Bug 595996
Summary: | [abrt] crash in coreutils-8.4-6.fc13: __memmove_ssse3: Process /bin/readlink was killed by signal 11 (SIGSEGV) | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Liam Dunn <liam.dunn144> | ||||
Component: | coreutils | Assignee: | Ondrej Vasik <ovasik> | ||||
Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 13 | CC: | kdudka, ovasik, twaugh | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i686 | ||||||
OS: | Linux | ||||||
Whiteboard: | abrt_hash:0582aba68cf5f0234060bdaa80fee4ce55520b5a | ||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2010-08-16 13:57:55 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Liam Dunn
2010-05-26 05:32:23 UTC
Created attachment 416659 [details]
File: backtrace
Comment on attachment 416659 [details] File: backtrace >[New Thread 32382] >Core was generated by `readlink -m /home/baddog/rpmbuild/BUILDROOT/Pike-v7.8.352-1.fc13.i386/usr/pike7'. >Program terminated with signal 11, Segmentation fault. >#0 __memmove_ssse3 () at ../sysdeps/i386/i686/multiarch/memcpy-ssse3.S:160 >160 ../sysdeps/i386/i686/multiarch/memcpy-ssse3.S: No such file or directory. > in ../sysdeps/i386/i686/multiarch/memcpy-ssse3.S > >Thread 1 (Thread 32382): >#0 __memmove_ssse3 () at ../sysdeps/i386/i686/multiarch/memcpy-ssse3.S:160 >No locals >#1 0x0804a521 in canonicalize_filename_mode ( > name=0xb5fe1008 <Address 0xb5fe1008 out of bounds>, can_mode=CAN_MISSING) > at /usr/include/bits/string3.h:59 The problem is at this point. The parameter 'name' of 'canonicalize_filename_mode' is a dangling pointer. >#2 0x08049519 in main (argc=3, argv=0xbfe3d344) at readlink.c:157 > can_mode = 2 > fname = 0xbfe3f359 "/home/baddog/rpmbuild/BUILDROOT/Pike-v7.8.352-1.fc13.i386/usr/pike78" > value = <value optimized out> > optc = <value optimized out> The argument 'name' is given by directly by argv[2]. It means that the string in argv[2] is not properly allocated as it should be. I suspect an improper call of exec here. It can't be a flaw in readlink itself. Do you have that SRPM anywhere? I am not able to reproduce the crash in readlink, tried Pike-v7.6.86, but it crashed elsewhere: *** glibc detected *** /home/xdudka00/rpmbuild/BUILD/Pike-v7.6.86/build/linux-2.6.31.12-174.2.22.fc12.x86_64-x86_64/pike: double free or corruption (out): 0x00000000012011a0 *** *** glibc detected *** /home/xdudka00/rpmbuild/BUILD/Pike-v7.6.86/build/linux-2.6.31.12-174.2.22.fc12.x86_64-x86_64/pike: malloc(): smallbin double linked list corrupted: 0x0000000000daf790 *** Bugzilla is in needinfo for more than two months. It can't be analyzed further without the requested srpm, therefore closing INSUFFICIENT_DATA. Problem is likely not in readlink itself but with some improper execve() use. But feel free to reopen it if you provide some reproducer or requested srpm causing the crash. TIA. |