i386/118285: Segmetation fault in reloc_non_plt.
vasanth raonaik
vasanth.raonaik at gmail.com
Tue Nov 27 22:00:05 PST 2007
The following reply was made to PR i386/118285; it has been noted by GNATS.
From: "vasanth raonaik" <vasanth.raonaik at gmail.com>
To: remko at elvandar.org
Cc: freebsd-gnats-submit at freebsd.org
Subject: Re: i386/118285: Segmetation fault in reloc_non_plt.
Date: Wed, 28 Nov 2007 10:54:25 +0530
Hello Remko,
This issue which i am talking has been actually seen in freeBSD 6.1
release. There has been not much difference in find_symdef() code so i
assumed it is happening from 4.11. Could you take a look at the issue.
Thanks,
Vasanth
On Nov 27, 2007 8:32 PM, Remko Lodder <remko at elvandar.org> wrote:
> Hello Vasanth,
>
> You mention that this happends on 4.11, does this also happen on
> -supported- freebsd releases? If not, I'll need to close the ticket since
> we are no longer supporting the 4.x branch nor do we intend to (there are
> individuals who are looking into this, but that is outside the scope of
> the official FreeBSD team).
>
> Thanks,
> remko
>
> > Juniper Networks India Pvt Ltd
> >>Environment:
> > FreeBSD bng-build22.juniper.net 4.11-RELEASE-p13 FreeBSD 4.11-RELEASE-p13
> > #2: Thu Jul 12 19:06:47 IST 2007
> > root at bng-build22.juniper.net:/usr/src/sys/compile/bng-build22 i386
> >>Description:
> > In reloc_non_plt(), find_symdef() sometimes returns invalid value in def
> > and a null in defobjout. This causes any binary to recieve a segmentation
> > fault and
> > cores. The kernel code where segmentation happens is
> > In reloc_non_plt
> >
> > 189 case R_386_GLOB_DAT:
> > 190 {
> > 191 const Elf_Sym *def;
> > 192 const Obj_Entry *defobj;
> > 193
> > 194 def = find_symdef(ELF_R_SYM(rel->r_info), obj,
> > &defobj,
> > 195 false, cache);
> > 196 if (def == NULL)
> > 197 goto done;
> > 198
> > 199 *where = (Elf_Addr) (defobj->relocbase +
> > def->st_value);
> > [vasanth] this is the point where we access defobj (NULL) and causes
> > segmentation fault.
> > 200 }
> > 201 break;
> >
> >
> >
> > I have recieved a core for rcp because of this issue. This issue was also
> > been raised by someothers in the list.
> >
> > http://lists.freebsd.org/pipermail/freebsd-current/2004-February/021698.html
> >
> > The following kernel messages were thrown when problem happened
> >
> > Nov 12 21:16:50 marx1 login: LOGIN_INFORMATION: User regress logged in
> > from
> > host 192.168.64.68 on device ttyp0 Nov 12 21:16:50 marx1 su: regress to
> > root on
> > /dev/ttyp0 Nov 12 21:16:51 marx1 /kernel: BAD_PAGE_FAULT: pid 3484 (df),
> > uid 0:
> > pc 0x88100ea0 got a read fault at 0xc75aa65, x86 fault flags = 0x4 Nov 12
> > 21:16:51 marx1 /kernel: Trapframe Register Dump:
> > Nov 12 21:16:51 marx1 /kernel: eax: 88143000 ecx: 0c75aa65 edx:
> > 00000005 ebx:
> > 8810f574
> > Nov 12 21:16:51 marx1 /kernel: esp: bfbfe930 ebp: bfbfe958 esi:
> > 00000005 edi:
> > 0c75aa55
> > Nov 12 21:16:51 marx1 /kernel: eip: 88100ea0 eflags: 00010206
> > Nov 12 21:16:51 marx1 /kernel: cs: 001f ss: 002f ds: 002f es: 002f
> > Nov 12 21:16:51 marx1 /kernel: fs: 002f trapno: 0000000c err: 00000004
> > Nov 12 21:16:51 marx1 /kernel: Page table info for PC address 0x88100ea0:
> > PDE =
> > 0xbb94067, PTE = 28aad425 Nov 12 21:16:51 marx1 /kernel: Dumping 16 bytes
> > starting at PC address 0x88100ea0:
> > Nov 12 21:16:51 marx1 /kernel: 83 7f 10 00 75 08 83 c1 04 83 39 00 74 f8
> > ba 01
> >
> >
> >>How-To-Repeat:
> > This problem is not always reproducible.
> >>Fix:
> > Please provide the Fix for this issue.
> >
> >>Release-Note:
> >>Audit-Trail:
> >>Unformatted:
> > _______________________________________________
> > freebsd-i386 at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-i386
> > To unsubscribe, send any mail to "freebsd-i386-unsubscribe at freebsd.org"
> >
>
>
> --
> /"\ Best regards, | remko at FreeBSD.org
> \ / Remko Lodder | remko at EFnet
> X http://www.evilcoder.org/ |
> / \ ASCII Ribbon Campaign | Against HTML Mail and News
>
>
>
More information about the freebsd-i386
mailing list