Bug 100687

Summary: quake3 crash,Quake3 crash 0x080d7aef in strcpy (), xmms crash with x009d784c in msort_with_tmp () from /lib/libc.so.6
Product: [Retired] Red Hat Linux Beta Reporter: Knut J BJuland <knutjbj>
Component: kernelAssignee: Dave Jones <davej>
Status: CLOSED CURRENTRELEASE QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: high    
Version: beta1CC: mingo, pfrields, raghu1111
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-07-03 19:24:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
log from runnin xine with alsa none

Description Knut J BJuland 2003-07-24 12:30:51 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030703

Description of problem:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 1646)]
0x009d784c in msort_with_tmp () from /lib/libc.so.6
(gdb) 

Quake3 crash 0x080d7aef in strcpy (), which it did not do with linux-2.6.0-test1.


Version-Release number of selected component (if applicable):
glibc-2.3.2-57

How reproducible:
Always

Steps to Reproduce:
1.install alsa-driver, alsa-lib, alsa-utils, xine, xmms-alsa-plugin
2.ddd /usr/bin/xine
3.
    start quake3

Actual Results:  Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 1646)]
0x009d784c in msort_with_tmp () from /lib/libc.so.6
(gdb) 

quake crash

Expected Results:  the program should have runned, it worked with 2.6.0-test1.

quake3 should not crash

Additional info:

[knutjbj@knut knutjbj]$ quake3
Q3 1.32b linux-i386 Nov 14 2002
----- FS_Startup -----
Current search path:
normal
----------------------
Sound memory manager started
Loading vm file vm/ui.qvm.
VM file ui compiled to 594408 bytes of code
ui loaded in 1963008 bytes on the hunk
(no debugging symbols found)...(no debugging symbols found)...(no debugging
symbols found)...(no debugging symbols found)...(no debugging symbols
found)...(no debugging symbols found)...(no debugging symbols found)...(no
debugging symbols found)...(no debugging symbols found)...(no debugging symbols
found)...(no debugging symbols found)...(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x080d7aef in strcpy ()
(gdb) cont
Received signal 11, exiting...
Comment 1 Knut J BJuland 2003-07-24 12:32:34 UTC 
Created attachment 93100 [details]
log from runnin xine with alsa
Comment 2 Knut J BJuland 2003-07-25 03:36:45 UTC 
I found a work around by setting exec-shield to 0. Somehow exec-shield is
causing thesse program to crash.
Comment 3 Jakub Jelinek 2003-07-25 09:38:22 UTC 
Then it is a kernel bug. Binaries are already properly marked for exec-stack
(with PT_GNU_STACK segment header), just the kernel needs to catch up.
Comment 4 Raghu 2003-09-11 03:09:05 UTC 
It crashes in strcpy() even with exec-shield set to zero. for me:

raghu@sapphire ~]$ uname -a
Linux sapphire 2.4.21-20.1.2024.2.1.nptlsmp #1 SMP Fri Jul 11 05:55:40 EDT 2003
i686 i686 i386 GNU/Linux

[raghu@sapphire ~]$ quake3
Q3 1.32b linux-i386 Nov 14 2002
....

----- R_Init -----
...loading libGL.so.1: Initializing OpenGL display
...setting mode 3: 640 480
Using XFree86-VidModeExtension Version 2.2
XF86DGA Mouse (Version 2.0) initialized
XFree86-VidModeExtension Activated at 640x480
Using 8/8/8 Color bits, 24 depth, 0 stencil display.
Received signal 11, exiting...