forwarding PR addition; why wasn't it crossposted?

To: netbsd-bugs%NetBSD.org@localhost
Subject: forwarding PR addition; why wasn't it crossposted?
From: Reinoud Zandijk <reinoud%NetBSD.org@localhost>
Date: Wed, 9 Jan 2008 13:27:06 +0100

----- Forwarded message from Reinoud Zandijk <reinoud%NetBSD.org@localhost> 
-----

Date: Wed, 9 Jan 2008 00:41:52 +0100
From: Reinoud Zandijk <reinoud%NetBSD.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Subject: Re: pkg/33970
User-Agent: Mutt/1.4.2.3i

having tried wine myself lately, i've stumbled on the following:

All programs seem to be vectored trough /usr/pkg/bin/wine itself. This 
process tries to start the wineserver by forking. This fork() fails for the 
child due to a memory fault in __fork() or fork() itself.

If i disable this forking and thus remove this auto-running the wineserver 
feature, the program continues fine only to crash out later. A crashdump 
then shows something like :

(gdb) where
#0  0xbbbf844a in _rtld_map_object () from /usr/libexec/ld.elf_so
#1  0x7fe00024 in ?? ()
#2  0xbbbc17a0 in cp2uni () from /usr/pkg/lib/libwine.so.1
#3  0xbbbc29a0 in uni2cp_low () from /usr/pkg/lib/libwine.so.1
#4  0x3ff6f192 in ?? ()
#5  0x00000102 in ?? ()
#6  0xbb9d3600 in ?? ()
#7  0xbfbfc8c8 in ?? ()
#8  0xbbae01d3 in wine_cp_wcstombs (table=0x895590c3, flags=-326937627, 
    src=0xe824, srclen=-2124742656, 
    dst=0x55388c3 <Address 0x55388c3 out of bounds>, dstlen=1350798080, 
    defchar=0x8afffffc <Address 0x8afffffc out of bounds>, used=0xc0b60f00)
    at wctomb.c:453

and the pmap of the server process before it crashes shows:

%pmap -a 15981
Start    End         Size  Offset   rwxpc  RWX  I/W/A Dev     Inode - File
08048000-08093fff     304k 00000000 r-xp+ (rwx) 1/0/0 00:00 2689603 - 
/usr/pkg/bin/wineserver [0xd0d22ce8]
08094000-080fffff     432k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bb800000-bb80ffff      64k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bb810000-bb8fffff     960k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bb9e7000-bbab8fff     840k 00000000 r-xp+ (rwx) 1/0/0 00:00 2517121 - 
/lib/libc.so.12.155 [0xcc926bc4]
bbab9000-bbabffff      28k 000d1000 rw-p- (rwx) 1/0/0 00:00 2517121 - 
/lib/libc.so.12.155 [0xcc926bc4]
bbac0000-bbacffff      64k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bbad0000-bbad0fff       4k 00000000 r-xp+ (rwx) 1/0/0 00:00 2738438 - 
/usr/lib/libi386.so.1.0 [0xccc76bc0]
bbad1000-bbad1fff       4k 00000000 rw-p+ (rwx) 1/0/0 00:00 2738438 - 
/usr/lib/libi386.so.1.0 [0xccc76bc0]
bbad2000-bbad3fff       8k 00000000 r-xp+ (rwx) 1/0/0 00:00 2738540 - 
/usr/lib/libossaudio.so.0.0 [0xccc7ebc8]
bbad4000-bbad4fff       4k 00002000 rw-p+ (rwx) 1/0/0 00:00 2738540 - 
/usr/lib/libossaudio.so.0.0 [0xccc7ebc8]
bbad5000-bbbd4fff    1024k 00000000 r-xp+ (rwx) 1/0/0 00:00 2689605 - 
/usr/pkg/lib/libwine.so.1.0 [0xd0d229f8]
bbbd5000-bbbd6fff       8k 000ff000 rw-p- (rwx) 1/0/0 00:00 2689605 - 
/usr/pkg/lib/libwine.so.1.0 [0xd0d229f8]
bbbd7000-bbbe9fff      76k 00000000 rw-p+ (rwx) 1/0/0 00:00       0 -   [ anon ]
bbbea000-bbbf1fff      32k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bbbf2000-bbbf2fff       4k 00000000 r-xs- (r-x) 0/0/1 00:00       0 -   [ 
uvm_aobj ]
bbbf3000-bbbfdfff      44k 00000000 r-xp+ (rwx) 1/0/0 00:00 4526846 - 
/libexec/ld.elf_so [0xcb658814]
bbbfe000-bbbfefff       4k 0000a000 rw-p+ (rwx) 1/0/0 00:00 4526846 - 
/libexec/ld.elf_so [0xcb658814]
bbbff000-bbbfffff       4k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ anon ]
bbc00000-bf9fffff   63488k 00000000 ---p+ (rwx) 1/0/0 00:00       0 -   [ stack 
]
bfa00000-bfbeffff    1984k 00000000 rw-p+ (rwx) 1/0/0 00:00       0 -   [ stack 
]
bfbf0000-bfbfffff      64k 00000000 rw-p- (rwx) 1/0/0 00:00       0 -   [ stack 
]
 total               5956k

What is not so clear initially is that the start address of wineserver is 
wrong.

When compiling wineserver it executes:

cc -o wine-pthread -Wl,--export-dynamic 
-Wl,--section-start,.interp=0x7bf00400 pthread.o main.o version.o -L..
/libs/wine -lwine ../libs/port/libwine_port.a -lpthread  -g 
-Wl,--rpath,\$ORIGIN/../libs/wine

cc -o wine-pthread-installed -Wl,--export-dynamic 
-Wl,--section-start,.interp=0x7bf00400 pthread.o main.o vers
ion.o -L../libs/wine -lwine ../libs/port/libwine_port.a -lpthread  -g 
-Wl,--rpath,\$ORIGIN/`../tools/relpath /
usr/pkg/bin /usr/pkg/lib` -Wl,--enable-new-dtags

Objdumping it i get :
> objdump -f /usr/pkg/bin/wineserver

/usr/pkg/bin/wineserver:     file format elf32-i386
architecture: i386, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x08049ba0

> objdump -x /usr/pkg/bin/wineserver | grep interp
  0 .interp       00000017  08048114  08048114  00000114  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
SYMBOL TABLE:
08048114 l    d  .interp        00000000              .interp


Wich surely violates the --section-start,.interp=0x7bf00400 !!!!

My hypothesis is that this is at least part of the problem if not the main 
problem. Some parts seem to get dynamically loaded in on fork() and when 
those *are* at their correct adresses the _rtld_map_object() will fail 
miserably....

Should this PR be moved to a different category?

Reinoud

----- End forwarded message -----

Prev by Date: Re: port-pc532/11562 (Gdb corrupts stack when executing code in inferior process)
Next by Date: kern/37726: request documentation of 2147 second limit on adjtime(2)
Previous by Thread: Re: port-pc532/11562 (Gdb corrupts stack when executing code in inferior process)
Next by Thread: kern/37726: request documentation of 2147 second limit on adjtime(2)
Indexes:

Home | Main Index | Thread Index | Old Index