Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[James Clarke]

Control: reassign -1 binutils
Control: retitle -1 ld on sparc64 converts R_SPARC_32 to R_SPARC_RELATIVE
Control: affects -1 src:x264
Control: tags -1 upstream patch
Control: forwarded -1 asdf

On Tue, 21 Jul 2015 22:35:49 +0200 Andreas Cadhalpun 
 wrote:
> On 21.07.2015 21:44, Carlos O'Donell wrote:
> > Does the problem always reproduce or just sometimes?
>
> Always.
>
> > If it's just sometimes then it's much much harder to figure out what's 
> > wrong.
>
> If it were just sometimes, I wouldn't have been able to trace it to libx264...
>
> > You'll need a dedicated person to track down exactly what is the
> > concurrency issue and why it's failing.
>
> What I don't understand is why it only fails for libx264, but e.g. libx265 is 
> fine.
> Also, I don't see how the code, where the crash happens, can possibly crash:
> From do-rel.h [1]:
>  85:  const ElfW(Rel) *relative = r;
>  86:  r += nrelative;
> [...]
> 111:for (; relative < r; ++relative)
> 112:  DO_ELF_MACHINE_REL_RELATIVE (map, l_addr, relative);
>
> gdb claims it crashes at line 111.

It does indeed crash there, although on line 112 not line 111.
DO_ELF_MACHINE_REL_RELATIVE is defined to be elf_machine_rel_relative, which in
this case has been defined to elf_machine_rela_relative, which is an
always-inline function that will just perform some calculations and a single
assignment to the relocation address.

The reason it crashes is that libx264 has R_SPARC_RELATIVE relocations which
are not 8-byte aligned. This is because ld incorrectly converts some R_SPARC_32
relocations into R_SPARC_RELATIVE ones, which is only valid for 32-bit Sparc.

I have attached a patch which seems to fix this particular case; recompiling
libx264, linking main.c with it and running the resulting main no longer
leads to a bus error, and terminates with exit code 0.

James


signature.asc
Description: PGP signature

Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[Carlos O'Donell]

On Tue, Jul 21, 2015 at 2:49 PM, Andreas Cadhalpun
andreas.cadhal...@googlemail.com wrote:
 On 20.07.2015 17:18, Carlos O'Donell wrote:
 On Mon, Jul 20, 2015 at 3:35 AM, Andreas Cadhalpun
 andreas.cadhal...@googlemail.com wrote:
 Program received signal SIGBUS, Bus error.
 0xf801cda4 in elf_dynamic_do_Rela (skip_ifunc=optimized out, 
 lazy=0, nrelative=optimized out, relsize=optimized out, 
 reladdr=optimized out, map=0xf80100023570) at do-rel.h:111

 Usually a corrupted library. Check md5sums.

 I don't think this problem is caused by a corrupted libx264.

 First, it's also happening on the sparc64 buildds, see e.g. [1].
 Second, I rebuilt the current x264 locally and it shows the same problem.

Does the problem always reproduce or just sometimes?

If it's just sometimes then it's much much harder to figure out what's wrong.

You'll need a dedicated person to track down exactly what is the
concurrency issue and why it's failing.

Cheers,
Carlos.


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAE2sS1hiWgvUJb-RZX5O3=MCWZ=zbyojs_urnogodtzfkuv...@mail.gmail.com

Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[Andreas Cadhalpun]

Hi Carlos,

Thanks for looking into this. ;)

On 20.07.2015 17:18, Carlos O'Donell wrote:
 On Mon, Jul 20, 2015 at 3:35 AM, Andreas Cadhalpun
 andreas.cadhal...@googlemail.com wrote:
 Program received signal SIGBUS, Bus error.
 0xf801cda4 in elf_dynamic_do_Rela (skip_ifunc=optimized out, 
 lazy=0, nrelative=optimized out, relsize=optimized out, 
 reladdr=optimized out, map=0xf80100023570) at do-rel.h:111
 
 Usually a corrupted library. Check md5sums.

I don't think this problem is caused by a corrupted libx264.

First, it's also happening on the sparc64 buildds, see e.g. [1].
Second, I rebuilt the current x264 locally and it shows the same problem.

Best regards,
Andreas

1: 
http://buildd.debian-ports.org/status/fetch.php?pkg=ffmpegarch=sparc64ver=7%3A2.7.1-1stamp=1435386635


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55ae9448.6080...@googlemail.com

Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[Andreas Cadhalpun]

On 21.07.2015 21:44, Carlos O'Donell wrote:
 Does the problem always reproduce or just sometimes?

Always.

 If it's just sometimes then it's much much harder to figure out what's wrong.

If it were just sometimes, I wouldn't have been able to trace it to libx264...

 You'll need a dedicated person to track down exactly what is the
 concurrency issue and why it's failing.

What I don't understand is why it only fails for libx264, but e.g. libx265 is 
fine.
Also, I don't see how the code, where the crash happens, can possibly crash:
From do-rel.h [1]:
 85:  const ElfW(Rel) *relative = r;
 86:  r += nrelative;
[...]
111:for (; relative  r; ++relative)
112:  DO_ELF_MACHINE_REL_RELATIVE (map, l_addr, relative);

gdb claims it crashes at line 111.

Best regards,
Andreas


1: https://sources.debian.net/src/glibc/2.19-19/elf/do-rel.h/?hl=111#L111


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55aead25.5000...@googlemail.com

Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[Andreas Cadhalpun]

Package: x264,libc6
Version: x264/2:0.142.2431+gita5831aa-1
Version: libc6/2.19-19
Severity: important
X-Debbugs-Cc: debian-sp...@lists.debian.org

Dear Maintainers,

The x264 package on sparc64 is unusable, because linking against
the libx264 library causes the runtime linker to crash:
$ cat main.c
int main () {
return 0;
}
$ rm ./main
rm: cannot remove './main': No such file or directory
$ cc -g -lx264 main.c -o main
$ ./main; echo $?
138
$ gdb --batch -ex r -ex bt -ex q --args ./main
[tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device]
[tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device]
[tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device]

Program received signal SIGBUS, Bus error.
0xf801cda4 in elf_dynamic_do_Rela (skip_ifunc=optimized out, lazy=0, 
nrelative=optimized out, relsize=optimized out, reladdr=optimized out, 
map=0xf80100023570) at do-rel.h:111
111 do-rel.h: No such file or directory.
#0  0xf801cda4 in elf_dynamic_do_Rela (skip_ifunc=optimized out, 
lazy=0, nrelative=optimized out, relsize=optimized out, reladdr=optimized 
out, map=0xf80100023570) at do-rel.h:111
#1  _dl_relocate_object (scope=optimized out, reloc_mode=optimized out, 
consider_profiling=optimized out, consider_profiling@entry=0) at 
dl-reloc.c:264
#2  0xf8013f2c in dl_main (phdr=optimized out, phnum=optimized out, 
user_entry=optimized out, auxv=optimized out) at rtld.c:2205
#3  0xf80100018be4 in _dl_sysdep_start 
(start_argptr=start_argptr@entry=0x7fefdc0, dl_main=0xf8011e00 
dl_main) at ../elf/dl-sysdep.c:249
#4  0xf8015630 in _dl_start_final (arg=0x7fefdc0) at rtld.c:331
#5  _dl_start (arg=0x7fefdc0) at rtld.c:557
#6  0xf80116ec in _start () from /lib64/ld-linux.so.2
Backtrace stopped: previous frame identical to this frame (corrupt stack?)


I'm not sure what the cause for this crash is, so I'm filing this bug
against both packages. Please reassign as appropriate.

Best regards,
Andreas


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55aca4db.8080...@googlemail.com

Bug#792921: [sparc64] linking against libx264 crashes runtime linker

[Carlos O'Donell]

On Mon, Jul 20, 2015 at 3:35 AM, Andreas Cadhalpun
andreas.cadhal...@googlemail.com wrote:
 Program received signal SIGBUS, Bus error.
 0xf801cda4 in elf_dynamic_do_Rela (skip_ifunc=optimized out, 
 lazy=0, nrelative=optimized out, relsize=optimized out, 
 reladdr=optimized out, map=0xf80100023570) at do-rel.h:111

Usually a corrupted library. Check md5sums.

Cheers,
Carlos.


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAE2sS1gXgt6hA2vmeMKUpdrhP2=qmK9_oRrNhix=5s64jfz...@mail.gmail.com