Le 17 déc. 2017 05:18, "Andreas Beckmann" <a...@debian.org> a écrit :
Hi Aurelien, I can reproduce the problem in glxgears using nvidia driver 375.82-9~bpo9+1 and libc6 2.24-11+deb9u1 in a mostly stretch system: I ran glxgears in gdb and it died here: (gdb) bt #0 0x00007ffff6a15360 in __GI__IO_link_in (fp=fp@entry=0x5555557b2510) at genops.c:102 #1 0x00007ffff6a13fa2 in _IO_new_file_init_internal (fp=fp@entry=0x5555557b2510) at fileops.c:151 #2 0x00007ffff6a08573 in __fopen_internal (filename=0x5555557b2450 "/home/beckmann/.Xauthority", mode=0x7ffff3e04cb7 "rb", is32=1) at iofopen.c:82 #3 0x00007ffff3e04477 in XauGetBestAuthByAddr () from /usr/lib/x86_64-linux-gnu/libXau.so.6 #4 0x00007ffff4017070 in ?? () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #5 0x00007ffff40171ed in ?? () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #6 0x00007ffff4016d1b in xcb_connect_to_display_with_auth_info () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #7 0x00007ffff6f93e8a in _XConnectXCB () from /usr/lib/x86_64-linux-gnu/ libX11.so.6 #8 0x00007ffff6f84bc2 in XOpenDisplay () from /usr/lib/x86_64-linux-gnu/ libX11.so.6 #9 0x00005555555563f4 in main (argc=<optimized out>, argv=<optimized out>) at glxgears.c:762 0x00007ffff6a15360 <+512>: callq *%rax (gdb) print /x $rax $8 = 0xb08ebdf3733b6f74 (gdb) info shared >From To Syms Read Shared Object Library 0x00007ffff7dd9aa0 0x00007ffff7df5340 Yes /lib64/ld-linux-x86-64.so.2 0x00007ffff7b8dcc0 0x00007ffff7bb6100 Yes (*) /usr/lib/x86_64-linux-gnu/libGLEW.so.2.0 0x00007ffff78d96d0 0x00007ffff792bb13 Yes (*) /usr/lib/x86_64-linux-gnu/libGLU.so.1 0x00007ffff75e8f00 0x00007ffff765e291 Yes (*) /usr/lib/x86_64-linux-gnu/libGL.so.1 0x00007ffff7297680 0x00007ffff73038da Yes /lib/x86_64-linux-gnu/libm.so.6 0x00007ffff6f6fda0 0x00007ffff6ff7434 Yes (*) /usr/lib/x86_64-linux-gnu/libX11.so.6 0x00007ffff6d43700 0x00007ffff6d4d49f Yes (*) /usr/lib/x86_64-linux-gnu/libXext.so.6 0x00007ffff69c0910 0x00007ffff6aea403 Yes /lib/x86_64-linux-gnu/libc.so.6 0x00007ffff66ae090 0x00007ffff6756b69 Yes /usr/lib/x86_64-linux-gnu/libstdc++.so.6 0x00007ffff640dac0 0x00007ffff641dde5 Yes /lib/x86_64-linux-gnu/libgcc_s.so.1 0x00007ffff6208810 0x00007ffff620a5a3 Yes (*) /usr/lib/x86_64-linux-gnu/libnvidia-tls.so.375.82 0x00007ffff4734600 0x00007ffff5817c77 Yes (*) /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.375.82 0x00007ffff422fd80 0x00007ffff423094e Yes /lib/x86_64-linux-gnu/libdl.so.2 0x00007ffff4012b40 0x00007ffff40249f5 Yes (*) /usr/lib/x86_64-linux-gnu/libxcb.so.1 0x00007ffff3e04010 0x00007ffff3e04c8c Yes (*) /usr/lib/x86_64-linux-gnu/libXau.so.6 0x00007ffff3bfe340 0x00007ffff3bffc48 Yes (*) /usr/lib/x86_64-linux-gnu/libXdmcp.so.6 0x00007ffff39ea3d0 0x00007ffff39f75df Yes (*) /lib/x86_64-linux-gnu/libbsd.so.0 0x00007ffff37e10e0 0x00007ffff37e3ecf Yes /lib/x86_64-linux-gnu/librt.so.1 0x00007ffff35c7ab0 0x00007ffff35d4811 Yes /lib/x86_64-linux-gnu/ libpthread.so.0 Since I wanted to know where that invalid pointer came from, I stopped a few instructions earlier: (gdb) break *__GI__IO_link_in+480 Breakpoint 3 at 0x7ffff6a15340: file genops.c, line 102. (gdb) disassemble Dump of assembler code for function __GI__IO_link_in: 0x00007ffff6a15160 <+0>: mov (%rdi),%eax ... => 0x00007ffff6a15340 <+480>: mov 0x32a3a9(%rip),%rax # 0x7ffff6d3f6f0 <__libc_pthread_functions+368> 0x00007ffff6a15347 <+487>: mov %rsp,%rdi 0x00007ffff6a1534a <+490>: xor %edx,%edx 0x00007ffff6a1534c <+492>: ror $0x11,%rax 0x00007ffff6a15350 <+496>: xor %fs:0x30,%rax 0x00007ffff6a15359 <+505>: lea -0x580(%rip),%rsi # 0x7ffff6a14de0 <flush_cleanup> 0x00007ffff6a15360 <+512>: callq *%rax ... (gdb) print /x $rax $1 = 0xfbad248c (gdb) stepi 0x00007ffff6a15347 102 in genops.c (gdb) print /x $rax $2 = 0xd14c4c80fe79611d (gdb) print &__libc_pthread_functions.ptr__pthread_cleanup_push_defer $3 = (void (**)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0x7ffff6d3f6f0 <__libc_pthread_functions+368> (gdb) print __libc_pthread_functions.ptr__pthread_cleanup_push_defer $4 = (void (*)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0xd14c4c80fe79611d (gdb) stepi 0x00007ffff6a1534a 102 in genops.c (gdb) stepi 0x00007ffff6a1534c 102 in genops.c (gdb) print /x $rax $5 = 0xd14c4c80fe79611d (gdb) stepi 0x00007ffff6a15350 102 in genops.c (gdb) print /x $rax $6 = 0xb08ee8a626407f3c (gdb) stepi 0x00007ffff6a15359 102 in genops.c (gdb) print /x $rax $7 = 0xb08ebdf3733b6f74 (gdb) stepi 0x00007ffff6a15360 102 in genops.c (gdb) print /x $rax $8 = 0xb08ebdf3733b6f74 (gdb) stepi Program received signal SIGSEGV, Segmentation fault. 0x00007ffff6a15360 in __GI__IO_link_in (fp=fp@entry=0x5555557b2510) at genops.c:102 102 in genops.c (gdb) print &_pthread_cleanup_push_defer $9 = (void (*)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0x7ffff35d1ac0 <_pthread_cleanup_push_defer> And now let's retry that without /etc/ld.so.nohwcap (gdb) break *__GI__IO_link_in+480 Breakpoint 2 at 0x7ffff6a15340: file genops.c, line 102. (gdb) cont Continuing. Breakpoint 2, __GI__IO_link_in (fp=fp@entry=0x5555557b2510) at genops.c:102 102 genops.c: No such file or directory. (gdb) disassemble Dump of assembler code for function __GI__IO_link_in: 0x00007ffff6a15160 <+0>: mov (%rdi),%eax ... => 0x00007ffff6a15340 <+480>: mov 0x32a3a9(%rip),%rax # 0x7ffff6d3f6f0 <__libc_pthread_functions+368> 0x00007ffff6a15347 <+487>: mov %rsp,%rdi 0x00007ffff6a1534a <+490>: xor %edx,%edx 0x00007ffff6a1534c <+492>: ror $0x11,%rax 0x00007ffff6a15350 <+496>: xor %fs:0x30,%rax 0x00007ffff6a15359 <+505>: lea -0x580(%rip),%rsi # 0x7ffff6a14de0 <flush_cleanup> 0x00007ffff6a15360 <+512>: callq *%rax ... (gdb) print /x $rax $1 = 0xfbad248c (gdb) print &__libc_pthread_functions.ptr__pthread_cleanup_push_defer $2 = (void (**)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0x7ffff6d3f6f0 <__libc_pthread_functions+368> (gdb) print __libc_pthread_functions.ptr__pthread_cleanup_push_defer $3 = (void (*)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0x1bb877ddeda50cb (gdb) print &_pthread_cleanup_push_defer $4 = (void (*)(struct _pthread_cleanup_buffer *, void (*)(void *), void *)) 0x7ffff35d0ac0 <_pthread_cleanup_push_defer> (gdb) stepi 0x00007ffff6a15347 102 in genops.c (gdb) print /x $rax $5 = 0x1bb877ddeda50cb (gdb) stepi 0x00007ffff6a1534a 102 in genops.c (gdb) stepi 0x00007ffff6a1534c 102 in genops.c (gdb) print /x $rax $6 = 0x1bb877ddeda50cb (gdb) stepi 0x00007ffff6a15350 102 in genops.c (gdb) print /x $rax $7 = 0x286580ddc3beef6d (gdb) stepi 0x00007ffff6a15359 102 in genops.c (gdb) print /x $rax $8 = 0x7ffff35d0ac0 (gdb) stepi 0x00007ffff6a15360 102 in genops.c (gdb) stepi _pthread_cleanup_push_defer (buffer=0x7fffffffd720, routine=0x7ffff6a14de0 <flush_cleanup>, arg=0x0) at cleanup_defer_compat.c:28 28 cleanup_defer_compat.c: No such file or directory. (gdb) bt #0 _pthread_cleanup_push_defer (buffer=0x7fffffffd720, routine=0x7ffff6a14de0 <flush_cleanup>, arg=0x0) at cleanup_defer_compat.c:28 #1 0x00007ffff6a15362 in __GI__IO_link_in (fp=fp@entry=0x5555557b2510) at genops.c:102 #2 0x00007ffff6a13fa2 in _IO_new_file_init_internal (fp=fp@entry=0x5555557b2510) at fileops.c:151 #3 0x00007ffff6a08573 in __fopen_internal (filename=0x5555557b2450 "/home/beckmann/.Xauthority", mode=0x7ffff3e03cb7 "rb", is32=1) at iofopen.c:82 #4 0x00007ffff3e03477 in XauGetBestAuthByAddr () from /usr/lib/x86_64-linux-gnu/libXau.so.6 #5 0x00007ffff4016070 in ?? () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #6 0x00007ffff40161ed in ?? () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #7 0x00007ffff4015d1b in xcb_connect_to_display_with_auth_info () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 #8 0x00007ffff6f93e8a in _XConnectXCB () from /usr/lib/x86_64-linux-gnu/ libX11.so.6 #9 0x00007ffff6f84bc2 in XOpenDisplay () from /usr/lib/x86_64-linux-gnu/ libX11.so.6 #10 0x00005555555563f4 in main (argc=<optimized out>, argv=<optimized out>) at glxgears.c:762 (gdb) info shared >From To Syms Read Shared Object Library 0x00007ffff7dd9aa0 0x00007ffff7df5340 Yes /lib64/ld-linux-x86-64.so.2 0x00007ffff7b8dcc0 0x00007ffff7bb6100 Yes (*) /usr/lib/x86_64-linux-gnu/libGLEW.so.2.0 0x00007ffff78d96d0 0x00007ffff792bb13 Yes (*) /usr/lib/x86_64-linux-gnu/libGLU.so.1 0x00007ffff75e8f00 0x00007ffff765e291 Yes (*) /usr/lib/x86_64-linux-gnu/libGL.so.1 0x00007ffff7297680 0x00007ffff73038da Yes /lib/x86_64-linux-gnu/libm.so.6 0x00007ffff6f6fda0 0x00007ffff6ff7434 Yes (*) /usr/lib/x86_64-linux-gnu/libX11.so.6 0x00007ffff6d43700 0x00007ffff6d4d49f Yes (*) /usr/lib/x86_64-linux-gnu/libXext.so.6 0x00007ffff69c0910 0x00007ffff6aea403 Yes /lib/x86_64-linux-gnu/libc.so.6 0x00007ffff66ae090 0x00007ffff6756b69 Yes /usr/lib/x86_64-linux-gnu/libstdc++.so.6 0x00007ffff640dac0 0x00007ffff641dde5 Yes /lib/x86_64-linux-gnu/libgcc_s.so.1 0x00007ffff62079a0 0x00007ffff6209683 Yes (*) /usr/lib/x86_64-linux-gnu/tls/libnvidia-tls.so.375.82 0x00007ffff4733600 0x00007ffff5816c77 Yes (*) /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.375.82 0x00007ffff422ed80 0x00007ffff422f94e Yes /lib/x86_64-linux-gnu/libdl.so.2 0x00007ffff4011b40 0x00007ffff40239f5 Yes (*) /usr/lib/x86_64-linux-gnu/libxcb.so.1 0x00007ffff3e03010 0x00007ffff3e03c8c Yes (*) /usr/lib/x86_64-linux-gnu/libXau.so.6 0x00007ffff3bfd340 0x00007ffff3bfec48 Yes (*) /usr/lib/x86_64-linux-gnu/libXdmcp.so.6 0x00007ffff39e93d0 0x00007ffff39f65df Yes (*) /lib/x86_64-linux-gnu/libbsd.so.0 0x00007ffff37e00e0 0x00007ffff37e2ecf Yes /lib/x86_64-linux-gnu/librt.so.1 0x00007ffff35c6ab0 0x00007ffff35d3811 Yes /lib/x86_64-linux-gnu/ libpthread.so.0 So this looks like __libc_pthread_functions is not set up correctly if /etc/ld.so.nohwcap exists (and several other conditions are fulfilled, as is done with using the nvidia driver) The same actually applies for string functions in stdlib. Andreas
