[arm-gnu] Irregular segfault in application

To: arm-gnu@xxxxxxxxxxxxxxxx
Subject: [arm-gnu] Irregular segfault in application
From: Juergen Schindele <schindele@xxxxxxxxx>
Date: Fri, 21 May 2010 15:41:57 +0100

Hello Developers,
we have a strange problem when booting the filesystem from a true-IDE Compact-Flash.
In one of three cases the concerned application crashes with segfault. We are able to 
to call the application with prependend strace to see the passed syscall of the app.
We are clueless with this problem and hope to get some hints.

Here the details 
we are using gcc with glibc from "codesourcery" in version 
"gcc (CodeSourcery Sourcery G++ Lite 2007q1-10) 4.2.0 20070413 (prerelease)"
kernel-version is 2.6.20.21 with EABI on a custom board with
CPU: XScale-PXA270 [69054117] revision 7 (ARMv5TE), cr=0000397f
the concerned application is "chat" (for talking to modems).
We are compiling with "-mlittle-endian -march=iwmmxt -mcpu=iwmmxt -msoft-float" options.
What i noticed when comparing the strace dump between good and bad case
is that one syscall in the bad case seems to have faulty parameters.

I'd like to have your advice on this behaviour / bug ???
As the syscalls are generate by glibc is there a problem ???

Your hints are welcome

Bad case 
-----------------------------------
+ strace chat -v -t 15 -f /etc/chatscripts/chat-init-129
execve("/sbin/chat", ["chat", "-v", "-t", "15", "-f", "/etc/chatscripts/chat-init-129"], [/* 10 vars */]) = 0
brk(0)                                  = 0x16000
uname({sys="Linux", node="CommBox1287", ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001c000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001d000
syscall_983045(0x4001ccf0, 0x4001e000, 0x4001d400, 0x4001d388, 0x40024050, 0x40024000, 0, 0xf0005, 0x50, 0xffff5310, 0, 0x7e
                                           ^^^^ isn't that faulty becase not in mmaped area (see good case)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

 Good case
-------------------------------------
+ strace chat -v -t 15 -f /etc/chatscripts/chat-init-129
execve("/sbin/chat", ["chat", "-v", "-t", "15", "-f", "/etc/chatscripts/chat-init-129"], [/* 10 vars */]) = 0
brk(0)                                  = 0x16000
uname({sys="Linux", node="CommBox1287", ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001c000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = -1 ENOENT (No such file or directory)
------8< ------- (snip) --------
stat64("/lib/fast-mult/half", 0x7efaa2d8) = -1 ENOENT (No such file or directory)
open("/lib/fast-mult/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/fast-mult", 0x7efaa2d8)    = -1 ENOENT (No such file or directory)
open("/lib/half/libc.so.6", O_RDONLY)   = -1 ENOENT (No such file or directory)
stat64("/lib/half", 0x7efaa2d8)         = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\260J\1\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1148160, ...}) = 0
mmap2(NULL, 1184156, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40025000
mprotect(0x40139000, 32768, PROT_NONE)  = 0
mmap2(0x40141000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x114) = 0x40141000
mmap2(0x40144000, 8604, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40144000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001d000
syscall_983045(0x4001d080, 0x4001e000, 0x4001d7d8, 0x4001d758, 0x40024050, 0x40024000, 0, 0xf0005, 0x50, 0xffff5310, 0x1, 0x
                                           ^^^^^ look here !
mprotect(0x40141000, 8192, PROT_READ)   = 0
write(2, "AB gehts!!!!!!!!!!!!!!!!!!!!!!!!"..., 58AB gehts!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
) = 58
brk(0)                                  = 0x16000
brk(0x37000)                            = 0x37000
open("/etc/localtime", O_RDONLY)        = 3

-- 
--------------------------------------------------------------
Jürgen Schindele  
Software-Entwicklung

PSI NENTEC GmbH
Greschbachstr. 12
76229 Karlsruhe
Deutschland
Telefon: +49 721 94249-51
Telefax: +49 721 94249-10
E-Mail:  schindele@xxxxxxxxx
WEB:     www.nentec.de
 
Geschäftsführung: Klaus Becker, Roland Knapp
Sitz der Gesellschaft: Karlsruhe
Handelsregister: Amtsgericht Mannheim HRB 107658
--------------------------------------------------------------

Follow-Ups:
- Re: [arm-gnu] Irregular segfault in application
  - From: Carlos O'Donell

Prev by Date: Re: [arm-gnu] Why is R3 pushed/popped on function entry/exit (Cortex-M3)?
Next by Date: Re: [arm-gnu] Irregular segfault in application
Previous by thread: Re: [arm-gnu] Why is R3 pushed/popped on function entry/exit (Cortex-M3)?
Next by thread: Re: [arm-gnu] Irregular segfault in application
Index(es):
- Date
- Thread