Bug 2372409

Summary: scanelf crash with version pax-utils-1.3.8-2.el9 on RHEL 9.6
Product: [Fedora] Fedora EPEL Reporter: Christophe Piault <cqb>
Component: pax-utilsAssignee: Dominik 'Rathann' Mierzejewski <dominik>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: epel9CC: dominik
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: pax-utils-1.3.10-1.fc44 pax-utils-1.3.10-1.fc43 pax-utils-1.3.10-1.el10_2 pax-utils-1.3.10-1.el9 pax-utils-1.3.10-1.fc42 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2025-11-26 11:40:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Archive containing library causing scanelf crash
none
Output for successful run of the scenario with pax-utils-1.3.3-1.el8 none

Description Christophe Piault 2025-06-12 08:28:55 UTC 
Created attachment 2093741 [details]
Archive containing library causing scanelf crash

Description of problem:
We are facing a scanelf crash on RHEL 9.6 when processing library libECMAScriptKernel.so.

Version-Release number of selected component (if applicable):
pax-utils-1.3.8-2.el9 from https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-cc54cfc32f

How reproducible:
Every time it process file libECMAScriptKernel.so

Steps to Reproduce:
1. Install pax-utils-1.3.8-2.el9 produced by https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-cc54cfc32f on RHEL 9.6
2. Download attached archive libECMAScriptKernel.tgz
3. Untar + Unzip libECMAScriptKernel.tgz
4. run /bin/scanelf -B -E ET_DYN -M 64 -s %ogd% libECMAScriptKernel.so

Actual results:
Reading symbols from /usr/bin/scanelf...
Reading symbols from /usr/lib/debug/usr/bin/scanelf-1.3.8-2.el9.x86_64.debug...
[New LWP 693932]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/bin/scanelf -B -E ET_DYN -M 64 -s %ogd% libECMAScriptKernel.so'.
Program terminated with signal SIGSYS, Bad system call.
#0  0x00007fd22ef0f57e in mremap () at ../sysdeps/unix/syscall-template.S:117
117	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS,
(gdb) bt
#0  0x00007fd22ef0f57e in mremap () at ../sysdeps/unix/syscall-template.S:117
#1  0x00007fd22ee9a656 in mremap_chunk (new_size=237568, p=0x7fd22f13c000) at malloc.c:2962
#2  __GI___libc_realloc (oldmem=oldmem@entry=0x7fd22f13c010, bytes=237094) at malloc.c:3320
#3  0x00005639a8d6dc65 in xstrncat (dst=dst@entry=0x7ffedb380e00, 
    src=src@entry=0x7fd22c23b1b0 "_ZZN2v88internal29StaticCallInterfaceDescriptorINS0_26TestTurbofanTypeDescriptorEE10InitializeEPNS0_27CallInterfaceDescriptorDataEE16return_registers", curr_len=curr_len@entry=0x7ffedb380e18, n=0)
    at ../xfuncs.c:46
#4  0x00005639a8d6df6d in scanelf_match_symname (elf=elf@entry=0x5639a9bd6370, 
    found_sym=found_sym@entry=0x7ffedb380df7 "\001", ret=ret@entry=0x7ffedb380e00, 
    ret_len=ret_len@entry=0x7ffedb380e18, 
    symname=symname@entry=0x7fd22c23b1b0 "_ZZN2v88internal29StaticCallInterfaceDescriptorINS0_26TestTurbofanTypeDescriptorEE10InitializeEPNS0_27CallInterfaceDescriptorDataEE16return_registers", stt=1, stb=10, stv=0, shn=13, size=3)
    at ../scanelf.c:1292
#5  0x00005639a8d6fc4e in scanelf_file_sym (found_sym=0x7ffedb380df7 "\001", elf=0x5639a9bd6370)
    at ../scanelf.c:1346
#6  scanelf_elfobj (elf=elf@entry=0x5639a9bd6370) at ../scanelf.c:1533
#7  0x00005639a8d71754 in scanelf_elf (len=<optimized out>, fd=3, filename=0x7ffedb38389c "libECMAScriptKernel.so")
    at ../scanelf.c:1598
#8  scanelf_fileat (dir_fd=dir_fd@entry=-100, filename=filename@entry=0x7ffedb38389c "libECMAScriptKernel.so", 
    st_cache=st_cache@entry=0x7ffedb381150) at ../scanelf.c:1665
#9  0x00005639a8d72065 in scanelf_dirat (dir_fd=-100, path=0x7ffedb38389c "libECMAScriptKernel.so")
    at ../scanelf.c:1699
#10 0x00005639a8d735be in scanelf_dir (path=<optimized out>) at ../paxinc.c:245
#11 parseargs (argc=argc@entry=9, argv=argv@entry=0x7ffedb382528) at ../scanelf.c:2231
#12 0x00005639a8d689a9 in main (argc=9, argv=0x7ffedb382528) at ../scanelf.c:2319


Expected results:
pax-utils-1.3.3-1.el8 find 4 310 symbols without crashing on RHEL 9.6. See attached output.

Additional info:
Comment 1 Christophe Piault 2025-06-12 08:30:04 UTC 
Created attachment 2093742 [details]
Output for successful run of the scenario with pax-utils-1.3.3-1.el8
Comment 2 Dominik 'Rathann' Mierzejewski 2025-06-12 21:48:32 UTC 
Thanks for the report. This is reproducible on F42, too.
Comment 3 Dominik 'Rathann' Mierzejewski 2025-06-12 22:19:54 UTC 
Reported upstream.
Comment 4 Dominik 'Rathann' Mierzejewski 2025-11-19 07:52:38 UTC 
Still reproducible with 1.3.9, pinged upstream.
Comment 5 Fedora Update System 2025-11-26 10:48:58 UTC 
FEDORA-2025-75de0b6a91 (pax-utils-1.3.10-1.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-75de0b6a91
Comment 6 Fedora Update System 2025-11-26 11:13:40 UTC 
FEDORA-2025-ff37e06c9d (pax-utils-1.3.10-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-ff37e06c9d
Comment 7 Fedora Update System 2025-11-26 11:13:41 UTC 
FEDORA-EPEL-2025-0829be991f (pax-utils-1.3.10-1.el10_2) has been submitted as an update to Fedora EPEL 10.2.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-0829be991f
Comment 8 Fedora Update System 2025-11-26 11:13:41 UTC 
FEDORA-EPEL-2025-596c32e9f0 (pax-utils-1.3.10-1.el9) has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-596c32e9f0
Comment 9 Fedora Update System 2025-11-26 11:40:15 UTC 
FEDORA-2025-75de0b6a91 (pax-utils-1.3.10-1.fc44) has been pushed to the Fedora 44 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 10 Fedora Update System 2025-11-27 01:31:43 UTC 
FEDORA-EPEL-2025-596c32e9f0 has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-596c32e9f0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 11 Fedora Update System 2025-11-27 01:37:03 UTC 
FEDORA-2025-ff37e06c9d has been pushed to the Fedora 43 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-ff37e06c9d`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-ff37e06c9d

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 12 Fedora Update System 2025-11-27 01:40:34 UTC 
FEDORA-EPEL-2025-0829be991f has been pushed to the Fedora EPEL 10.2 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-0829be991f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 13 Fedora Update System 2025-11-27 01:59:17 UTC 
FEDORA-2025-d81cacd5c8 has been pushed to the Fedora 42 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-d81cacd5c8`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-d81cacd5c8

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 14 Fedora Update System 2025-12-05 02:09:28 UTC 
FEDORA-2025-ff37e06c9d (pax-utils-1.3.10-1.fc43) has been pushed to the Fedora 43 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 15 Fedora Update System 2025-12-05 02:32:53 UTC 
FEDORA-EPEL-2025-0829be991f (pax-utils-1.3.10-1.el10_2) has been pushed to the Fedora EPEL 10.2 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 16 Fedora Update System 2025-12-05 02:34:20 UTC 
FEDORA-EPEL-2025-596c32e9f0 (pax-utils-1.3.10-1.el9) has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 17 Fedora Update System 2025-12-05 02:41:11 UTC 
FEDORA-2025-d81cacd5c8 (pax-utils-1.3.10-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.