[Bug 272203] git crashes on start in rtld on AArch64
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 25 Jun 2023 09:31:59 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272203
Bug ID: 272203
Summary: git crashes on start in rtld on AArch64
Product: Ports & Packages
Version: Latest
Hardware: arm64
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: garga@FreeBSD.org
Reporter: theraven@FreeBSD.org
Assignee: garga@FreeBSD.org
Flags: maintainer-feedback?(garga@FreeBSD.org)
Using the latest package (same behaviour on the version from the stable branch)
on AArch64:
```
$ uname -a
FreeBSD freebsd 13.2-RELEASE FreeBSD 13.2-RELEASE
releng/13.2-n254617-525ecfdad597 GENERIC arm64
$ pkg info git
git-2.41.0
Name : git
Version : 2.41.0
Installed on : Sat Jun 24 12:14:59 2023 UTC
Origin : devel/git
Architecture : FreeBSD:13:aarch64
Prefix : /usr/local
Categories : devel
Licenses : GPLv2
Maintainer : garga@FreeBSD.org
WWW : https://git-scm.com/
Comment : Distributed source code management tool
Options :
CONTRIB : on
CURL : on
GITWEB : on
HTMLDOCS : off
ICONV : on
NLS : on
PCRE2 : on
PERL : on
SEND_EMAIL : on
SUBTREE : on
Shared Libs required:
libpcre2-8.so.0
libintl.so.8
libexpat.so.1
libcurl.so.4
Annotations :
FreeBSD_version: 1301000
cpe : cpe:2.3:a:git-scm:git:2.41.0:::::freebsd13:aarch64
flavor : default
repo_type : binary
repository : FreeBSD
Flat size : 33.4MiB
Description :
Git is a free and open source distributed version control system designed to
handle everything from small to very large projects with speed and efficiency.
WWW: https://git-scm.com/
$ git
Bus error (core dumped)
$ lldb git
(lldb) target create "git"
Current executable set to 'git' (aarch64).
(lldb) r
Process 6542 launched: '/usr/local/bin/git' (aarch64)
This version of LLDB has no plugin for the language "assembler". Inspection of
frame variables will be limited.
Process 6542 stopped
* thread #1, name = 'git', stop reason = signal SIGBUS: hardware error
frame #0: 0x00003dcda641e08c ld-elf.so.1`memset at memset.S:136
(lldb) bt
* thread #1, name = 'git', stop reason = signal SIGBUS: hardware error
* frame #0: 0x00003dcda641e08c ld-elf.so.1`memset at memset.S:136
frame #1: 0x00003dcda64188f8 ld-elf.so.1`map_object(fd=3,
path="/usr/local/lib/libpcre2-8.so.0", sb=0x00000000811450e0) at
map_object.c:262:3
frame #2: 0x00003dcda64133f8 ld-elf.so.1`load_object [inlined]
do_load_object(fd=3, name="libpcre2-8.so.0", path=<unavailable>,
sbp=0x00000000811450e0, flags=0) at rtld.c:2833:11
frame #3: 0x00003dcda64133a8
ld-elf.so.1`load_object(name="libpcre2-8.so.0", fd_u=<unavailable>,
refobj=<unavailable>, flags=0) at rtld.c:2805:11
frame #4: 0x00003dcda640d200 ld-elf.so.1`_rtld [inlined]
process_needed(obj=0x00000000820ac008, needed=0x00000000820a9028, flags=0) at
rtld.c:2638:23
frame #5: 0x00003dcda640d1e0 ld-elf.so.1`_rtld [inlined]
load_needed_objects(first=<unavailable>, flags=0) at rtld.c:2659:6
frame #6: 0x00003dcda640d1c0 ld-elf.so.1`_rtld(sp=<unavailable>,
exit_proc=0x0000000081146cc0, objp=<unavailable>) at rtld.c:861:9
frame #7: 0x00003dcda640b0d8 ld-elf.so.1`.rtld_start at rtld_start.S:41
(lldb) disas
ld-elf.so.1`memset:
0x3dcda641e000 <+0>: dup v0.16b, w1
0x3dcda641e004 <+4>: add x4, x0, x2
0x3dcda641e008 <+8>: cmp x2, #0x60
0x3dcda641e00c <+12>: b.hi 0x3dcda641e084 ; <+132>
0x3dcda641e010 <+16>: cmp x2, #0x10
0x3dcda641e014 <+20>: b.hs 0x3dcda641e054 ; <+84>
0x3dcda641e018 <+24>: mov x1, v0.d[0]
0x3dcda641e01c <+28>: tbz w2, #0x3, 0x3dcda641e030 ; <+48>
0x3dcda641e020 <+32>: str x1, [x0]
0x3dcda641e024 <+36>: stur x1, [x4, #-0x8]
0x3dcda641e028 <+40>: ret
0x3dcda641e02c <+44>: nop
0x3dcda641e030 <+48>: tbz w2, #0x2, 0x3dcda641e040 ; <+64>
0x3dcda641e034 <+52>: str w1, [x0]
0x3dcda641e038 <+56>: stur w1, [x4, #-0x4]
0x3dcda641e03c <+60>: ret
0x3dcda641e040 <+64>: cbz x2, 0x3dcda641e050 ; <+80>
0x3dcda641e044 <+68>: strb w1, [x0]
0x3dcda641e048 <+72>: tbz w2, #0x1, 0x3dcda641e050 ; <+80>
0x3dcda641e04c <+76>: sturh w1, [x4, #-0x2]
0x3dcda641e050 <+80>: ret
0x3dcda641e054 <+84>: str q0, [x0]
0x3dcda641e058 <+88>: tbnz w2, #0x6, 0x3dcda641e070 ; <+112>
0x3dcda641e05c <+92>: stur q0, [x4, #-0x10]
0x3dcda641e060 <+96>: tbz w2, #0x5, 0x3dcda641e06c ; <+108>
0x3dcda641e064 <+100>: str q0, [x0, #0x10]
0x3dcda641e068 <+104>: stur q0, [x4, #-0x20]
0x3dcda641e06c <+108>: ret
0x3dcda641e070 <+112>: str q0, [x0, #0x10]
0x3dcda641e074 <+116>: stp q0, q0, [x0, #0x20]
0x3dcda641e078 <+120>: stp q0, q0, [x4, #-0x20]
0x3dcda641e07c <+124>: ret
0x3dcda641e080 <+128>: nop
0x3dcda641e084 <+132>: and w1, w1, #0xff
0x3dcda641e088 <+136>: and x3, x0, #0xfffffffffffffff0
-> 0x3dcda641e08c <+140>: str q0, [x0]
0x3dcda641e090 <+144>: cmp x2, #0x100
(lldb) register read x0
x0 = 0x0000000082c1ea40
$ procstat -v 6542
PID START END PRT RES PRES REF SHD FLAG TP PATH
6542 0x200000 0x2b3000 r-- 179 840 5 1 CN--- vn
/usr/local/bin/git
6542 0x2c2000 0x53b000 r-x 633 840 5 1 CN--- vn
/usr/local/bin/git
6542 0x54a000 0x54b000 rw- 1 0 1 0 C---- vn
/usr/local/bin/git
6542 0x55a000 0x56b000 rw- 17 840 5 1 CN--- vn
/usr/local/bin/git
6542 0x56b000 0x592000 rw- 1 1 1 0 ----- df
6542 0x41148000 0x81128000 --- 0 0 0 0 ----- gd
6542 0x81128000 0x81148000 rw- 4 4 1 0 ---D- df
6542 0x820a9000 0x820ca000 rw- 7 7 1 0 ----- df
6542 0x82b48000 0x82b70000 r-- 8 8 5 1 CN--- vn
/usr/local/lib/libpcre2-8.so.0.11.2
6542 0x82b70000 0x82b7f000 --- 0 0 0 0 CN--- gd
6542 0x82b7f000 0x82bff000 r-x 0 8 5 1 CN--- vn
/usr/local/lib/libpcre2-8.so.0.11.2
6542 0x82bff000 0x82c0e000 --- 0 0 0 0 CN--- gd
6542 0x82c0e000 0x82c0f000 rw- 0 8 5 1 CN--- vn
/usr/local/lib/libpcre2-8.so.0.11.2
6542 0x82c0f000 0x82c1e000 --- 0 0 0 0 CN--- gd
6542 0x82c1e000 0x82c1f000 rw- 0 0 1 0 C---- vn
/usr/local/lib/libpcre2-8.so.0.11.2
6542 0x83aca000 0x83acb000 r-- 1 8 5 1 CN--- vn
/usr/local/lib/libpcre2-8.so.0.11.2
6542 0x3dcda63f5000 0x3dcda63fc000 r-- 7 28 109 51 CN--- vn
/libexec/ld-elf.so.1
6542 0x3dcda640b000 0x3dcda6420000 r-x 21 0 1 0 C---- vn
/libexec/ld-elf.so.1
6542 0x3dcda642f000 0x3dcda6430000 r-- 1 0 1 0 C---- vn
/libexec/ld-elf.so.1
6542 0x3dcda643f000 0x3dcda6440000 rw- 1 0 1 0 C---- vn
/libexec/ld-elf.so.1
6542 0x3dcda6440000 0x3dcda6441000 rw- 1 1 1 0 ----- df
6542 0xfffffffff000 0x1000000000000 r-x 1 1 32 0 ----- ph
```
I don't believe this is a bug in git itself, since it appears to be triggered
before any user code runs. If I'm reading the disassembly correctly, it's
slightly dubious that the str instruction appears to be using the same register
as the address the address as the value stored. This appears to be from the
Linaro string routines, which are [unchanged in
CURRENT](https://github.com/freebsd/freebsd-src/blob/main/contrib/arm-optimized-routines/string/aarch64/memset.S#L55).
I am probably missing some understanding of Arm assembly here, but it at least
looks like a store that shouldn't fault.
The memset appears to be faulting writing into a region that is mapped
read-write and the address is strongly aligned and so I'm not sure what's
causing the bus error.
This is on QEMU with Hypervisor.framework on a M2 MacBook Pro (virtualised
AArch64).
--
You are receiving this mail because:
You are the assignee for the bug.