Bug 505564
| Summary: | segfault at 0 ip b7eb82ce sp bf9df4ec error 4 in libc-2.10.1.so[b7e3e000+16f000] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | udo <udovdh> |
| Component: | ntp | Assignee: | Miroslav Lichvar <mlichvar> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 11 | CC: | jakub, mlichvar, pertusus, schwab |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-07-21 16:15:19 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
udo
2009-06-12 13:20:28 UTC
And you are filing this against glibc why? Crash in strncmp is usually an application bug. You need to get a full backtrace and see what called it with the incorrect arguments. If it is not in a binary shipped with the distribution, it is up to you to debug it... Why?
I don't know.
I use a Fedora 11 toolchain.
I use Fedora 11 ntp sources with *minimal* patching and certainly not in the area involved.
ntpstat did not behave like this in F10.
bt?
strace for now:
$ strace ntpstat
execve("/usr/bin/ntpstat", ["ntpstat"], [/* 20 vars */]) = 0
brk(0) = 0xb9f06000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=36805, ...}) = 0
mmap2(NULL, 36805, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ef5000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300k\1\0004\0\0\0\364"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1816332, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ef4000
mmap2(NULL, 1530152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7d7e000
mprotect(0xb7eed000, 4096, PROT_NONE) = 0
mmap2(0xb7eee000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16f) = 0xb7eee000
mmap2(0xb7ef1000, 10536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7ef1000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7d7d000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7d7d6c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb7eee000, 8192, PROT_READ) = 0
mprotect(0xb7f1e000, 4096, PROT_READ) = 0
munmap(0xb7ef5000, 36805) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
send(3, "\26\2\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 576, 0) = 576
select(4, [3], NULL, NULL, {1, 0}) = 1 (in [3], left {0, 999985})
recv(3, "\26\202\0\1!\364\0\0\0\0\1pversion=\"ntpd 4.2.4p6"..., 576, 0) = 380
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7efd000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
and:
$ gdb ntpstat
GNU gdb (GDB) Fedora (6.8.50.20090302-23.fc11)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Missing separate debuginfos, use: debuginfo-install ntp-4.2.4p6-ldnrt3.fc11.i386
(gdb) run
Starting program: /usr/bin/ntpstat
Program received signal SIGSEGV, Segmentation fault.
0xb7ed62ce in strncmp () from /lib/libc.so.6
(gdb) bt
#0 0xb7ed62ce in strncmp () from /lib/libc.so.6
#1 0xb7ffeb60 in main () from /usr/bin/ntpstat
Move to other component if you like, but please do not close.
Thanks.
If you can reproduce with unpatched ntpstat, you should reassign to ntp, otherwise it really has nothing to do with Fedora. The backtrace above clearly shows that it was ntpstat that called strncmp with a bad argument. how can a patch that does only touch reflock nmea cause an issue in ntpstat that I start without arguments? I am the enduser, you know the route to process this issue most efficiently, I hope. # gdb ntpstat GNU gdb (GDB) Fedora (6.8.50.20090302-26.fc11) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i586-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... (gdb) run Starting program: /usr/bin/ntpstat Program received signal SIGSEGV, Segmentation fault. *__GI_strncmp (s1=0x0, s2=0xb7fff200 "NTP server", n=4) at strncmp.c:42 42 c1 = (unsigned char) *s1++; Current language: auto; currently minimal (gdb) bt #0 *__GI_strncmp (s1=0x0, s2=0xb7fff200 "NTP server", n=4) at strncmp.c:42 #1 0xb7ffeb60 in main () from /usr/bin/ntpstat (gdb) ? Similar to https://bugzilla.redhat.com/show_bug.cgi?id=509552 ? This is probably caused by an unknown clock type used in the patched refclock driver. Should be fixed in ntp-4.2.4p7-3.fc12. |