Red Hat Bugzilla – Bug 130254
glibc's traceback() fails when called from an exception handler
Last modified: 2007-11-30 17:07:03 EST
Description of problem: On ia64, traceback() works fine generally but causes recursive SEGV's when called from an exception handler. On x86 both cases work fine. The bug can be observed with a small testcase or with a trivial testcase and the /usr/bin/catchsegv script. I will attach the small testcase but include the trivial testcase inline here. [edconn@order ~/traceppen]$ cat segv.c int main() { int *ip = (int *)0; *ip = 0; return 0; } [edconn@order ~/traceppen]$ gcc -o segv segv.c -rdynamic -g -funwind- tables [edconn@order ~/traceppen]$ catchsegv ./segv *** Segmentation fault Backtrace: *** Segmentation fault . . . Version-Release number of selected component (if applicable): glibc-2.3.2-95.6 How reproducible: Every time. Steps to Reproduce: 1. gcc -o toy toy.c -rdynamic -g -funwind-tables 2. ./toy Actual results: [edconn@order ~/traceppen]$ ./toy Caught SEGV. Code is 2. Caught SEGV. Code is 1. Caught SEGV. Code is 1. Caught SEGV. Code is 1. Caught SEGV. Code is 1. Caught SEGV. Code is 1. ./toy(print_trace+0x40) [0x4000000000000f20] ./toy(segv_hand+0xa0) [0x4000000000000ec0] [0xa0000000000040c0] /lib/libgcc_s.so.1 [0x20000000002fda41] /lib/libgcc_s.so.1 [0x20000000002fdf20] /lib/libgcc_s.so.1(_Unwind_Backtrace+0x300) [0x20000000002ffc30] /lib/tls/libc.so.6.1(backtrace+0x110) [0x200000000023f700] ./toy(print_trace+0x40) [0x4000000000000f20] ./toy(segv_hand+0xa0) [0x4000000000000ec0] [0xa0000000000040c0] /lib/libgcc_s.so.1 [0x20000000002fda41] /lib/libgcc_s.so.1 [0x20000000002fdf20] . . . Expected results: edconn@chaos% ./toy Caught SEGV. Code is 1. ./toy(print_trace+0x1a) [0x80486e2] ./toy(segv_hand+0x21) [0x80486bd] ./toy [0x42028c40] ./toy(__libc_start_main+0xa4) [0x420158d4] ./toy(backtrace_symbols+0x31) [0x804860d] Additional info:
Created attachment 102843 [details] C program that fails on ia64
gcc -g -o toy toy.c -Wl,--export-dynamic; ./toy; echo $?; rpm -q gcc glibc libgcc Caught SEGV. Code is 2. ./toy(print_trace+0x40) [0x4000000000000f00] ./toy(segv_hand+0xa0) [0x4000000000000ea0] [0xa0000000000040c0] ./toy(main+0xc1) [0x4000000000001151] /lib/tls/libc.so.6.1(__libc_start_main+0x440) [0x200000000007e990] ./toy(_start+0x80) [0x4000000000000c80] 0 gcc-3.2.3-43 glibc-2.3.2-95.28 libgcc-3.2.3-43 catchsegv is still broken on IA-64, it doesn't use backtrace() internally (but it should).
catchseg should be fixed in rawhide glibc, eventually will be backported to RHEL3 glibc too.
catchsegv fixed in glibc-2.3.2-95.30.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-586.html