Ubuntu
dietlibc package

Bug #584980
Comment #19

Comment 19 for bug 584980

Revision history for this message

Thorsten Glaser (mirabilos) wrote on 2011-10-15: Re: [Bug 584980] Re: Please merge dietlibc 0.32-5 (universe) from Debian unstable (main)

#19

Dixi quod…

>This is fun – I built a sid and a precise chroot today, i386,
>and built mksh against dietlibc-dev_0.33~cvs20110918-4_i386.deb
>from Debian sid (dpkg -i’d on precise). It segfaults only on
>Ubuntu, not on Debian. It is _not_ -fstack-protector-all.
>
>Investigating. May be some gcc default flags difference…
>Matthias, if you have an idea already, shoot.

OK, I got it:

Dump of assembler code for function main:
   0x0804820c <+0>: push ebp
   0x0804820d <+1>: push edi
   0x0804820e <+2>: push esi
   0x0804820f <+3>: push ebx
   0x08048210 <+4>: sub esp,0x90
   0x08048216 <+10>: mov ebp,DWORD PTR [esp+0xa8]
=> 0x0804821d <+17>: mov eax,gs:0x14
   0x08048223 <+23>: mov DWORD PTR [esp+0x8c],eax
   0x0804822a <+30>: xor eax,eax
   0x0804822c <+32>: call 0x805dfd4 <chvt_reinit>
[…]

The marked line SIGSEGVs.

What’s in GS and why does the gcc-generated function prologue
try to access it, anyway? This doesn’t happen on MirBSD… nor,
incidentally, on Debian sid, where main() starts like this:

Dump of assembler code for function main:
=> 0x0804820c <+0>: push ebp
   0x0804820d <+1>: push edi
   0x0804820e <+2>: push esi
   0x0804820f <+3>: push ebx
   0x08048210 <+4>: add esp,0xffffff80
   0x08048213 <+7>: mov edi,DWORD PTR [esp+0x98]
   0x0804821a <+14>: call 0x805debc <chvt_reinit>

Since this issue arises in gcc-generated code, similar breakage
may occur on other platforms (I can check amd64 but not ARM or,
at the moment, powerpc; I’m just most familiar with i8086/i386,
myself).

bye,
//mirabilos
--
In traditional syntax ' is ignored, but in c99 everything between two ' is
handled as character constant. Therefore you cannot use ' in a preproces-
sing file in c99 mode. -- Ragge
No faith left in ISO C99, undefined behaviour, etc.

Dixi quod…

OK, I got it:

Dump of assembler code for function main:
   0x0804820c <+0>:     push   ebp
   0x0804820d <+1>:     push   edi
   0x0804820e <+2>:     push   esi
   0x0804820f <+3>:     push   ebx
   0x08048210 <+4>:     sub    esp,0x90
   0x08048216 <+10>:    mov    ebp,DWORD PTR [esp+0xa8]
=> 0x0804821d <+17>:    mov    eax,gs:0x14
   0x08048223 <+23>:    mov    DWORD PTR [esp+0x8c],eax
   0x0804822a <+30>:    xor    eax,eax
   0x0804822c <+32>:    call   0x805dfd4 <chvt_reinit>
[…]

The marked line SIGSEGVs.

(gdb) info r
eax            0xf7ffd420       -134228960
ecx            0x3      3
edx            0x0      0
ebx            0x0      0
esp            0xffffd2e0       0xffffd2e0
ebp            0xffffd394       0xffffd394
esi            0xffffd4a8       -11096
edi            0x0      0
eip            0x804821d        0x804821d <main+17>
eflags         0x10282  [ SF IF RF ]
cs             0x23     35
ss             0x2b     43
ds             0x2b     43
es             0x2b     43
fs             0x0      0
gs             0x0      0

What’s in GS and why does the gcc-generated function prologue
try to access it, anyway? This doesn’t happen on MirBSD… nor,
incidentally, on Debian sid, where main() starts like this:

Dump of assembler code for function main:
=> 0x0804820c <+0>:     push   ebp
   0x0804820d <+1>:     push   edi
   0x0804820e <+2>:     push   esi
   0x0804820f <+3>:     push   ebx
   0x08048210 <+4>:     add    esp,0xffffff80
   0x08048213 <+7>:     mov    edi,DWORD PTR [esp+0x98]
   0x0804821a <+14>:    call   0x805debc <chvt_reinit>

bye,
//mirabilos
-- 
In traditional syntax ' is ignored, but in c99 everything between two ' is
handled as character constant.  Therefore you cannot use ' in a preproces-
sing file in c99 mode.	-- Ragge
No faith left in ISO C99, undefined behaviour, etc.

Ubuntudietlibc package

Comment 19 for bug 584980

Ubuntu
dietlibc package