Bug 4291

Summary: Segmentation fault with all binaries that use threads when compiled with gcc 4.6
Product: buildroot Reporter: Sven Neumann <s.neumann>
Component: OtherAssignee: unassigned
Status: RESOLVED WONTFIX    
Severity: normal CC: buildroot
Priority: P1    
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
Host: Target:
Build:

Description Sven Neumann 2011-10-04 09:16:50 UTC 
We are using buildroot to build our software stack for an embedded device based on a Marvell PXA300. Here's the output from /proc/cpuinfo:

Processor       : XScale-V3 based processor rev 1 (v5l)
BogoMIPS        : 206.64
Features        : swp half thumb fastmult edsp iwmmxt 
CPU implementer : 0x69
CPU architecture: 5TE
CPU variant     : 0x0
CPU part        : 0x688
CPU revision    : 1

Our buildroot environment is up-to-date with current git and we are using uclibc 0.9.32 with NPTL as thread library implementation. Currently we are using gcc 4.3.6 and things work fine. Here are some details from the BR2 CPU configuration:

BR2_iwmmxt=y
BR2_ARM_TYPE="ARM_IWMMXT"
BR2_ARM_EABI=y
BR2_ARCH="arm"
BR2_ENDIAN="LITTLE"
BR2_GCC_TARGET_TUNE="iwmmxt"
BR2_GCC_TARGET_ARCH="iwmmxt"
BR2_GCC_TARGET_ABI="aapcs-linux"

As I said above, with gcc 4.3.6 everything works nicely. Now we tried to update the compiler to version 4.6.1. With that change, and only that change, any binary that uses threads started to segfault at startup. Non-threaded binaries still work, so we have a system compiled with gcc 4.6.1 that is basically working. But as soon as we try to start a threaded binary, it will segfault.

I tried to shed some light on this with gdb, but the stack-trace I got was definitely corrupt. 

Here's an strace from starting dbus-daemon:

# strace dbus-daemon
init_tls [ld.so]
_dl_determine_tlsoffset [ld.so]
_dl_allocate_tls_storage (1696) [ld.so]
execve("/usr/bin/dbus-daemon", ["dbus-daemon"], [/* 15 vars */]) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40031000
open("/lib/libxml2.so.2", O_RDONLY)     = -1 ENOENT (No such file or directory)
open("/lib/libxml2.so.2", O_RDONLY)     = -1 ENOENT (No such file or directory)
open("/usr/lib/libxml2.so.2", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0755, st_size=1409657, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40103000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\230\237\1\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 1196032, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x401d7000
mmap2(0x401d7000, 1140664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x401d7000
mmap2(0x402f5000, 19828, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x116) = 0x402f5000
mmap2(0x402fa000, 3068, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x402fa000
close(3)                                = 0
munmap(0x40103000, 4096)                = 0
open("/lib/libpthread.so.0", O_RDONLY)  = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=97011, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x400e8000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0pC\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 114688, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40127000
mmap2(0x40127000, 65988, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40127000
mmap2(0x4013f000, 4124, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x10) = 0x4013f000
mmap2(0x40141000, 4316, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40141000
close(3)                                = 0
munmap(0x400e8000, 4096)                = 0
open("/lib/librt.so.0", O_RDONLY)       = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=13795, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x4001f000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0`\16\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 49152, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40050000
mmap2(0x40050000, 8280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40050000
mmap2(0x4005a000, 4100, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x2) = 0x4005a000
close(3)                                = 0
munmap(0x4001f000, 4096)                = 0
open("/lib/libgcc_s.so.1", O_RDONLY)    = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=41256, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40061000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\234'\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 73728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400a7000
mmap2(0x400a7000, 39468, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x400a7000
mmap2(0x400b8000, 3136, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x9) = 0x400b8000
close(3)                                = 0
munmap(0x40061000, 4096)                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40013000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0`\235\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 348160, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40143000
mmap2(0x40143000, 290456, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40143000
mmap2(0x40192000, 4840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x47) = 0x40192000
mmap2(0x40194000, 14504, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40194000
close(3)                                = 0
munmap(0x40013000, 4096)                = 0
open("/lib/libdl.so.0", O_RDONLY)       = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=9223, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40072000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\354\t\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 45056, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40198000
mmap2(0x40198000, 7276, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x40198000
mmap2(0x401a1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1) = 0x401a1000
mmap2(0x401a2000, 4, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401a2000
close(3)                                = 0
munmap(0x40072000, 4096)                = 0
open("/lib/libm.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=64543, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x40096000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\374\22\0\0004\0\0\0"..., 4096) = 4096
mmap2(NULL, 98304, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400bd000
mmap2(0x400bd000, 57164, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x400bd000
mmap2(0x400d3000, 4097, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xe) = 0x400d3000
close(3)                                = 0
munmap(0x40096000, 4096)                = 0
open("/lib/libgcc_s.so.1", O_RDONLY)    = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=41256, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
open("/lib/libdl.so.0", O_RDONLY)       = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=9223, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
open("/lib/libdl.so.0", O_RDONLY)       = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=9223, ...}) = 0
close(3)                                = 0
open("/lib/libpthread.so.0", O_RDONLY)  = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=97011, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
open("/lib/libc.so.0", O_RDONLY)        = 3
fstat(3, {st_mode=S_IFREG|0700, st_size=315063, ...}) = 0
close(3)                                = 0
stat("/lib/ld-uClibc.so.0", {st_mode=S_IFREG|0700, st_size=25452, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400f0000
munmap(0x400f0000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4005e000
munmap(0x4005e000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40081000
munmap(0x40081000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x4000000, -1, 0) = 0x4008d000
set_tls(0x4008d490, 0x4008db30, 0x4008db38, 0x4008d490, 0x400a5f74) = 0
mprotect(0x4013f000, 4096, PROT_READ)   = 0
mprotect(0x4005a000, 4096, PROT_READ)   = 0
mprotect(0x40192000, 4096, PROT_READ)   = 0
mprotect(0x401a1000, 4096, PROT_READ)   = 0
mprotect(0x400d3000, 4096, PROT_READ)   = 0
mprotect(0x400a5000, 4096, PROT_READ)   = 0
set_tid_address(0x4008d068)             = 1261
set_robust_list(0x4008d070, 0xc)        = 0
rt_sigaction(SIGRTMIN, {0x4013028c, [], SA_SIGINFO|0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x40130138, [], SA_RESTART|SA_SIGINFO|0x4000000}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400e6000
munmap(0x400e6000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40079000
munmap(0x40079000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40021000
munmap(0x40021000, 4096)                = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=16}) = 0
ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B115200 opost isig icanon echo ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400ec000
munmap(0x400ec000, 4096)                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40006000
munmap(0x40006000, 4096)                = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Segmentation fault
Comment 1 Thomas Petazzoni 2015-06-03 01:28:27 UTC 
This bug is very old (almost 4 years), we don't support uClibc 0.9.32 or gcc 4.6 anymore. So I'm marking it as "WONTFIX". Please reopen if you're still seeing the problem with a recent Buildroot.