NetBSD Problem Report #56881
From www@netbsd.org Sun Jun 12 23:37:56 2022
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 1F1FA1A921F
for <gnats-bugs@gnats.NetBSD.org>; Sun, 12 Jun 2022 23:37:56 +0000 (UTC)
Message-Id: <20220612233754.B864A1A923C@mollari.NetBSD.org>
Date: Sun, 12 Jun 2022 23:37:54 +0000 (UTC)
From: tgl@sss.pgh.pa.us
Reply-To: tgl@sss.pgh.pa.us
To: gnats-bugs@NetBSD.org
Subject: hppa: backtrace_symbols() delivers bogus results for some dynloaded functions
X-Send-Pr-Version: www-1.0
>Number: 56881
>Category: port-hppa
>Synopsis: hppa: backtrace_symbols() delivers bogus results for some dynloaded functions
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: port-hppa-maintainer
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Jun 12 23:40:00 +0000 2022
>Closed-Date: Mon Aug 29 14:59:53 +0000 2022
>Last-Modified: Mon Aug 29 14:59:53 +0000 2022
>Originator: Tom Lane
>Release: HEAD/202206101540Z
>Organization:
PostgreSQL Global Development Group
>Environment:
NetBSD sss2.sss.pgh.pa.us 9.99.97 NetBSD 9.99.97 (SD0) #1: Sat Jun 11 17:32:11 EDT 2022 tgl@nuc1.sss.pgh.pa.us:/home/tgl/netbsd-H-202206101540Z/obj.hppa/sys/arch/hppa/compile/SD0 hppa
>Description:
The lib/libexecinfo/t_backtrace test case fails for me, reporting that the output of backtrace_symbols_fmt() looks like
tc-so:backtrace is:
tc-so:#0: myfunc3
tc-so:#1: myfunc2
tc-so:#2: myfunc1
tc-so:#3: myfunc1
tc-so:#4: myfunc1
tc-so:#5: myfunc1
tc-so:#6: myfunc1
tc-so:#7: myfunc1
tc-so:#8: myfunc1
tc-so:#9: myfunc1
tc-so:#10: myfunc1
tc-so:#11: myfunc1
tc-so:#12: myfunc1
tc-so:#13: myfunc1
tc-so:#14: myfunc
tc-so:#15: atfu_backtrace_fmt_basic_body
tc-so:#16: _fini
tc-so:#17: _fini
tc-so:#18: _fini
tc-so:#19: main
tc-so:#20: ___start
That is, it's reporting "_fini" instead of symbols from libatf-c.so. I poked into this and found out that backtrace_symbols depends on symtab_find(), which compares the results from dladdr() and a main-program symtab search to see which address is closer. However, dladdr() is returning a PLABEL which AFAICT could be almost anywhere in memory. In this case, the manufactured PLABEL is below the start of libatf-c.so, causing the "dd" delta computed by symtab_find to be negative, which wraps around to a large unsigned value making it look further away than the "_fini" address extracted from the main symbol table. Depending on memory layout of shared libraries, it seems likely that some cases would accidentally work; but this one reliably fails for me.
>How-To-Repeat:
$ /usr/tests/lib/libexecinfo/t_backtrace backtrace_fmt_basic
>Fix:
This seems like a real mess. The only somewhat-principled solution I can think of is for backtrace_symbols to use a variant of dladdr() that never calls _rtld_function_descriptor_alloc. That would likely be an improvement anyway, since the current arrangement can wind up manufacturing a lot of completely useless PLABELs.
>Release-Note:
>Audit-Trail:
From: "Nick Hudson" <skrll@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/56881 CVS commit: src/lib/libexecinfo
Date: Sat, 25 Jun 2022 06:51:37 +0000
Module Name: src
Committed By: skrll
Date: Sat Jun 25 06:51:37 UTC 2022
Modified Files:
src/lib/libexecinfo: Makefile backtrace.c symtab.c
Added Files:
src/lib/libexecinfo: symbol.h symbol_hppa.c
Log Message:
Decode function descriptors (aka plabels) on hppa to fix backtrace.
PR/56881: hppa: backtrace_symbols() delivers bogus results for some dynloaded functions
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/lib/libexecinfo/Makefile
cvs rdiff -u -r1.7 -r1.8 src/lib/libexecinfo/backtrace.c
cvs rdiff -u -r0 -r1.1 src/lib/libexecinfo/symbol.h \
src/lib/libexecinfo/symbol_hppa.c
cvs rdiff -u -r1.8 -r1.9 src/lib/libexecinfo/symtab.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Tom Lane <tgl@sss.pgh.pa.us>
To: "Nick Hudson" <skrll@netbsd.org>
Cc: port-hppa-maintainer@netbsd.org, gnats-bugs@netbsd.org
Subject: Re: PR/56881 CVS commit: src/lib/libexecinfo
Date: Tue, 28 Jun 2022 11:04:53 -0400
I confirm that as of HEAD/202206271040Z, the lib/libexecinfo
test cases all pass for me on HPPA. (I see you fixed t_sig_backtrace
too, which I'd not got round to investigating yet.) Thanks!
regards, tom lane
State-Changed-From-To: open->closed
State-Changed-By: skrll@NetBSD.org
State-Changed-When: Mon, 29 Aug 2022 14:59:53 +0000
State-Changed-Why:
Problem confirmed fixed.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.