue, 24 Nov 2009 01:04:24 +0100

On Mon, Sep 28, 2009 at 11:34:06PM -0400, Daniel Kahn Gillmor wrote:
> Package: libc6
> Version: 2.9-25
> Severity: normal
> 
> I'm running alsaplayer on an armel platform, using the -text frontend 
> and the -alsa output.  I've configured my armel machine to send a SIGBUS
> to any process which makes an alignment error by doing this:
> 
>  echo 5 > /proc/cpu/alignment
> 
> when i launch the player (compiled with debug symbols), even before it 
> gets to main() i get the SIGBUS.
> 
> Here's the backtrace i see with libc6-dbg installed:
> 
> (gdb) bt
> #0  elf_machine_rel (scope=0x4001e1a0, lazy=1, consider_profiling=0) at ../ports/sysdeps/arm/dl-machine.h:429
> #1  elf_dynamic_do_rel (scope=0x4001e1a0, lazy=1, consider_profiling=0) at do-rel.h:120
> #2  _dl_relocate_object (scope=0x4001e1a0, lazy=1, consider_profiling=0) at dl-reloc.c:266
> #3  0x400039bc in dl_main (phdr=0x8034, phnum=8, user_entry=0xbe98257c) at rtld.c:2231
> #4  0x40015110 in _dl_sysdep_start (start_argptr=<value optimized out>, dl_main=0x400021d8 <dl_main>) at ../elf/dl-sysdep.c:239
> #5  0x40000cd0 in _dl_start_final (arg=0xbe982870, info=0xbe9825f8) at rtld.c:332
> #6  0x40000f68 in _dl_start (arg=0xbe982870) at rtld.c:560
> #7  0x400007f0 in _start () from /lib/ld-linux.so.3
> #8  0x400007f0 in _start () from /lib/ld-linux.so.3
> Backtrace stopped: previous frame identical to this frame (corrupt stack?)
> (gdb) 
> 
> that last line is just:
> 
>   *reloc_addr += value
> 
> but reloc_addr is optimized out.
> 

The problem is most probably a non word aligned relocation in the 
program you are trying to run or one of its library. You can list them
with objdump -R file.

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Message #59 received at 548842@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Aurelien Jarno <aurelien@aurel32.net>
Cc: 548842@bugs.debian.org
Subject: Re: Bug#548842: libc6: alignment error in /lib/ld-linux.so.3 on	armel
Date: Mon, 23 Nov 2009 23:34:57 -0500

[Message part 1 (text/plain, inline)]

reassign 548842 libstdc++6
found 548842 4.4.1-4
thanks

On 11/23/2009 07:04 PM, Aurelien Jarno wrote:
> The problem is most probably a non word aligned relocation in the 
> program you are trying to run or one of its library. You can list them
> with objdump -R file.

Since armel is a 32-bit machine, i assume i find the non-aligned relocations
by looking for addresses that aren't equal to 0 mod 4, like this:

0 dkg@igor:~$ objdump -R $(which alsaplayer) | egrep '^[0-9a-f]{7}[1235679abdef]'
1 dkg@igor:~$ 

looking in all of the loaded libraries, it looks like the problem is in
libstdc++.so.6:

0 dkg@igor:~$ for foo in $(ldd $(which alsaplayer) | sed -e 's/^.*=>//' -e 's/ (0x[0-9a-f]*)$//') ; do if objdump -R $foo | egrep '^[0-9a-f]{7}[1235679abdef]' ; then echo $foo ; fi; done
000cda6a R_ARM_ABS32       __gxx_personality_v0
000ce243 R_ARM_ABS32       __gxx_personality_v0
/usr/lib/libstdc++.so.6
0 dkg@igor:~$ 

This is all using an up-to-date squeeze installation, with libstdc++6 4.4.1-4.

when i upgrade libstdc++6 to 4.4.2-3 (from sid, dragging in gcc-4.4-base,
libgcc1, and libgomp1), the problem goes away, and the above search is clean:

0 dkg@igor:~$ for foo in $(ldd $(which alsaplayer) | sed -e 's/^.*=>//' -e 's/ (0x[0-9a-f]*)$//') ; do if objdump -R $foo | egrep '^[0-9a-f]{7}[1235679abdef]' ; then echo $foo ; fi; done
0 dkg@igor:~$

Thanks for pointing that out, Aurelien.  I'm going to go run this test on all
my shared libraries now and file bugs appropriately.

	--dkg

[signature.asc (application/pgp-signature, attachment)]

Message #64 received at 548842-done@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: 548842-done@bugs.debian.org
Subject: debian bug #548842 resolved in libstdc++6 4.4.2-3
Date: Mon, 23 Nov 2009 23:37:00 -0500

[Message part 1 (text/plain, inline)]

Version: 4.4.2-3

Debian bug #548842 was resolved by upgrading libstdc++6 to version 4.4.2-3.

The last version that i saw that had the bug was 4.4.1-4, as detailed in
an earlier message to the bug log.

	--dkg

[signature.asc (application/pgp-signature, attachment)]

Send a report that this bug log contains spam.