From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11595 invoked by alias); 31 Jul 2010 17:27:58 -0000 Received: (qmail 11546 invoked by uid 48); 31 Jul 2010 17:27:40 -0000 Date: Sat, 31 Jul 2010 17:27:00 -0000 From: "beartham at gmail dot com" To: glibc-bugs@sources.redhat.com Message-ID: <20100731172738.11865.beartham@gmail.com> Reply-To: sourceware-bugzilla@sourceware.org Subject: [Bug libc/11865] New: SegFault in libc_print_version on program start X-Bugzilla-Reason: CC Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2010-07/txt/msg00043.txt.bz2 Below is the first half of this bug report, taken from the Kubuntu 9.10 host, an HP dv6000 laptop with an Intel 32-bit core-duo processor. The second half follows, desribing the same problem in a CentOS 5.5 VMware virtual appliance running on the same hardware. Its user is "Tosva Unitus", a pseudonym shared by users of this virtual machine. I have encountered this bug on i386 versions of Kubuntu 8.04 and CentOS 5.5 with glibc 2.5, in statically linked g77 and gfortran programs and on Kubuntu 9.10 with glibc 2.10 with dynamically linked gfortran programs. The programs themselves have not been altered in years, having successfully run many times on DOS using 32-bit Lahey Fortran, and more recently on x86 Suse 9.0 in g77 and x86 Fedora 8 in gfortran. These programs have been linked from an external library of solution algorithms. In all cases except the final (Kubuntu 9.10), these libraries were static archives, in which case libc.so.1 (the source of the segfault) was the only dynamic linkage. A symbolic link from /usr/lib/libc.so.1 to the /lib resident libc-2.5.so or libc-2.10.so was defined. The following is a the latest attempt, on the Kubuntu 9.10 host using gdb: bear@nomad:/tmp/MC7B/bear/default/woodzh$ bear@nomad:/tmp/MC7B/bear/default/woodzh$ ./woodzh Segmentation fault bear@nomad:/tmp/MC7B/bear/default/woodzh$ gdb woodzh GNU gdb (GDB) 7.0-ubuntu Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /tmp/MC7B/bear/default/woodzh/woodzh...done. (gdb) l 1 PROGRAM FC000000 2 IMPLICIT REAL*8 (A-H,O-Z) 3 COMMON /FC3000/MPAD,MAXB,IBUC(2,5000) 4 REAL*8 DBUC(5000) 5 CHARACTER*4 CBUC(2,5000) 6 EQUIVALENCE (IBUC(1,1),DBUC(1)) 7 EQUIVALENCE (CBUC(1,1),IBUC(1,1)) 8 REAL RTIMES(2),RSTART,REND 9 COMMON /FC3007/ JPAD,MVDT,NVDT,KVDT,VDT(2,3000) 10 COMMON/FC3001/NUN(23),NGRAFS,KDEBUG,INITA,INITB,INITC,INITD (gdb) l 11 CALL DTIME(RTIMES,RSTART) 12 MAXB=5000 13 MVDT=3000 14 CALL FC0001(3000,"WOODZH",1) 15 CALL WOODZH 16 CALL FC0391(-1,"CLOSE LUSCTOC") 17 CALL FC0392(-1,"CLOSE LUPRTOC") 18 CALL FCLTERM 19 CALL DTIME(RTIMES,REND) 20 PRINT 999, REND-RSTART (gdb) b 11 Breakpoint 1 at 0x804811d: file woodzh.for, line 11. (gdb) run Starting program: /tmp/MC7B/bear/default/woodzh/woodzh warning: Unable to find dynamic linker breakpoint function. GDB will be unable to debug shared library initializers and track explicitly loaded dynamic code. Program received signal SIGSEGV, Segmentation fault. 0x0060bd90 in write () from /usr/lib/libc.so.1 (gdb) bt #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) #0 0x0060bd90 in write () from /usr/lib/libc.so.1 #1 0x00563ca0 in ?? () from /usr/lib/libc.so.1 (gdb) q A debugging session is active. Inferior 1 [process 29893] will be killed. Quit anyway? (y or n) y bear@nomad:/tmp/MC7B/bear/default/woodzh$ Next, I processed this executable with Valgrind: bear@nomad:/tmp/MC7B/bear/default/woodzh$ bear@nomad:/tmp/MC7B/bear/default/woodzh$ valgrind -v ./woodzh ==29896== Memcheck, a memory error detector ==29896== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==29896== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info ==29896== Command: ./woodzh ==29896== --29896-- Valgrind options: --29896-- --suppressions=/usr/lib/valgrind/debian-libc6-dbg.supp --29896-- -v --29896-- Contents of /proc/version: --29896-- Linux version 2.6.31-19-generic (buildd@palmer) (gcc version 4.4.1 (Ubuntu 4.4.1-4ubuntu8) ) #56-Ubuntu SMP Thu Jan 28 01:26:53 UTC 2010 --29896-- Arch and hwcaps: X86, x86-sse1-sse2 --29896-- Page sizes: currently 4096, max supported 4096 --29896-- Valgrind library directory: /usr/lib/valgrind --29896-- Reading syms from /lib/libc-2.10.1.so (0x4000000) --29896-- Reading debug info from /lib/libc-2.10.1.so .. --29896-- .. CRC mismatch (computed b45cc142 wanted d58c444b) --29896-- Reading debug info from /usr/lib/debug/lib/libc-2.10.1.so .. --29896-- Reading syms from /tmp/MC7B/bear/default/woodzh/woodzh (0x8048000) --29896-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux (0x38000000) --29896-- object doesn't have a dynamic symbol table --29896-- Reading suppressions file: /usr/lib/valgrind/debian-libc6-dbg.supp --29896-- Reading suppressions file: /usr/lib/valgrind/default.supp ==29896== ==29896== Process terminating with default action of signal 11 (SIGSEGV) ==29896== General Protection Fault ==29896== at 0x40BED90: write (in /lib/libc-2.10.1.so) ==29896== by 0x4016CC6: __libc_main (version.c:73) ==29896== ==29896== HEAP SUMMARY: ==29896== in use at exit: 0 bytes in 0 blocks ==29896== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==29896== ==29896== All heap blocks were freed -- no leaks are possible ==29896== ==29896== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) ==29896== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Segmentation fault Here is another run of gdb where I printed the register contents: bear@nomad:/tmp/MC7B/bear/default/woodzh$ bear@nomad:/tmp/MC7B/bear/default/woodzh$ gdb woodzh GNU gdb (GDB) 7.0-ubuntu Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /tmp/MC7B/bear/default/woodzh/woodzh...done. (gdb) l 1 PROGRAM FC000000 2 IMPLICIT REAL*8 (A-H,O-Z) 3 COMMON /FC3000/MPAD,MAXB,IBUC(2,5000) 4 REAL*8 DBUC(5000) 5 CHARACTER*4 CBUC(2,5000) 6 EQUIVALENCE (IBUC(1,1),DBUC(1)) 7 EQUIVALENCE (CBUC(1,1),IBUC(1,1)) 8 REAL RTIMES(2),RSTART,REND 9 COMMON /FC3007/ JPAD,MVDT,NVDT,KVDT,VDT(2,3000) 10 COMMON/FC3001/NUN(23),NGRAFS,KDEBUG,INITA,INITB,INITC,INITD (gdb) l 11 CALL DTIME(RTIMES,RSTART) 12 MAXB=5000 13 MVDT=3000 14 CALL FC0001(3000,"WOODZH",1) 15 CALL WOODZH 16 CALL FC0391(-1,"CLOSE LUSCTOC") 17 CALL FC0392(-1,"CLOSE LUPRTOC") 18 CALL FCLTERM 19 CALL DTIME(RTIMES,REND) 20 PRINT 999, REND-RSTART (gdb) b 11 Breakpoint 1 at 0x804811d: file woodzh.for, line 11. (gdb) run Starting program: /tmp/MC7B/bear/default/woodzh/woodzh warning: Unable to find dynamic linker breakpoint function. GDB will be unable to debug shared library initializers and track explicitly loaded dynamic code. Program received signal SIGSEGV, Segmentation fault. 0x00c53d90 in write () from /usr/lib/libc.so.1 (gdb) i r eax 0xcbb6a0 13350560 ecx 0x0 0 edx 0x0 0 ebx 0xcd9ff4 13475828 esp 0xbffff480 0xbffff480 ebp 0xbffff49c 0xbffff49c esi 0x0 0 edi 0x0 0 eip 0xc53d90 0xc53d90 eflags 0x210286 [ PF SF IF RF ID ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x0 0 (gdb) bt #0 0x00c53d90 in write () from /usr/lib/libc.so.1 #1 0x00babca0 in ?? () from /usr/lib/libc.so.1 (gdb) q Next, to eliminate the possibility that the gfortran program itself was the cause of the error, I pared it down to a trivial program with no references to external library programs: bear@nomad:/tmp/MC7B/bear/default/woodzh$ bear@nomad:/tmp/MC7B/bear/default/woodzh$ gdb woodzh GNU gdb (GDB) 7.0-ubuntu Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /tmp/MC7B/bear/default/woodzh/woodzh...done. (gdb) l 1 PROGRAM FC000000 2 IMPLICIT REAL*8 (A-H,O-Z) 3 REAL RTIMES(2),RSTART,REND 4 RSTART=1000.0 5 REND=2000.0 6 PRINT 999, REND-RSTART 7 999 FORMAT(" ELAPSED TIME = ",F7.2," SECONDS") 8 END (gdb) b 4 Breakpoint 1 at 0x804811d: file woodzh.for, line 4. (gdb) run Starting program: /tmp/MC7B/bear/default/woodzh/woodzh warning: Unable to find dynamic linker breakpoint function. GDB will be unable to debug shared library initializers and track explicitly loaded dynamic code. Program received signal SIGSEGV, Segmentation fault. 0x007c6d90 in write () from /usr/lib/libc.so.1 (gdb) q And to make sure, I processed this executable via Valgrind: bear@nomad:/tmp/MC7B/bear/default/woodzh$ valgrind -v ./woodzh ==30229== Memcheck, a memory error detector ==30229== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==30229== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info ==30229== Command: ./woodzh ==30229== --30229-- Valgrind options: --30229-- --suppressions=/usr/lib/valgrind/debian-libc6-dbg.supp --30229-- -v --30229-- Contents of /proc/version: --30229-- Linux version 2.6.31-19-generic (buildd@palmer) (gcc version 4.4.1 (Ubuntu 4.4.1-4ubuntu8) ) #56-Ubuntu SMP Thu Jan 28 01:26:53 UTC 2010 --30229-- Arch and hwcaps: X86, x86-sse1-sse2 --30229-- Page sizes: currently 4096, max supported 4096 --30229-- Valgrind library directory: /usr/lib/valgrind --30229-- Reading syms from /lib/libc-2.10.1.so (0x4000000) --30229-- Reading debug info from /lib/libc-2.10.1.so .. --30229-- .. CRC mismatch (computed b45cc142 wanted d58c444b) --30229-- Reading debug info from /usr/lib/debug/lib/libc-2.10.1.so .. --30229-- Reading syms from /tmp/MC7B/bear/default/woodzh/woodzh (0x8048000) --30229-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux (0x38000000) --30229-- object doesn't have a dynamic symbol table --30229-- Reading suppressions file: /usr/lib/valgrind/debian-libc6-dbg.supp --30229-- Reading suppressions file: /usr/lib/valgrind/default.supp ==30229== ==30229== Process terminating with default action of signal 11 (SIGSEGV) ==30229== General Protection Fault ==30229== at 0x40BED90: write (in /lib/libc-2.10.1.so) ==30229== by 0x4016CC6: __libc_main (version.c:73) ==30229== ==30229== HEAP SUMMARY: ==30229== in use at exit: 0 bytes in 0 blocks ==30229== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==30229== ==30229== All heap blocks were freed -- no leaks are possible ==30229== ==30229== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) ==30229== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Segmentation fault Second half (CentOS 5.5): Here is a run similar to the above, except that the calls to the DTIME routine have been commented out. In this case the program was statically loaded: [tosva@centosva32 woodzh]$ ./woodzh Segmentation fault [tosva@centosva32 woodzh]$ [tosva@centosva32 woodzh]$ [tosva@centosva32 woodzh]$ [tosva@centosva32 woodzh]$ [tosva@centosva32 woodzh]$ gdb woodzh GNU gdb (GDB) Red Hat Enterprise Linux (7.0.1-23.el5_5.1) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /tmp/MC7B/tosva/default/woodzh/woodzh...done. (gdb) b 11 Breakpoint 1 at 0x804a352: file woodzh.for, line 11. (gdb) l 1 PROGRAM FC000000 2 IMPLICIT REAL*8 (A-H,O-Z) 3 COMMON /FC3000/MPAD,MAXB,IBUC(2,5000) 4 REAL*8 DBUC(5000) 5 CHARACTER*4 CBUC(2,5000) 6 EQUIVALENCE (IBUC(1,1),DBUC(1)) 7 EQUIVALENCE (CBUC(1,1),IBUC(1,1)) 8 REAL RTIMES(2),RSTART,REND 9 COMMON /FC3007/ JPAD,MVDT,NVDT,KVDT,VDT(2,3000) 10 COMMON/FC3001/NUN(22),NGRAFS,KDEBUG,INITA,INITB,INITC,INITD (gdb) l 11 C CALL DTIME(RTIMES,RSTART) 12 MAXB=5000 13 MVDT=3000 14 CALL FC0001(3000,"WOODZH",1) 15 CALL WOODZH 16 CALL FC0391(-1,"CLOSE LUSCTOC") 17 CALL FC0392(-1,"CLOSE LUPRTOC") 18 CALL FCLTERM 19 C CALL DTIME(RTIMES,REND) 20 C PRINT 999, REND-RSTART (gdb) run Starting program: /tmp/MC7B/tosva/default/woodzh/woodzh warning: Unable to find dynamic linker breakpoint function. GDB will be unable to debug shared library initializers and track explicitly loaded dynamic code. Program received signal SIGSEGV, Segmentation fault. 0x001c3a20 in write () from /usr/lib/libc.so.1 (gdb) bt #0 0x001c3a20 in write () from /usr/lib/libc.so.1 #1 0x00116fd0 in __libc_print_version () from /usr/lib/libc.so.1 #2 0x00116ff7 in __libc_main () from /usr/lib/libc.so.1 #3 0x00000001 in ?? () Now here is the equivalent Valgrind run: [tosva@centosva32 woodzh]$ valgrind --verbose ./woodzh ==18869== Memcheck, a memory error detector ==18869== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==18869== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==18869== Command: ./woodzh ==18869== --18869-- Valgrind options: --18869-- --verbose --18869-- Contents of /proc/version: --18869-- Linux version 2.6.18-194.el5 (mockbuild@builder16.centos.org) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Fri Apr 2 14:58:35 EDT 2010 --18869-- Arch and hwcaps: X86, x86-sse1-sse2 --18869-- Page sizes: currently 4096, max supported 4096 --18869-- Valgrind library directory: /usr/lib/valgrind --18869-- Reading syms from /lib/libc-2.5.so (0x101000) --18869-- Reading syms from /tmp/MC7B/tosva/default/woodzh/woodzh (0x8048000) --18869-- Reading syms from /usr/lib/valgrind/memcheck-x86-linux (0x38000000) --18869-- object doesn't have a dynamic symbol table --18869-- Reading suppressions file: /usr/lib/valgrind/default.supp ==18869== ==18869== Process terminating with default action of signal 11 (SIGSEGV) ==18869== General Protection Fault ==18869== at 0x1C3A20: write (in /lib/libc-2.5.so) ==18869== by 0x116FF6: __libc_main (in /lib/libc-2.5.so) ==18869== ==18869== HEAP SUMMARY: ==18869== in use at exit: 0 bytes in 0 blocks ==18869== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==18869== ==18869== All heap blocks were freed -- no leaks are possible ==18869== ==18869== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) ==18869== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Segmentation fault If I can be of further help, please contact me. -- Joseph 'Bear' Thames MetaCalculus, LLC and Meta Science Foundation (505) 977-9024 - Cell Phone beartham@gmail.com -- Summary: SegFault in libc_print_version on program start Product: glibc Version: 2.10 Status: NEW Severity: critical Priority: P1 Component: libc AssignedTo: drepper at redhat dot com ReportedBy: beartham at gmail dot com CC: glibc-bugs at sources dot redhat dot com GCC build triplet: same GCC host triplet: x86-Intel-CentOS-5.5|Kubuntu8.04|Kubuntu9.10 GCC target triplet: same http://sourceware.org/bugzilla/show_bug.cgi?id=11865 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.