Bug 707035

Summary: /bin/mount: double free glibc detected
Product: [Fedora] Fedora Reporter: Nathanael Noblet <nathanael>
Component: util-linuxAssignee: Karel Zak <kzak>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 15CC: jonathan, kzak
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: util-linux-2.19.1-1.4.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-07-18 22:46:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nathanael Noblet 2011-05-23 19:39:41 UTC 
Description of problem:
When attempting to mount a tmpfs I get a backtrace

Version-Release number of selected component (if applicable):
util-linux-2.19.1-1.fc15,x86_64

How reproducible:
Always

Steps to Reproduce:
1. sudo mount -t tmpfs -o size=5G,nr_inodes=1M,mode=02775,gid=mock none /mock
2. enter root pass (though running as root will work the same)
3.
  
Actual results:
*** glibc detected *** mount: double free or corruption (fasttop): 0x00007fc2f67219f0 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x378967896a)[0x7fc2f50d196a]
mount(+0x683c)[0x7fc2f60c583c]
mount(+0x8722)[0x7fc2f60c7722]
mount(main+0x6af)[0x7fc2f60c376f]
/lib64/libc.so.6(__libc_start_main+0xed)[0x7fc2f507a43d]
mount(+0x4985)[0x7fc2f60c3985]
======= Memory map: ========
7fc2ee68c000-7fc2ee6a1000 r-xp 00000000 09:00 7077988                    /lib64/libgcc_s-4.6.0-20110509.so.1
7fc2ee6a1000-7fc2ee8a0000 ---p 00015000 09:00 7077988                    /lib64/libgcc_s-4.6.0-20110509.so.1
7fc2ee8a0000-7fc2ee8a1000 rw-p 00014000 09:00 7077988                    /lib64/libgcc_s-4.6.0-20110509.so.1
7fc2ee8a1000-7fc2ee8ad000 r-xp 00000000 09:00 7077957                    /lib64/libnss_files-2.13.90.so
7fc2ee8ad000-7fc2eeaac000 ---p 0000c000 09:00 7077957                    /lib64/libnss_files-2.13.90.so
7fc2eeaac000-7fc2eeaad000 r--p 0000b000 09:00 7077957                    /lib64/libnss_files-2.13.90.so
7fc2eeaad000-7fc2eeaae000 rw-p 0000c000 09:00 7077957                    /lib64/libnss_files-2.13.90.so
7fc2eeaae000-7fc2f4e55000 r--p 00000000 09:00 112067631                  /usr/lib/locale/locale-archive
7fc2f4e55000-7fc2f4e57000 r-xp 00000000 09:00 7077938                    /lib64/libdl-2.13.90.so
7fc2f4e57000-7fc2f5057000 ---p 00002000 09:00 7077938                    /lib64/libdl-2.13.90.so
7fc2f5057000-7fc2f5058000 r--p 00002000 09:00 7077938                    /lib64/libdl-2.13.90.so
7fc2f5058000-7fc2f5059000 rw-p 00003000 09:00 7077938                    /lib64/libdl-2.13.90.so
7fc2f5059000-7fc2f51ed000 r-xp 00000000 09:00 7077899                    /lib64/libc-2.13.90.so
7fc2f51ed000-7fc2f53ec000 ---p 00194000 09:00 7077899                    /lib64/libc-2.13.90.so
7fc2f53ec000-7fc2f53f0000 r--p 00193000 09:00 7077899                    /lib64/libc-2.13.90.so
7fc2f53f0000-7fc2f53f1000 rw-p 00197000 09:00 7077899                    /lib64/libc-2.13.90.so
7fc2f53f1000-7fc2f53f7000 rw-p 00000000 00:00 0 
7fc2f53f7000-7fc2f5433000 r-xp 00000000 09:00 7078379                    /lib64/libsepol.so.1
7fc2f5433000-7fc2f5633000 ---p 0003c000 09:00 7078379                    /lib64/libsepol.so.1
7fc2f5633000-7fc2f5634000 rw-p 0003c000 09:00 7078379                    /lib64/libsepol.so.1
7fc2f5634000-7fc2f5651000 r-xp 00000000 09:00 7077979                    /lib64/libselinux.so.1
7fc2f5651000-7fc2f5850000 ---p 0001d000 09:00 7077979                    /lib64/libselinux.so.1
7fc2f5850000-7fc2f5851000 r--p 0001c000 09:00 7077979                    /lib64/libselinux.so.1
7fc2f5851000-7fc2f5852000 rw-p 0001d000 09:00 7077979                    /lib64/libselinux.so.1
7fc2f5852000-7fc2f5853000 rw-p 00000000 00:00 0 
7fc2f5853000-7fc2f5857000 r-xp 00000000 09:00 7078004                    /lib64/libuuid.so.1.3.0
7fc2f5857000-7fc2f5a56000 ---p 00004000 09:00 7078004                    /lib64/libuuid.so.1.3.0
7fc2f5a56000-7fc2f5a57000 rw-p 00003000 09:00 7078004                    /lib64/libuuid.so.1.3.0
7fc2f5a57000-7fc2f5a76000 r-xp 00000000 09:00 7078299                    /lib64/libmount.so.1.1.0
7fc2f5a76000-7fc2f5c76000 ---p 0001f000 09:00 7078299                    /lib64/libmount.so.1.1.0
7fc2f5c76000-7fc2f5c77000 rw-p 0001f000 09:00 7078299                    /lib64/libmount.so.1.1.0
7fc2f5c77000-7fc2f5c98000 r-xp 00000000 09:00 7077928                    /lib64/libblkid.so.1.1.0
7fc2f5c98000-7fc2f5e98000 ---p 00021000 09:00 7077928                    /lib64/libblkid.so.1.1.0
7fc2f5e98000-7fc2f5e9b000 rw-p 00021000 09:00 7077928                    /lib64/libblkid.so.1.1.0
7fc2f5e9b000-7fc2f5ebc000 r-xp 00000000 09:00 7077890                    /lib64/ld-2.13.90.so
7fc2f608e000-7fc2f6093000 rw-p 00000000 00:00 0 
7fc2f60ba000-7fc2f60bc000 rw-p 00000000 00:00 0 
7fc2f60bc000-7fc2f60bd000 r--p 00021000 09:00 7077890                    /lib64/ld-2.13.90.so
7fc2f60bd000-7fc2f60be000 rw-p 00022000 09:00 7077890                    /lib64/ld-2.13.90.so
7fc2f60be000-7fc2f60bf000 rw-p 00000000 00:00 0 
7fc2f60bf000-7fc2f60d3000 r-xp 00000000 09:00 57016666                   /bin/mount
7fc2f62d2000-7fc2f62d4000 rw-p 00013000 09:00 57016666                   /bin/mount
7fc2f62d4000-7fc2f62d5000 rw-p 00000000 00:00 0 
7fc2f6720000-7fc2f6741000 rw-p 00000000 00:00 0                          [heap]
7fff489bd000-7fff489de000 rw-p 00000000 00:00 0                          [stack]
7fff489ff000-7fff48a00000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]


Expected results:
Either success or failure, but not a crash

Additional info:
Comment 1 Nathanael Noblet 2011-05-23 19:43:14 UTC 
I should note that it seems that the mount succeeds, I assumed it didn't do to the crash.
Comment 2 Karel Zak 2011-07-11 10:58:34 UTC 
I guess you have SELinux enabled...

The bug has been fixed in upstream repository by commit 400459e897045b40eb3711fa4814176f7422a76a. Fedora will be updated ASAP. Thanks.
Comment 3 Fedora Update System 2011-07-11 11:37:52 UTC 
util-linux-2.19.1-1.4.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/util-linux-2.19.1-1.4.fc15
Comment 4 Fedora Update System 2011-07-12 04:55:05 UTC 
Package util-linux-2.19.1-1.4.fc15:
* should fix your issue,
* was pushed to the Fedora 15 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing util-linux-2.19.1-1.4.fc15'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/util-linux-2.19.1-1.4.fc15
then log in and leave karma (feedback).
Comment 5 Fedora Update System 2011-07-18 22:46:13 UTC 
util-linux-2.19.1-1.4.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.