Re: [PATCH 00/41] The x86_64 port

[Sergey Bugaev]

On Wed, May 10, 2023 at 7:39 PM Samuel Thibault <samuel.thibault@gnu.org> wrote:
> Sergey Bugaev, le mer. 10 mai 2023 19:30:20 +0300, a ecrit:
> > Dynamic linking also adds its share of complexity,
>
> You can always create static builds of the various translators, by
> running e.g. make proc.static in proc/

Thank you! -- it indeed reproduces with static linking as well, and
that is *much* easier to debug.

So it seems that task_terminate was not being called explicitly;
rather this is an unhandled exception (don't know how I managed to
overlook that). And it happens when starting up, super early in the
static build:

#2  0x00000000004d5d94 in __exec_startup_get_info
(bootstrap=<optimized out>, user_entry=user_entry@entry=0x1592f48,
phdr_data=phdr_data@entry=0x1592f38,
    phdr_size=phdr_size@entry=0x1592f40,
stack_base=stack_base@entry=0x1592f28,
stack_size=stack_size@entry=0x1592f30, flags=0x1592ef0,
argv=0x1592ed8,
    argvCnt=0x1592ed0, envp=0x1592ee0, envpCnt=0x1592ed4,
dtable=0x1592ef8, dtableCnt=0x1592f00, portarray=0x1592f08,
portarrayCnt=0x1592f10, intarray=0x1592f18,
    intarrayCnt=0x1592f20) at
/home/sergey/dev/crosshurd64/src/glibc/build/hurd/RPC_exec_startup_get_info.c:222
#3  0x0000000000479044 in _hurd_startup
(argptr=argptr@entry=0x1593000, main=main@entry=0x1592fa8) at
hurdstartup.c:79
#4  0x000000000042bacd in _hurd_stack_setup () at
../sysdeps/mach/hurd/x86/init-first.c:248
#5  0x0000000000400e93 in _start () at
../sysdeps/mach/hurd/x86_64/static-start.S:25

_hurd_startup crashes on accessing 'args' it has just received from
the exec server in the __exec_startup_get_info. The data arrives
out-of-line, and... broken:

(gdb) p *OutP
$17 = {Head = {msgh_bits = 2147488256, msgh_size = 264,
{msgh_remote_port = 0, msgh_remote_port_do_not_use = 0},
{msgh_local_port = 5, msgh_protected_payload = 5},
    msgh_seqno = 2, msgh_id = 30600}, RetCodeType = {msgt_name = 2,
msgt_size = 32, msgt_number = 1, msgt_inline = 1, msgt_longform = 0,
msgt_deallocate = 0,
    msgt_unused = 0, unused_msgtl_number = 0}, RetCode = 0, RetCodePad
= "\000\000\000", user_entryType = {msgt_name = 11, msgt_size = 64,
msgt_number = 1,
    msgt_inline = 1, msgt_longform = 0, msgt_deallocate = 0,
msgt_unused = 0, unused_msgtl_number = 0}, user_entry = 4198016,
phdr_dataType = {msgt_name = 11,
    msgt_size = 64, msgt_number = 1, msgt_inline = 1, msgt_longform =
0, msgt_deallocate = 0, msgt_unused = 0, unused_msgtl_number = 0},
phdr_data = 4194368,
  phdr_sizeType = {msgt_name = 11, msgt_size = 64, msgt_number = 1,
msgt_inline = 1, msgt_longform = 0, msgt_deallocate = 0, msgt_unused =
0, unused_msgtl_number = 0},
  phdr_size = 392, stack_baseType = {msgt_name = 11, msgt_size = 64,
msgt_number = 1, msgt_inline = 1, msgt_longform = 0, msgt_deallocate =
0, msgt_unused = 0,
    unused_msgtl_number = 0}, stack_base = 5844992, stack_sizeType =
{msgt_name = 11, msgt_size = 64, msgt_number = 1, msgt_inline = 1,
msgt_longform = 0,
    msgt_deallocate = 0, msgt_unused = 0, unused_msgtl_number = 0},
stack_size = 16777216, flagsType = {msgt_name = 2, msgt_size = 32,
msgt_number = 1,
    msgt_inline = 1, msgt_longform = 0, msgt_deallocate = 0,
msgt_unused = 0, unused_msgtl_number = 0}, flags = 0, flagsPad =
"\000\000\000", argvType = {
    msgtl_header = {msgt_name = 0, msgt_size = 0, msgt_number = 0,
msgt_inline = 0, msgt_longform = 1, msgt_deallocate = 1, msgt_unused =
0, unused_msgtl_number = 0},
    msgtl_name = 8, msgtl_size = 8, msgtl_number = 27}, {
    argv = 
"\000\020\000\000\000\000\000\000\000\000\000`\000\000\000\000\b\000\b\000\025\000\000\000\000
\000\000\000\000\000\000\000\000\000`\000\000\000\000\021\000
\000\003\000\000\000\0000\000\000\000\000\000\000\000\000\000`\000\000\000\000\021\000
\000\006\000\000\000\000@\000\000\000\000\000\000\000\000\000`\000\000\000\000\002\000
\000\005\000\000\000\000P", '\000' <repeats 1949 times>, argvP =
0x1000 <error: Cannot access memory at address 0x1000>}, envpType =
{msgtl_header = {
      msgt_name = 0, msgt_size = 0, msgt_number = 0, msgt_inline = 0,
msgt_longform = 0, msgt_deallocate = 0, msgt_unused = 0,
unused_msgtl_number = 0},
    msgtl_name = 0, msgtl_size = 0, msgtl_number = 0}, {envp = '\000'
<repeats 2047 times>, envpP = 0x0}, dtableType = {msgtl_header =
{msgt_name = 0, msgt_size = 0,
      msgt_number = 0, msgt_inline = 0, msgt_longform = 0,
msgt_deallocate = 0, msgt_unused = 0, unused_msgtl_number = 0},
msgtl_name = 0, msgtl_size = 0,
    msgtl_number = 0}, {dtable = {0 <repeats 512 times>}, dtableP =
0x0}, portarrayType = {msgtl_header = {msgt_name = 0, msgt_size = 0,
msgt_number = 0,
      msgt_inline = 0, msgt_longform = 0, msgt_deallocate = 0,
msgt_unused = 0, unused_msgtl_number = 0}, msgtl_name = 0, msgtl_size
= 0, msgtl_number = 0}, {
    portarray = {0 <repeats 46 times>, 4293148, 0, 0, 0, 0, 0, 0, 0,
0, 72, 0, 0, 72, 0, 4, 0, 4, 0, 22622208, 0, 0, 0, 0, 0, 5038263, 0,
0, 0, 5038280, 0, 4608, 48,
      0, 0, 5, 0, 0, 2118, 268509186, 0, 0, 0, 268705794, 0, 5831040,
0 <repeats 421 times>}, portarrayP = 0x0}, intarrayType =
{msgtl_header = {msgt_name = 0,
      msgt_size = 0, msgt_number = 0, msgt_inline = 0, msgt_longform =
0, msgt_deallocate = 0, msgt_unused = 0, unused_msgtl_number = 0},
msgtl_name = 0,
    msgtl_size = 0, msgtl_number = 0}, {intarray = {0 <repeats 498
times>, 4293148, 0, 0, 0, 4688643, 0, 0, 0, 1, 48, 0, 0, 5828988, 0},
intarrayP = 0x0}}

argvType is { msgt_inline = 0, msgt_longform = 1, msgt_deallocate = 1
}, but argvP is just 0x1000, and it crashes on trying to access that.

Probably the kernel not copying out longform / out-of-line pointers
correctly? Or MIG generating a wrong userspace structure? cc'ing
Flavio :)

This also explains why /hurd/startup ignores --verbose: evidently it
doesn't receive its argv correctly at all (but does not crash either).

Sergey