port-arm/59063: userland broken since switch to jemalloc 5.3

To: port-arm-maintainer%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: port-arm/59063: userland broken since switch to jemalloc 5.3
From: martin%NetBSD.org@localhost
Date: Mon, 10 Feb 2025 14:20:00 +0000 (UTC)
>Number:         59063
>Category:       port-arm
>Synopsis:       userland broken since switch to jemalloc 5.3
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    port-arm-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Feb 10 14:20:00 +0000 2025
>Originator:     Martin Husemann
>Release:        NetBSD 10.99.12
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD unpluged.duskware.de 10.99.12 NetBSD 10.99.12 (UNPLUGED) #624: Mon Feb 3 17:11:41 CET 2025 martin%seven-days-to-the-wolves.aprisoft.de@localhost:/work/src/sys/arch/evbarm/compile/UNPLUGED evbarm
Architecture: earmv5
Machine: evbarm
>Description:

Since we switched to HAVE_JEMALLOC=530 arm userland dies due to a misaligned
stack pointer.

unpluged# chroot /root/test/ /bin/sh
Bus error (core dumped)
unpluged# cd /root/test/
unpluged# gdb bin/sh  sh.core 
GNU gdb (GDB) 15.1
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "armv7--netbsdelf-eabihf".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from bin/sh...
(No debugging symbols found in bin/sh)
[New process 23509]
Core was generated by `sh'.
Program terminated with signal SIGBUS, Bus error.
#0  0xbbef4f64 in ?? ()
(gdb) info reg
r0             0xbbcbf57c          3150706044
r1             0xbfffe3ac          3221218220
r2             0xbbefe548          3153061192
r3             0xbfffe360          3221218144
r4             0xbbee5100          3152957696
r5             0xbfffe364          3221218148
r6             0x1                 1
r7             0xbfffe3ac          3221218220
r8             0x0                 0
r9             0x1                 1
r10            0xbfffe360          3221218144
r11            0xbfffe398          3221218200
r12            0x60                96
sp             0xbfffe2ec          0xbfffe2ec
lr             0xbbef5434          3153024052
pc             0xbbef4f64          0xbbef4f64
cpsr           0xa0000010          2684354576

Note that $sp is 0xbfffe2ec which violates the ABI requirement (it needs 8-byte
alignment)

>How-To-Repeat:

See above. It *may* be related to environment content and subtle other
things. I compiled a ld.elf_so with DEBUG and RTLD_DEBUG and that one does
not die:


sp = 0xbfffe858, argc = 3, argv = 0xbfffe864 <env> relocbase 0xbbee9000
got is at 0xbbefe010, dynamic is at 0xbbefdf98
env[0] = 0xbfffed7f USER=martin
env[1] = 0xbfffed8b LOGNAME=martin
env[2] = 0xbfffed9a HOME=/root
env[3] = 0xbfffeda5 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/pkg/sbin:/usr/pkg/bin:/usr/X11R7/bin:/usr/local/sbin:/usr/local/bin
env[4] = 0xbfffee11 MAIL=/var/mail/martin
env[5] = 0xbfffee27 SHELL=/usr/pkg/bin/tcsh
env[6] = 0xbfffee3f SSH_CLIENT=192.168.111.67 65288 22
env[7] = 0xbfffee62 SSH_CONNECTION=192.168.111.67 65288 192.168.150.127 22
env[8] = 0xbfffee99 HOSTTYPE=NetBSD
env[9] = 0xbfffeea9 VENDOR=acorn
env[10] = 0xbfffeeb6 OSTYPE=NetBSD
env[11] = 0xbfffeec4 MACHTYPE=arm32
env[12] = 0xbfffeed3 SHLVL=3
env[13] = 0xbfffeedb PWD=/tmp
env[14] = 0xbfffeee4 GROUP=users
env[15] = 0xbfffeef0 HOST=unpluged.duskware.de
env[16] = 0xbfffef0a TERM=rxvt
env[17] = 0xbfffef14 BLOCKSIZE=1k
env[18] = 0xbfffef21 PGPPATH=/home/martin/pgp
env[19] = 0xbfffef3a PAGER=more
env[20] = 0xbfffef45 EDITOR=me
env[21] = 0xbfffef4f COLORFGBG=default;default;0
env[22] = 0xbfffef6b DISPLAY=big-apple.aprisoft.de:0
env[23] = 0xbfffef8b WINDOWID=50331650
env[24] = 0xbfffef9d COLORTERM=rxvt-xpm
env[25] = 0xbfffefb0 REMOTEHOST=big-apple.aprisoft.de
env[26] = 0xbfffefd1 CVS_RSH=ssh
env[27] = 0xbfffefdd SU_FROM=martin
headers: digesting PT_DYNAMIC at 0xbbefdf98
  d_tag 16 at 0xbbefdf98
  d_tag 4 at 0xbbefdfa0
  d_tag 5 at 0xbbefdfa8
  d_tag 6 at 0xbbefdfb0
  d_tag 10 at 0xbbefdfb8
  d_tag 11 at 0xbbefdfc0
  d_tag 17 at 0xbbefdfc8
  d_tag 18 at 0xbbefdfd0
  d_tag 19 at 0xbbefdfd8
  d_tag 1879048186 at 0xbbefdfe0
 added path "/usr/lib"
sp = 0xbfffe860, argc = 1, argv = 0xbfffe86c </bin/sh> relocbase 0xbbee9000
got is at 0xbbefe010, dynamic is at 0xbbefdf98
env[0] = 0xbfffed74 USER=martin
env[1] = 0xbfffed80 LOGNAME=martin
env[2] = 0xbfffed8f HOME=/root
env[3] = 0xbfffed9a PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/pkg/sbin:/usr/pkg/bin:/usr/X11R7/bin:/usr/local/sbin:/usr/local/bin
env[4] = 0xbfffee06 MAIL=/var/mail/martin
env[5] = 0xbfffee1c SHELL=/usr/pkg/bin/tcsh
env[6] = 0xbfffee34 SSH_CLIENT=192.168.111.67 65288 22
env[7] = 0xbfffee57 SSH_CONNECTION=192.168.111.67 65288 192.168.150.127 22
env[8] = 0xbfffee8e HOSTTYPE=NetBSD
env[9] = 0xbfffee9e VENDOR=acorn
env[10] = 0xbfffeeab OSTYPE=NetBSD
env[11] = 0xbfffeeb9 MACHTYPE=arm32
env[12] = 0xbfffeec8 SHLVL=3
env[13] = 0xbfffeed0 PWD=/tmp
env[14] = 0xbfffeed9 GROUP=users
env[15] = 0xbfffeee5 HOST=unpluged.duskware.de
env[16] = 0xbfffeeff TERM=rxvt
env[17] = 0xbfffef09 BLOCKSIZE=1k
env[18] = 0xbfffef16 PGPPATH=/home/martin/pgp
env[19] = 0xbfffef2f PAGER=more
env[20] = 0xbfffef3a EDITOR=me
env[21] = 0xbfffef44 COLORFGBG=default;default;0
env[22] = 0xbfffef60 DISPLAY=big-apple.aprisoft.de:0
env[23] = 0xbfffef80 WINDOWID=50331650
env[24] = 0xbfffef92 COLORTERM=rxvt-xpm
env[25] = 0xbfffefa5 REMOTEHOST=big-apple.aprisoft.de
env[26] = 0xbfffefc6 CVS_RSH=ssh
env[27] = 0xbfffefd2 SU_FROM=martin
env[28] = 0xbfffefe1 LD_DEBUG=1
headers: digesting PT_DYNAMIC at 0xbbefdf98
  d_tag 16 at 0xbbefdf98
  d_tag 4 at 0xbbefdfa0
  d_tag 5 at 0xbbefdfa8
  d_tag 6 at 0xbbefdfb0
  d_tag 10 at 0xbbefdfb8
  d_tag 11 at 0xbbefdfc0
  d_tag 17 at 0xbbefdfc8
  d_tag 18 at 0xbbefdfd0
  d_tag 19 at 0xbbefdfd8
  d_tag 1879048186 at 0xbbefdfe0
 added path "/usr/lib"
dynamic linker is initialized, mapbase=0xbbee9000, relocbase=0xbbee9000
processing main program's program header
headers: phdr 0x1034 (0x1034) phsize 224 relocbase 0x1000
headers: PT_INTERP 0x1114 phsize 19
headers: PT_LOAD 0x1000 phsize 204908
headers: PT_LOAD 0x3406c phsize 10328
headers: PT_DYNAMIC 0x34794 phsize 224
actual dynamic linker is /libexec/ld.elf_so
headers: digesting PT_DYNAMIC at 0x34794
  d_tag 1 at 0x34794
  d_tag 1 at 0x3479c
  d_tag 1 at 0x347a4
  d_tag 15 at 0x347ac
  d_tag 25 at 0x347b4
headers: DT_INIT_ARRAY at 0x3406c
  d_tag 27 at 0x347bc
headers: DT_INIT_ARRAYZ 1
  d_tag 26 at 0x347c4
headers: DT_FINI_ARRAY at 0x34070
  d_tag 28 at 0x347cc
headers: DT_FINI_ARRAYZ 1
  d_tag 4 at 0x347d4
  d_tag 5 at 0x347dc
  d_tag 6 at 0x347e4
  d_tag 10 at 0x347ec
  d_tag 11 at 0x347f4
  d_tag 21 at 0x347fc
  d_tag 3 at 0x34804
  d_tag 2 at 0x3480c
  d_tag 20 at 0x34814
  d_tag 23 at 0x3481c
  d_tag 17 at 0x34824
  d_tag 18 at 0x3482c
  d_tag 19 at 0x34834
  d_tag 1879048187 at 0x3483c
  d_tag 1879048186 at 0x34844
 added path "/lib"
loading needed objects
load by name libedit.so.3 0x0
 Searching for "libedit.so.3" (0xbbee3000)
  Trying "/lib/libedit.so.3"
/lib/libedit.so.3: PT_PHDR 0x34 phsize 192
/lib/libedit.so.3: PT_LOAD 0x0 phsize 164892
/lib/libedit.so.3: PT_LOAD 0x2941c phsize 12084
/lib/libedit.so.3: PT_DYNAMIC 0x29fc8 phsize 208
headers: digesting PT_DYNAMIC at 0xbbedcfc8
  d_tag 1 at 0xbbedcfc8
  d_tag 1 at 0xbbedcfd0
  d_tag 14 at 0xbbedcfd8
  d_tag 15 at 0xbbedcfe0
  d_tag 25 at 0xbbedcfe8
headers: DT_INIT_ARRAY at 0xbbedc41c
  d_tag 27 at 0xbbedcff0
headers: DT_INIT_ARRAYZ 1
  d_tag 26 at 0xbbedcff8
headers: DT_FINI_ARRAY at 0xbbedc420
  d_tag 28 at 0xbbedd000
headers: DT_FINI_ARRAYZ 1
  d_tag 4 at 0xbbedd008
  d_tag 5 at 0xbbedd010
  d_tag 6 at 0xbbedd018
  d_tag 10 at 0xbbedd020
  d_tag 11 at 0xbbedd028
  d_tag 3 at 0xbbedd030
  d_tag 2 at 0xbbedd038
  d_tag 20 at 0xbbedd040
  d_tag 23 at 0xbbedd048
  d_tag 17 at 0xbbedd050
  d_tag 18 at 0xbbedd058
  d_tag 19 at 0xbbedd060
  d_tag 1879048186 at 0xbbedd068
 added path "/lib"
  0xbbeb3000 .. 0xbbedffff: /lib/libedit.so.3
adding 0xbbee3400 (/lib/libedit.so.3) to _rtld_list_main
load by name libterminfo.so.2 0x0
name: libterminfo.so.2, entry->name: libedit.so.3
 Searching for "libterminfo.so.2" (0xbbee3000)
  Trying "/lib/libterminfo.so.2"
/lib/libterminfo.so.2: PT_PHDR 0x34 phsize 192
/lib/libterminfo.so.2: PT_LOAD 0x0 phsize 52812
/lib/libterminfo.so.2: PT_LOAD 0xde4c phsize 2052
/lib/libterminfo.so.2: PT_DYNAMIC 0xdee8 phsize 200
headers: digesting PT_DYNAMIC at 0xbbeb0ee8
  d_tag 1 at 0xbbeb0ee8
  d_tag 14 at 0xbbeb0ef0
  d_tag 15 at 0xbbeb0ef8
  d_tag 25 at 0xbbeb0f00
headers: DT_INIT_ARRAY at 0xbbeb0e4c
  d_tag 27 at 0xbbeb0f08
headers: DT_INIT_ARRAYZ 1
  d_tag 26 at 0xbbeb0f10
headers: DT_FINI_ARRAY at 0xbbeb0e50
  d_tag 28 at 0xbbeb0f18
headers: DT_FINI_ARRAYZ 1
  d_tag 4 at 0xbbeb0f20
  d_tag 5 at 0xbbeb0f28
  d_tag 6 at 0xbbeb0f30
  d_tag 10 at 0xbbeb0f38
  d_tag 11 at 0xbbeb0f40
  d_tag 3 at 0xbbeb0f48
  d_tag 2 at 0xbbeb0f50
  d_tag 20 at 0xbbeb0f58
  d_tag 23 at 0xbbeb0f60
  d_tag 17 at 0xbbeb0f68
  d_tag 18 at 0xbbeb0f70
  d_tag 19 at 0xbbeb0f78
  d_tag 1879048186 at 0xbbeb0f80
 added path "/lib"
  0xbbea3000 .. 0xbbeb1fff: /lib/libterminfo.so.2
adding 0xbbee3800 (/lib/libterminfo.so.2) to _rtld_list_main
load by name libc.so.12 0x0
name: libc.so.12, entry->name: libedit.so.3
name: libc.so.12, entry->name: libterminfo.so.2
 Searching for "libc.so.12" (0xbbee3000)
  Trying "/lib/libc.so.12"
/lib/libc.so.12: PT_PHDR 0x34 phsize 224
/lib/libc.so.12: PT_LOAD 0x0 phsize 1977376
/lib/libc.so.12: PT_LOAD 0x1e3c20 phsize 139560
/lib/libc.so.12: PT_DYNAMIC 0x1ea0d0 phsize 208
/lib/libc.so.12: PT_TLS 0x1e3c20 phsize 2464
/lib/libc.so.12: tls index 2 size 2464 align 8 initsize 2456
/lib/libc.so.12: tls init = 0xbbc9c000 + 1981472 = 0xbbe7fc20
headers: digesting PT_DYNAMIC at 0xbbe860d0
  d_tag 14 at 0xbbe860d0
  d_tag 15 at 0xbbe860d8
  d_tag 25 at 0xbbe860e0
headers: DT_INIT_ARRAY at 0xbbe805b8
  d_tag 27 at 0xbbe860e8
headers: DT_INIT_ARRAYZ 5
  d_tag 26 at 0xbbe860f0
headers: DT_FINI_ARRAY at 0xbbe805cc
  d_tag 28 at 0xbbe860f8
headers: DT_FINI_ARRAYZ 1
  d_tag 4 at 0xbbe86100
  d_tag 5 at 0xbbe86108
  d_tag 6 at 0xbbe86110
  d_tag 10 at 0xbbe86118
  d_tag 11 at 0xbbe86120
  d_tag 3 at 0xbbe86128
  d_tag 2 at 0xbbe86130
  d_tag 20 at 0xbbe86138
  d_tag 23 at 0xbbe86140
  d_tag 17 at 0xbbe86148
  d_tag 18 at 0xbbe86150
  d_tag 19 at 0xbbe86158
  d_tag 30 at 0xbbe86160
  d_tag 1879048187 at 0xbbe86168
  d_tag 1879048186 at 0xbbe86170
 added path "/lib"
  0xbbc9c000 .. 0xbbea1fff: /lib/libc.so.12
adding 0xbbee3c00 (/lib/libc.so.12) to _rtld_list_main
load by name libterminfo.so.2 0x0
name: libterminfo.so.2, entry->name: libedit.so.3
name: libterminfo.so.2, entry->name: libterminfo.so.2
load by name libc.so.12 0x0

name: libc.so.12, entry->name: libedit.so.3
name: libc.so.12, entry->name: libterminfo.so.2
name: libc.so.12, entry->name: libc.so.12
load by name libc.so.12 0x0
name: libc.so.12, entry->name: libedit.so.3
name: libc.so.12, entry->name: libterminfo.so.2
name: libc.so.12, entry->name: libc.so.12
checking for required versions
obj->path: /bin/sh
maxvertab: 0
obj->path: /lib/libedit.so.3
maxvertab: 0
obj->path: /lib/libterminfo.so.2
maxvertab: 0
obj->path: /lib/libc.so.12
maxvertab: 0
initializing initial Thread Local Storage offsets
/lib/libc.so.12: static tls offset 0x0 size 2464

relocating objects
doing non-PLT relocations
doing lazy PLT binding
fixing up PLTGOT
doing non-PLT relocations
doing lazy PLT binding
fixing up PLTGOT
doing non-PLT relocations
doing lazy PLT binding
fixing up PLTGOT
doing non-PLT relocations
doing lazy PLT binding
fixing up PLTGOT
doing copy relocations
initializing Thread Local Storage for main thread
_rtld_tls_static_space 2528
lwp 20132 tls tcb 0xbbee5000
/bin/sh: [lwp 20132] tls dtv 0xbbee5008 index 0 offset 0
/lib/libedit.so.3: [lwp 20132] tls dtv 0xbbee5008 index 0 offset 0
/lib/libterminfo.so.2: [lwp 20132] tls dtv 0xbbee5008 index 0 offset 0
/lib/libc.so.12: [lwp 20132] tls dtv 0xbbee5008 index 2 offset 0
calling _init functions
_rtld_call_init_functions()
_rtld_initlist_tsort
calling init_array function /lib/libc.so.12 at 0xbbe361a4 (DF_1_INITFIRST)
calling init_array function /lib/libc.so.12 at 0xbbe361fc (DF_1_INITFIRST)
calling init_array function /lib/libc.so.12 at 0xbbe362b0 (DF_1_INITFIRST)
calling init_array function /lib/libc.so.12 at 0xbbe36330 (DF_1_INITFIRST)
calling init_array function /lib/libc.so.12 at 0xbbe36468 (DF_1_INITFIRST)
calling init_array function /lib/libterminfo.so.2 at 0xbbeaa210
calling init_array function /lib/libedit.so.3 at 0xbbecff68
control at program entry point = 0x4114, obj = 0xbbee3000, exit = 0xbbef0c9c
# 


>Fix:
Prev by Date: lib/59062: jemalloc does not guarantee proper alignment
Next by Date: Re: port-mips/59064: jemalloc switch to 5.3 broke userland
Previous by Thread: lib/59062: jemalloc does not guarantee proper alignment
Next by Thread: Re: port-mips/59064: jemalloc switch to 5.3 broke userland
Indexes:
Home | Main Index | Thread Index | Old Index