This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/13594] New: Crash if nscd is not running in __nscd_get_mapping


http://sourceware.org/bugzilla/show_bug.cgi?id=13594

             Bug #: 13594
           Summary: Crash if nscd is not running in __nscd_get_mapping
           Product: glibc
           Version: 2.15
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper.fsp@gmail.com
        ReportedBy: aj@suse.de
    Classification: Unclassified


I have seen some reports where glibc crashes if nscd is not running, especially
with chromium but also with ktorrent. This is not always reproduceable, so
there's some kind of race or random memory corruption.

valgrind reports:
==16750== Process terminating with default action of signal 11 (SIGSEGV)
==16750==  Access not within mapped region at address 0x17
==16750==    at 0xC63DC1E: __nscd_get_mapping (in /lib64/libc-2.15.so)
==16750==    by 0xC63DDE3: __nscd_get_map_ref (in /lib64/libc-2.15.so)
==16750==    by 0xC63B2E1: nscd_gethst_r (in /lib64/libc-2.15.so)
==16750==    by 0xC63BB96: __nscd_gethostbyname2_r (in /lib64/libc-2.15.so)
==16750==    by 0xC6213F0: gethostbyname2_r@@GLIBC_2.2.5 (in
/lib64/libc-2.15.so)
==16750==    by 0xC5F5D8F: gaih_inet (in /lib64/libc-2.15.so)
==16750==    by 0xC5F6ED2: getaddrinfo (in /lib64/libc-2.15.so)
==16750==    by 0x140E7BD: net::SystemHostResolverProc(std::string const&,
net::AddressFamily, int, net::AddressList*, int*) (in
/usr/lib64/chromium/chromium)
==16750==    by 0x1407C57: net::HostResolverImpl::Job::DoLookup(base::TimeTicks
const&, unsigned int) (in /usr/lib64/chromium/chromium)
==16750==    by 0x2B5B2FA: base::(anonymous
namespace)::WorkerThread::ThreadMain() (in /usr/lib64/chromium/chromium)
==16750==    by 0x11753C1: base::(anonymous namespace)::ThreadFunc(void*) (in
/usr/lib64/chromium/chromium)
==16750==    by 0x919FF65: start_thread (in /lib64/libpthread-2.15.so)

gdb gives a similar backtrace.

After reverting commit 3a2c02424d9824f5cdea4ebd32ff929b2b1f49c6, the problem
does not appear anymore.

I can't reproduce it yet on my system - so no further information.

Reports:
https://bugzilla.novell.com/show_bug.cgi?id=741021
https://bbs.archlinux.org/viewtopic.php?id=133021

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]