Public bug reported: I'm porting Ubuntu Touch to Samsung Galaxy Tab 2 7.0. As I investigate unity-system-compositor crash, it's found that the crash happens in mm's linker (https://git.launchpad.net/~libhybris-maintainers/libhybris/+git/libhybris/tree/hybris/common/mm/linker.cpp#n2180), where soname_ is NULL. Digging further, it's found that the library it's trying to load (gralloc.omap4.so) indeed doesn't have soname in it. My current workaround is applying this patch so that it checks whether soname_ is NULL: --- a/hybris/common/mm/linker.cpp +++ b/hybris/common/mm/linker.cpp @@ -2177,7 +2177,7 @@ return; } - if (strcmp(soname_, "libc.so") == 0) { + if (soname_ && strcmp(soname_, "libc.so") == 0) { DEBUG("HYBRIS: =============> Skipping libc.so\n"); return; } Although I'm not sure if this is the correct fix. So, I open this bug so that the people familiar with the codebase can put in the correct fix.
Channel: ubuntu-touch/rc-proposed/ubuntu Ubuntu build description: 20160715.1 Result from a gdb session: phablet@ubuntu-phablet:~/deb$ sudo HYBRIS_LOGGING_LEVEL=debug gdb unity-system-compositor GNU gdb (Ubuntu 7.9-1ubuntu1) 7.9 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "arm-linux-gnueabihf". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from unity-system-compositor...Reading symbols from /usr/lib/debug/.build-id/0c/4fb1a807f3bac08b4b2122d587a7918b73f343.debug...done. done. (gdb) run --disable-overlays=false --spinner=/usr/bin/unity-system-compositor-spinner Starting program: /usr/sbin/unity-system-compositor --disable-overlays=false --spinner=/usr/bin/unity-system-compositor-spinner [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1". WARNING: linker /android/system/vendor/lib/hw/gralloc.omap4430.so: unused DT entry: type 0xf arg 0x53b WARNING: linker /android/system/vendor/lib/libsrv_um_SGX540_120.so: unused DT entry: type 0xf arg 0xeb9 WARNING: linker /android/system/vendor/lib/libpvr2d_SGX540_120.so: unused DT entry: type 0xf arg 0x767 Program received signal SIGSEGV, Segmentation fault. strcmp () at ../sysdeps/arm/armv7/strcmp.S:181 181 ../sysdeps/arm/armv7/strcmp.S: No such file or directory. (gdb) print soname_ No symbol "soname_" in current context. (gdb) bt #0 strcmp () at ../sysdeps/arm/armv7/strcmp.S:181 #1 0x4087c78a in soinfo::call_constructors (this=0x40c59004) at linker.cpp:2180 #2 0x4087f2aa in do_dlopen ( name=name@entry=0xbeffbfe4 "/vendor/lib/hw/gralloc.omap4.so", flags=flags@entry=0, extinfo=extinfo@entry=0x0) at linker.cpp:1625 #3 0x4087a9a4 in dlopen_ext ( filename=0xbeffbfe4 "/vendor/lib/hw/gralloc.omap4.so", flags=0, extinfo=0x0) at dlfcn.cpp:88 #4 0x40781772 in _hybris_hook_android_dlopen (filename=<optimized out>, flag=<optimized out>) at hooks.c:2191 #5 0x40c54ad4 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) frame 1 #1 0x4087c78a in soinfo::call_constructors (this=0x40c59004) at linker.cpp:2180 2180 linker.cpp: No such file or directory. (gdb) print soname_ $1 = 0x0 (gdb) print this $2 = (soinfo * const) 0x40c59004 (gdb) print *this $3 = {phdr = 0x41002034, phnum = 7, entry = 0, base = 1090527232, size = 32768, dynamic = 0x41008dcc, next = 0x40c5911c, flags_ = 1073741825, strtab_ = 0x410025d4 "", symtab_ = 0x41002114, nbucket_ = 67, nchain_ = 76, bucket_ = 0x41002b24, chain_ = 0x41002c30, plt_got_ = 0x0, plt_rel_ = 0x41003048, plt_rel_count_ = 68, rel_ = 0x41002d60, rel_count_ = 93, preinit_array_ = 0x0, preinit_array_count_ = 0, init_array_ = 0x41008dbc, init_array_count_ = 3, fini_array_ = 0x41008dc8, fini_array_count_ = 1, init_func_ = 0x0, fini_func_ = 0x0, ARM_exidx = 0x41006b08, ARM_exidx_count = 60, ref_count_ = 1, link_map_head = {l_addr = 1090527232, l_name = 0x743e4 "/android/system/vendor/lib/hw/gralloc.omap4430.so", l_ld = 0x41008dcc, l_next = 0x40c59194, l_prev = 0x40038eb4}, constructors_called = false, load_bias = 1090527232, has_text_relocations = false, has_DT_SYMBOLIC = true, version_ = 2, st_dev_ = 1793, st_ino_ = 816, children_ = {head_ = 0x4002649c, tail_ = 0x400264cc}, parents_ = {head_ = 0x0, tail_ = 0x0}, file_offset_ = 0, rtld_flags_ = 0, dt_flags_1_ = 1, strtab_size_ = 1351, gnu_nbucket_ = 0, gnu_bucket_ = 0x0, gnu_chain_ = 0x0, gnu_maskwords_ = 0, gnu_shift2_ = 0, gnu_bloom_filter_ = 0x0, local_group_root_ = 0x40c59004, android_relocs_ = 0x0, android_relocs_size_ = 0, soname_ = 0x0, realpath_ = "/android/system/vendor/lib/hw/gralloc.omap4430.so", versym_ = 0x0, verdef_ptr_ = 0, verdef_cnt_ = 0, verneed_ptr_ = 0, verneed_cnt_ = 0, target_sdk_version_ = 23} (gdb) quit A debugging session is active. Inferior 1 [process 3209] will be killed. Quit anyway? (y or n) y phablet@ubuntu-phablet:~/deb$ Info for gralloc.omap4.so: ubuntu-phone-devtree-p3100/vendor/samsung/espresso-common/proprietary/system/vendor/lib/hw$ readelf -d gralloc.omap4430.so Dynamic section at offset 0x5dcc contains 28 entries: Tag Type Name/Value 0x00000003 (PLTGOT) 0x6ee4 0x00000002 (PLTRELSZ) 544 (bytes) 0x00000017 (JMPREL) 0x1048 0x00000014 (PLTREL) REL 0x00000011 (REL) 0xd60 0x00000012 (RELSZ) 744 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffa (RELCOUNT) 92 0x00000006 (SYMTAB) 0x114 0x0000000b (SYMENT) 16 (bytes) 0x00000005 (STRTAB) 0x5d4 0x0000000a (STRSZ) 1351 (bytes) 0x00000004 (HASH) 0xb1c 0x00000001 (NEEDED) Shared library: [libc.so] 0x00000001 (NEEDED) Shared library: [libdl.so] 0x00000001 (NEEDED) Shared library: [libcutils.so] 0x00000001 (NEEDED) Shared library: [libsrv_um_SGX540_120.so] 0x00000001 (NEEDED) Shared library: [libpvr2d_SGX540_120.so] 0x00000001 (NEEDED) Shared library: [libcorkscrew.so] 0x00000019 (INIT_ARRAY) 0x6dbc 0x0000001b (INIT_ARRAYSZ) 12 (bytes) 0x0000001a (FINI_ARRAY) 0x6dc8 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x0000000f (RPATH) Library rpath: [/system/lib] 0x00000010 (SYMBOLIC) 0x0 0x0000001e (FLAGS) SYMBOLIC BIND_NOW 0x6ffffffb (FLAGS_1) Flags: NOW 0x00000000 (NULL) 0x0 ubuntu-phone-devtree-p3100/vendor/samsung/espresso-common/proprietary/system/vendor/lib/hw$ The file itself can be got at https://github.com/TheMuppets/proprietary_vendor_samsung/blob/cm-13.0 /espresso- common/proprietary/system/vendor/lib/hw/gralloc.omap4430.so?raw=true ** Affects: libhybris (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libhybris in Ubuntu. https://bugs.launchpad.net/bugs/1603520 Title: mm linker's soinfo::call_constructors: don't assume that soname_ is available. Status in libhybris package in Ubuntu: New Bug description: I'm porting Ubuntu Touch to Samsung Galaxy Tab 2 7.0. As I investigate unity-system-compositor crash, it's found that the crash happens in mm's linker (https://git.launchpad.net/~libhybris-maintainers/libhybris/+git/libhybris/tree/hybris/common/mm/linker.cpp#n2180), where soname_ is NULL. Digging further, it's found that the library it's trying to load (gralloc.omap4.so) indeed doesn't have soname in it. My current workaround is applying this patch so that it checks whether soname_ is NULL: --- a/hybris/common/mm/linker.cpp +++ b/hybris/common/mm/linker.cpp @@ -2177,7 +2177,7 @@ return; } - if (strcmp(soname_, "libc.so") == 0) { + if (soname_ && strcmp(soname_, "libc.so") == 0) { DEBUG("HYBRIS: =============> Skipping libc.so\n"); return; } Although I'm not sure if this is the correct fix. So, I open this bug so that the people familiar with the codebase can put in the correct fix. Channel: ubuntu-touch/rc-proposed/ubuntu Ubuntu build description: 20160715.1 Result from a gdb session: phablet@ubuntu-phablet:~/deb$ sudo HYBRIS_LOGGING_LEVEL=debug gdb unity-system-compositor GNU gdb (Ubuntu 7.9-1ubuntu1) 7.9 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "arm-linux-gnueabihf". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from unity-system-compositor...Reading symbols from /usr/lib/debug/.build-id/0c/4fb1a807f3bac08b4b2122d587a7918b73f343.debug...done. done. (gdb) run --disable-overlays=false --spinner=/usr/bin/unity-system-compositor-spinner Starting program: /usr/sbin/unity-system-compositor --disable-overlays=false --spinner=/usr/bin/unity-system-compositor-spinner [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1". WARNING: linker /android/system/vendor/lib/hw/gralloc.omap4430.so: unused DT entry: type 0xf arg 0x53b WARNING: linker /android/system/vendor/lib/libsrv_um_SGX540_120.so: unused DT entry: type 0xf arg 0xeb9 WARNING: linker /android/system/vendor/lib/libpvr2d_SGX540_120.so: unused DT entry: type 0xf arg 0x767 Program received signal SIGSEGV, Segmentation fault. strcmp () at ../sysdeps/arm/armv7/strcmp.S:181 181 ../sysdeps/arm/armv7/strcmp.S: No such file or directory. (gdb) print soname_ No symbol "soname_" in current context. (gdb) bt #0 strcmp () at ../sysdeps/arm/armv7/strcmp.S:181 #1 0x4087c78a in soinfo::call_constructors (this=0x40c59004) at linker.cpp:2180 #2 0x4087f2aa in do_dlopen ( name=name@entry=0xbeffbfe4 "/vendor/lib/hw/gralloc.omap4.so", flags=flags@entry=0, extinfo=extinfo@entry=0x0) at linker.cpp:1625 #3 0x4087a9a4 in dlopen_ext ( filename=0xbeffbfe4 "/vendor/lib/hw/gralloc.omap4.so", flags=0, extinfo=0x0) at dlfcn.cpp:88 #4 0x40781772 in _hybris_hook_android_dlopen (filename=<optimized out>, flag=<optimized out>) at hooks.c:2191 #5 0x40c54ad4 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) frame 1 #1 0x4087c78a in soinfo::call_constructors (this=0x40c59004) at linker.cpp:2180 2180 linker.cpp: No such file or directory. (gdb) print soname_ $1 = 0x0 (gdb) print this $2 = (soinfo * const) 0x40c59004 (gdb) print *this $3 = {phdr = 0x41002034, phnum = 7, entry = 0, base = 1090527232, size = 32768, dynamic = 0x41008dcc, next = 0x40c5911c, flags_ = 1073741825, strtab_ = 0x410025d4 "", symtab_ = 0x41002114, nbucket_ = 67, nchain_ = 76, bucket_ = 0x41002b24, chain_ = 0x41002c30, plt_got_ = 0x0, plt_rel_ = 0x41003048, plt_rel_count_ = 68, rel_ = 0x41002d60, rel_count_ = 93, preinit_array_ = 0x0, preinit_array_count_ = 0, init_array_ = 0x41008dbc, init_array_count_ = 3, fini_array_ = 0x41008dc8, fini_array_count_ = 1, init_func_ = 0x0, fini_func_ = 0x0, ARM_exidx = 0x41006b08, ARM_exidx_count = 60, ref_count_ = 1, link_map_head = {l_addr = 1090527232, l_name = 0x743e4 "/android/system/vendor/lib/hw/gralloc.omap4430.so", l_ld = 0x41008dcc, l_next = 0x40c59194, l_prev = 0x40038eb4}, constructors_called = false, load_bias = 1090527232, has_text_relocations = false, has_DT_SYMBOLIC = true, version_ = 2, st_dev_ = 1793, st_ino_ = 816, children_ = {head_ = 0x4002649c, tail_ = 0x400264cc}, parents_ = {head_ = 0x0, tail_ = 0x0}, file_offset_ = 0, rtld_flags_ = 0, dt_flags_1_ = 1, strtab_size_ = 1351, gnu_nbucket_ = 0, gnu_bucket_ = 0x0, gnu_chain_ = 0x0, gnu_maskwords_ = 0, gnu_shift2_ = 0, gnu_bloom_filter_ = 0x0, local_group_root_ = 0x40c59004, android_relocs_ = 0x0, android_relocs_size_ = 0, soname_ = 0x0, realpath_ = "/android/system/vendor/lib/hw/gralloc.omap4430.so", versym_ = 0x0, verdef_ptr_ = 0, verdef_cnt_ = 0, verneed_ptr_ = 0, verneed_cnt_ = 0, target_sdk_version_ = 23} (gdb) quit A debugging session is active. Inferior 1 [process 3209] will be killed. Quit anyway? (y or n) y phablet@ubuntu-phablet:~/deb$ Info for gralloc.omap4.so: ubuntu-phone-devtree-p3100/vendor/samsung/espresso-common/proprietary/system/vendor/lib/hw$ readelf -d gralloc.omap4430.so Dynamic section at offset 0x5dcc contains 28 entries: Tag Type Name/Value 0x00000003 (PLTGOT) 0x6ee4 0x00000002 (PLTRELSZ) 544 (bytes) 0x00000017 (JMPREL) 0x1048 0x00000014 (PLTREL) REL 0x00000011 (REL) 0xd60 0x00000012 (RELSZ) 744 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffa (RELCOUNT) 92 0x00000006 (SYMTAB) 0x114 0x0000000b (SYMENT) 16 (bytes) 0x00000005 (STRTAB) 0x5d4 0x0000000a (STRSZ) 1351 (bytes) 0x00000004 (HASH) 0xb1c 0x00000001 (NEEDED) Shared library: [libc.so] 0x00000001 (NEEDED) Shared library: [libdl.so] 0x00000001 (NEEDED) Shared library: [libcutils.so] 0x00000001 (NEEDED) Shared library: [libsrv_um_SGX540_120.so] 0x00000001 (NEEDED) Shared library: [libpvr2d_SGX540_120.so] 0x00000001 (NEEDED) Shared library: [libcorkscrew.so] 0x00000019 (INIT_ARRAY) 0x6dbc 0x0000001b (INIT_ARRAYSZ) 12 (bytes) 0x0000001a (FINI_ARRAY) 0x6dc8 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x0000000f (RPATH) Library rpath: [/system/lib] 0x00000010 (SYMBOLIC) 0x0 0x0000001e (FLAGS) SYMBOLIC BIND_NOW 0x6ffffffb (FLAGS_1) Flags: NOW 0x00000000 (NULL) 0x0 ubuntu-phone-devtree-p3100/vendor/samsung/espresso-common/proprietary/system/vendor/lib/hw$ The file itself can be got at https://github.com/TheMuppets/proprietary_vendor_samsung/blob/cm-13.0 /espresso- common/proprietary/system/vendor/lib/hw/gralloc.omap4430.so?raw=true To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libhybris/+bug/1603520/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
