Patch glibc to fix busybox causing "segmentation fault".

I inspecting the problem, that Busybox compiled with glibc 2.9 doesn't work. Busybox causes "Segmentation fault" (SIGSEGV). Busybox's internal applet init and login also doesn't work. Busybox is no use for linux user-land booting.

I found the bug in glibc vfprintf() function. The implementation of __vfprintf_chk() function is incorrect. __vfprintf_chk() falls into infinite recuesive call. glibc 2.11.1 may have same problem, I guess.

I use the ct-ng (crosstool-ng) to build a target root environment. ct-ng can inject some local-made patches to sources.

I prepare a patch to glibc suit for the ct-ng.

The following patch fixes __vfprintf_chk() function, replace bad calling to vfprintf() with proper calling to _IO_vfprintf(). The same flow is found in __vfwprintf_chk() function, proper call to _IO_xxx() function.

diff -durN glibc-2.9.orig/debug/vfprintf_chk.c glibc-2.9/debug/vfprintf_chk.c
--- glibc-2.9.orig/debug/vfprintf_chk.c 2007-07-20 02:12:45.000000000 +0900
+++ glibc-2.9/debug/vfprintf_chk.c      2010-09-03 23:52:48.000000000 +0900
@@ -32,7 +32,7 @@
   if (flag > 0)
     fp->_flags2 |= _IO_FLAGS2_FORTIFY;

-  done = vfprintf (fp, format, ap);
+  done = _IO_vfprintf (fp, format, ap);

   if (flag > 0)
     fp->_flags2 &= ~_IO_FLAGS2_FORTIFY;

To apply downloaded patch file patches.local.tar.gz to ct-ng, expand the tar.gz file in the ct-ng working directory (represent with ${ct_working_directory}). The ct-ng working directory holds .config file.

Note: The ${ct_working_directory} is /home/furuta/work/qemu/ct on my case.

% cd ${ct_working_directory}
% tar xvf patches.local.tar.gz

Configure the ct-ng useing patch directory patches.local, run menu config.

% ct-ng menuconfig

Set parameters as followings,

Paths and misc options  --->
 Patches origin (Bundled, then local)
 (${ct_working_directory}/patches.local) Local patch directory 

Exit menuconfig with saving to .config.
Build cross tools.

% ct-ng build

To check the patch works properly, open build.log (may be zipped), search "fix-stackoverflow-vfprintf.patch" like following line, and read some lines.

[DEBUG]    Applying patch '/home/furuta/work/qemu/ct/patches.local/glibc/2.9/fix-stackoverflow-vfprintf.patch'

The other way to fix this problem, use uclib or CT_LIBC_GLIBC_EXTRA_CFLAGS="-U_FORTIFY_SOURCE" .

Related blog(in japanese).