NetBSD Problem Report #59107
From martin@duskware.de Wed Feb 26 13:50:42 2025
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 2CB1B1A923A
for <gnats-bugs@gnats.NetBSD.org>; Wed, 26 Feb 2025 13:50:42 +0000 (UTC)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: libc/libm constructors on arm and x86 use malloc
X-Send-Pr-Version: 3.95
>Number: 59107
>Category: lib
>Synopsis: libc/libm constructors on arm and x86 use malloc
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: lib-bug-people
>State: needs-pullups
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Feb 26 13:55:00 +0000 2025
>Closed-Date:
>Last-Modified: Fri May 02 19:34:24 +0000 2025
>Originator: Martin Husemann
>Release: NetBSD 10.99.12
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD unpluged.duskware.de 10.99.12 NetBSD 10.99.12 (UNPLUGED) #627: Mon Feb 24 11:21:12 CET 2025 martin@seven-days-to-the-wolves.aprisoft.de:/work/src/sys/arch/evbarm/compile/UNPLUGED evbarm
Architecture: earmv5
Machine: evbarm
>Description:
libc on arm uses a constructor to query hardware options (like FPU present).
This is bad, as malloc() internals may not be fully initialized at this time.
#0 0xbbe30544 in __aeabi_read_tp () from /lib/libc.so.12
#1 0xbbd9295c in te_malloc_fastpath_ctx (threshold=<optimized out>,
allocated=<optimized out>, tsd=<optimized out>)
at /work/src/external/bsd/jemalloc/lib/../include/jemalloc/internal/sz.h:191
#2 imalloc_fastpath (fallback_alloc=0xbbd91e58 <malloc_default>, size=768)
at /work/src/external/bsd/jemalloc/lib/../include/jemalloc/internal/jemalloc_internal_inlines_c.h:291
#3 malloc (size=768)
at /work/src/external/bsd/jemalloc/lib/../dist/src/jemalloc.c:2773
#4 0xbbe1bc88 in ___learn_tree (name=0xbfffe4ec, name@entry=0x0,
namelen=namelen@entry=0, pnode=pnode@entry=0xbbe831e8 <sysctl_mibroot>)
at /work/src/lib/libc/gen/sysctlgetmibinfo.c:290
#5 0xbbe1c52c in sysctlgetmibinfo_unlocked (gname=<optimized out>,
gname@entry=0xbbe35d14 "machdep.fpu_present", iname=0xbfffe734,
iname@entry=0xbfffe738, namelenp=0xbfffe4ec, namelenp@entry=0xbfffe734,
cname=cname@entry=0x0, csz=0x0, csz@entry=0xbbefe5a0 <auxinfo>, rnode=0x0,
rnode@entry=0xbbd41d74 <_sysctlbyname+52>, v=16777216, v@entry=0)
at /work/src/lib/libc/gen/sysctlgetmibinfo.c:533
#6 0xbbe1c914 in _sysctlgetmibinfo (gname=0xbbe35d14 "machdep.fpu_present",
iname=iname@entry=0xbfffe738, namelenp=0xbfffe734,
namelenp@entry=0xbfffe72c, cname=cname@entry=0x0, csz=csz@entry=0x0,
rnode=rnode@entry=0x0, v=v@entry=16777216)
at /work/src/lib/libc/gen/sysctlgetmibinfo.c:398
#7 0xbbd41d74 in _sysctlbyname (gname=<optimized out>,
oldp=oldp@entry=0xbbe881b4 <_libc_arm_fpu_present>,
oldlenp=oldlenp@entry=0xbfffe78c, newp=newp@entry=0x0,
newlen=newlen@entry=0) at /work/src/lib/libc/gen/sysctlbyname.c:62
#8 0xbbe2f304 in _libc_aapcs_init ()
at /work/src/lib/libc/arch/arm/misc/arm_initfini.c:63
#9 0xbbef2d34 in _rtld_call_initfini_function (mask=<optimized out>,
func=0xbbe2f2b0 <_libc_aapcs_init>)
at /work/src/libexec/ld.elf_so/rtld.c:152
#10 _rtld_call_init_function (cur_objgen=<optimized out>,
mask=<optimized out>, obj=<optimized out>)
at /work/src/libexec/ld.elf_so/rtld.c:267
#11 _rtld_call_init_function (obj=0xbbee9c00, mask=0xbfffe818, cur_objgen=1)
at /work/src/libexec/ld.elf_so/rtld.c:241
#12 0xbbef3040 in _rtld_call_init_functions (mask=mask@entry=0xbfffe818)
at /work/src/libexec/ld.elf_so/rtld.c:325
#13 0xbbef3b48 in _rtld (sp=<optimized out>, relocbase=<optimized out>)
at /work/src/libexec/ld.elf_so/rtld.c:802
#14 0xbbeec63c in _rtld_start () from /libexec/ld.elf_so
>How-To-Repeat:
see above
>Fix:
Various workarounds are possible:
- pass info form the kernel in the ELF auxvector at exec time
like AT_HWCAP*
- provide a special (internal) variant of _sysctlbyname() that uses
pre-allocated (static) rnode storage for the resolution of the MIB
numbers
- use a special internal malloc() variant for this early call
>Release-Note:
>Audit-Trail:
From: Christos Zoulas <christos@zoulas.com>
To: gnats-bugs@netbsd.org
Cc: lib-bug-people@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org
Subject: Re: lib/59107: libc constructors on arm use malloc
Date: Wed, 26 Feb 2025 11:14:36 -0500
https://www.zoulas.com/~christos/NetBSD/arm_initfini.c
State-Changed-From-To: open->needs-pullups
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Thu, 06 Mar 2025 14:41:34 +0000
State-Changed-Why:
Module Name: src
Committed By: christos
Date: Thu Feb 27 02:05:03 UTC 2025
Modified Files:
src/lib/libc/arch/arm/misc: arm_initfini.c
Log Message:
PR/59063: Martin Husemann: Avoid using malloc through sysctlbyname by doing
the sysctl name to mib translation directly. Thanks martin@ for testing!
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/lib/libc/arch/arm/misc/arm_initfini.c
Module Name: src
Committed By: christos
Date: Thu Feb 27 10:55:27 UTC 2025
Modified Files:
src/lib/libc/arch/arm/misc: arm_initfini.c
Log Message:
use the latest version that does not abort on error.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/lib/libc/arch/arm/misc/arm_initfini.c
Module Name: src
Committed By: christos
Date: Mon Mar 3 17:00:22 UTC 2025
Modified Files:
src/lib/libc/arch/arm/misc: arm_initfini.c
Log Message:
don't abort, just fail.
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/lib/libc/arch/arm/misc/arm_initfini.c
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2025
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home