[Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14

public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14
@ 2012-03-27 12:46 vapier at gentoo dot org
  2012-03-27 15:25 ` [Bug dynamic-link/13906] " carlos_odonell at mentor dot com
                   ` (8 more replies)
  0 siblings, 9 replies; 10+ messages in thread
From: vapier at gentoo dot org @ 2012-03-27 12:46 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

             Bug #: 13906
           Summary: crash in libdl starting in glibc-2.14
           Product: glibc
           Version: unspecified
               URL: http://sourceware.org/ml/libc-alpha/2011-06/msg00006.h
                    tml
            Status: NEW
          Keywords: glibc_2.14
          Severity: normal
          Priority: P2
         Component: dynamic-link
        AssignedTo: unassigned@sourceware.org
        ReportedBy: vapier@gentoo.org
    Classification: Unclassified


see referenced URL for thread with multiple people reporting the same issue. 
the patch also in that thread appears to address things.

the "simplest" case i had was just running the music player daemon (mpd).  it'd
crash everytime on my system.
http://www.musicpd.org/

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
@ 2012-03-27 15:25 ` carlos_odonell at mentor dot com
  2012-03-27 16:03 ` vapier at gentoo dot org
                   ` (7 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: carlos_odonell at mentor dot com @ 2012-03-27 15:25 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

Carlos O'Donell <carlos_odonell at mentor dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |carlos at systemhalted dot
                   |                            |org, carlos_odonell at
                   |                            |mentor dot com

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
  2012-03-27 15:25 ` [Bug dynamic-link/13906] " carlos_odonell at mentor dot com
@ 2012-03-27 16:03 ` vapier at gentoo dot org
  2012-03-27 18:20 ` cottrell at wfu dot edu
                   ` (6 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: vapier at gentoo dot org @ 2012-03-27 16:03 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

Mike Frysinger <vapier at gentoo dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |toolchain at gentoo dot org

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
  2012-03-27 15:25 ` [Bug dynamic-link/13906] " carlos_odonell at mentor dot com
  2012-03-27 16:03 ` vapier at gentoo dot org
@ 2012-03-27 18:20 ` cottrell at wfu dot edu
  2012-03-28 14:01 ` ppluzhnikov at google dot com
                   ` (5 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: cottrell at wfu dot edu @ 2012-03-27 18:20 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

Allin Cottrell <cottrell at wfu dot edu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |cottrell at wfu dot edu

--- Comment #1 from Allin Cottrell <cottrell at wfu dot edu> 2012-03-27 17:08:20 UTC ---
In case anyone else can't see the referenced URL properly,
here it is inline:

http://sourceware.org/ml/libc-alpha/2011-06/msg00006.html

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (2 preceding siblings ...)
  2012-03-27 18:20 ` cottrell at wfu dot edu
@ 2012-03-28 14:01 ` ppluzhnikov at google dot com
  2012-03-28 14:05 ` cottrell at wfu dot edu
                   ` (4 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: ppluzhnikov at google dot com @ 2012-03-28 14:01 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

Paul Pluzhnikov <ppluzhnikov at google dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ppluzhnikov at google dot
                   |                            |com

--- Comment #2 from Paul Pluzhnikov <ppluzhnikov at google dot com> 2012-03-28 13:50:30 UTC ---
(In reply to comment #0)
> see referenced URL for thread with multiple people reporting the same issue. 

Mike, could you run the reproducer under Valgrind?

This looks like a very likely dup of PR 13579 (which has a trivial test case).

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (3 preceding siblings ...)
  2012-03-28 14:01 ` ppluzhnikov at google dot com
@ 2012-03-28 14:05 ` cottrell at wfu dot edu
  2012-03-28 14:14 ` ppluzhnikov at google dot com
                   ` (3 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: cottrell at wfu dot edu @ 2012-03-28 14:05 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

--- Comment #3 from Allin Cottrell <cottrell at wfu dot edu> 2012-03-28 13:59:46 UTC ---
Created attachment 6306
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6306
valgrind log for aplay/libasound

Mike mentioned mpd, which I guess uses libasound. The attached log is
from aplay/libasound. I put debugging statements into libasound to
flag all of its calls to the dl* functions in libdl.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (4 preceding siblings ...)
  2012-03-28 14:05 ` cottrell at wfu dot edu
@ 2012-03-28 14:14 ` ppluzhnikov at google dot com
  2012-03-28 14:53 ` cottrell at wfu dot edu
                   ` (2 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: ppluzhnikov at google dot com @ 2012-03-28 14:14 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

Paul Pluzhnikov <ppluzhnikov at google dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |DUPLICATE

--- Comment #4 from Paul Pluzhnikov <ppluzhnikov at google dot com> 2012-03-28 14:12:39 UTC ---
(In reply to comment #3)
> valgrind log for aplay/libasound

==11258== Invalid read of size 4
==11258==    at 0x440951D: do_lookup_x (dl-lookup.c:98)
==11258==    by 0x4409E31: _dl_lookup_symbol_x (dl-lookup.c:739)
==11258==    by 0x72D297F: do_sym (dl-sym.c:178)
==11258==    by 0x72D2E16: _dl_sym (dl-sym.c:283)
==11258==    by 0xFE959EFF: ???
==11258==  Address 0x7563670 is 32 bytes inside a block of size 60 free'd
==11258==    at 0x5017D88: free (vg_replace_malloc.c:427)
==11258==    by 0x44122EF: _dl_scope_free (dl-scope.c:32)
==11258==    by 0x4414557: _dl_close (dl-close.c:779)
==11258==    by 0x5089DB1: dlclose_doit (dlclose.c:37)
==11258==    by 0x440EDFD: _dl_catch_error (dl-error.c:178)
==11258==    by 0x508A3F1: _dlerror_run (dlerror.c:164)
==11258==    by 0x5089DE7: dlclose (dlclose.c:48)
==11258==    by 0x6D8FBC8: snd_config_hooks_call (in
/usr/lib/libasound.so.2.0.0)
==11258==    by 0x6D8FD25: snd_config_hooks (in /usr/lib/libasound.so.2.0.0)
==11258==    by 0x6D90E74: snd_config_update_r (in /usr/lib/libasound.so.2.0.0)
==11258==    by 0x6D90F0D: snd_config_update (in /usr/lib/libasound.so.2.0.0)
==11258==    by 0x6DB7DA3: snd_pcm_open (in /usr/lib/libasound.so.2.0.0)

That is an exact match to PR 13579.

*** This bug has been marked as a duplicate of bug 13579 ***

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (5 preceding siblings ...)
  2012-03-28 14:14 ` ppluzhnikov at google dot com
@ 2012-03-28 14:53 ` cottrell at wfu dot edu
  2012-03-28 15:02 ` ppluzhnikov at google dot com
  2014-06-26 13:42 ` fweimer at redhat dot com
  8 siblings, 0 replies; 10+ messages in thread
From: cottrell at wfu dot edu @ 2012-03-28 14:53 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

--- Comment #5 from Allin Cottrell <cottrell at wfu dot edu> 2012-03-28 14:32:50 UTC ---
(In reply to comment #4)
> 
> That is an exact match to PR 13579.

It's certainly a very close match, but notice one thing: in
libasound all the calls to dlopen use mode 2 (RTLD_NOW), which
differs from the test case for bug 13579. I tried making a 
simple test case which emulated libasound's pattern of calls
to the dl* functions (using RTLD_NOW with dlopen) and it
ran fine with stock glibc 2.15, no crash. For what it's worth.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (6 preceding siblings ...)
  2012-03-28 14:53 ` cottrell at wfu dot edu
@ 2012-03-28 15:02 ` ppluzhnikov at google dot com
  2014-06-26 13:42 ` fweimer at redhat dot com
  8 siblings, 0 replies; 10+ messages in thread
From: ppluzhnikov at google dot com @ 2012-03-28 15:02 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=13906

--- Comment #6 from Paul Pluzhnikov <ppluzhnikov at google dot com> 2012-03-28 14:52:02 UTC ---
(In reply to comment #5)

> I tried making a 
> simple test case which emulated libasound's pattern of calls
> to the dl* functions (using RTLD_NOW with dlopen) and it
> ran fine with stock glibc 2.15, no crash.

Ran fine with no Valgrind errors?
(Not every access to dangling memory causes a crash.)

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug dynamic-link/13906] crash in libdl starting in glibc-2.14
  2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
                   ` (7 preceding siblings ...)
  2012-03-28 15:02 ` ppluzhnikov at google dot com
@ 2014-06-26 13:42 ` fweimer at redhat dot com
  8 siblings, 0 replies; 10+ messages in thread
From: fweimer at redhat dot com @ 2014-06-26 13:42 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=13906

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|http://sourceware.org/ml/li |http://sourceware.org/ml/li
                   |bc-alpha/2011-06/msg00006.h |bc-alpha/2011-06/msg00006.h
                   |tml                         |tml
                 CC|                            |fweimer at redhat dot com
              Flags|                            |security-

-- 
You are receiving this mail because:
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2014-06-26 13:42 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-03-27 12:46 [Bug dynamic-link/13906] New: crash in libdl starting in glibc-2.14 vapier at gentoo dot org
2012-03-27 15:25 ` [Bug dynamic-link/13906] " carlos_odonell at mentor dot com
2012-03-27 16:03 ` vapier at gentoo dot org
2012-03-27 18:20 ` cottrell at wfu dot edu
2012-03-28 14:01 ` ppluzhnikov at google dot com
2012-03-28 14:05 ` cottrell at wfu dot edu
2012-03-28 14:14 ` ppluzhnikov at google dot com
2012-03-28 14:53 ` cottrell at wfu dot edu
2012-03-28 15:02 ` ppluzhnikov at google dot com
2014-06-26 13:42 ` fweimer at redhat dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).