Bug 1 - [nptl?] unexcepted segv...
Summary: [nptl?] unexcepted segv...
Status: RESOLVED INVALID
Alias: None
Product: glibc
Classification: Unclassified
Component: nptl (show other bugs)
Version: unspecified
: P2 minor
Target Milestone: ---
Assignee: Ulrich Drepper
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-01-21 23:31 UTC by Pawe³ Sikora
Modified: 2019-04-10 12:36 UTC (History)
0 users

See Also:
Host: i686-pld-linux
Target: i686-pld-linux
Build: i686-pld-linux
Last reconfirmed:
fweimer: security-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Pawe³ Sikora 2004-01-21 23:31:49 UTC
example @ glibc-2.3.3-snap20040101
spec: http://cvs.pld-linux.org/cgi-bin/cvsweb/SPECS/glibc.spec?rev=1.434
# rpmbuild -bb -v glibc.spec --with nptl --without tls

# strace /usr/bin/uic

(...)
open("/usr/lib/libexpat.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\"\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=148164, ...}) = 0
mmap2(NULL, 151168, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4129a000
mmap2(0x412bc000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x21) =
0x412bc000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x412bf000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x412c0000
mprotect(0x40def000, 4800512, PROT_READ|PROT_WRITE) = 0
mprotect(0x40def000, 4800512, PROT_READ|PROT_EXEC) = 0
mprotect(0x40841000, 307200, PROT_READ|PROT_WRITE) = 0
mprotect(0x40841000, 307200, PROT_READ|PROT_EXEC) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0x412bfdc0, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0,
useable:1}) = 0
munmap(0x40774000, 41134)               = 0
set_tid_address(0x412bfe08)             = 28352
rt_sigaction(SIGRTMIN, {0x40ad6530, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
futex(0x40ad038c, FUTEX_WAKE, 2147483647) = 0
brk(0)                                  = 0x8091000
brk(0n("/usr/lib/libexpat.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\"\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=148164, ...}) = 0
mmap2(NULL, 151168, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4129a000
mmap2(0x412bc000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x21) =
0x412bc000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x412bf000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x412c0000
mprotect(0x40def000, 4800512, PROT_READ|PROT_WRITE) = 0
mprotect(0x40def000, 4800512, PROT_READ|PROT_EXEC) = 0
mprotect(0x40841000, 307200, PROT_READ|PROT_WRITE) = 0
mprotect(0x40841000, 307200, PROT_READ|PROT_EXEC) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0x412bfdc0, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0,
useable:1}) = 0
munmap(0x40774000, 41134)               = 0
set_tid_address(0x412bfe08)             = 28352
rt_sigaction(SIGRTMIN, {0x40ad6530, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
futex(0x40ad038c, FUTEX_WAKE, 2147483647) = 0
brk(0)                                  = 0x8091000
brk(0x80b2000)                          = 0x80b2000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++x80b2000)                          = 0x80b2000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

# gdb /usr/bin/uic

(gdb) run
Starting program: /usr/bin/uic 

Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) bt
#0  0x00000000 in ?? ()
(gdb)

any ideas? :/
Comment 1 Andreas Jaeger 2004-01-30 20:39:36 UTC
Please send a small, self-contained testprogram that shows the behaviour.

Otherwise I assume that there is no glibc bug but a bug in the program
Comment 2 Pawel Sikora 2004-06-16 12:27:23 UTC
works in lates snaps.