Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 462689

Summary: glibc double-free in systemtap test case
Product: Red Hat Enterprise Linux 5 Reporter: Frank Ch. Eigler <fche>
Component: elfutilsAssignee: Roland McGrath <roland>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.3CC: drepper, mhiramat, mjw, pmuller, riek, syeghiay
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-20 21:08:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 253156    
Attachments:
Description Flags
libdwfl fix none

Description Frank Ch. Eigler 2008-09-18 10:44:51 UTC
elfutils-0.137, as built for rhel5.3, appears to cause a glibc double-free
error on i386 on the systemtap (git) test case.  This occurs with a build
either with rhel5.3-track elfutils* rpms installed, and also with a
systemtap --with-elfutils bundled build.  The error does not appear for
elfutils 0.135 (in bundled mode).

    stap -p4 ..../testsuite/buildok/seventeen.stp

*** glibc detected *** ./stap: corrupted double-linked list: 0x0a81c8c8 ***
======= Backtrace: =========
/lib/libc.so.6[0xb9b186]
/lib/libc.so.6[0xb9cd6d]
/lib/libc.so.6[0xb9f181]
/lib/libc.so.6(realloc+0x19d)[0xba032d]
/home/fche/DEVEL/BUILD2/../INST2/lib/systemtap/libdw.so.1[0xdf9592]
/home/fche/DEVEL/BUILD2/../INST2/lib/systemtap/libdw.so.1(dwfl_addrsegment+0x231)[0xdf9bc1]
/home/fche/DEVEL/BUILD2/../INST2/lib/systemtap/libdw.so.1(dwfl_addrmodule+0x31)[0xdff561]
./stap[0x777819]
./stap(_ZN6dwflpp18loc2c_emit_addressEPvP7obstacky+0x3d)[0x777f6d]
./stap[0x78f9c9]
./stap[0x791cf0]
./stap[0x77c4b9]

Comment 1 Roland McGrath 2008-09-30 06:41:30 UTC
Created attachment 318043 [details]
libdwfl fix

I'm putting this fix upstream.  Please verify it works for you.

Comment 2 Mark Wielaard 2008-10-01 13:40:27 UTC
With that patch it doesn't crash and burn anymore, which is definitely progress.

But the systemtap test still fails:
semantic error: libdwfl failure (dwfl_addrmodule): no error: identifier '$write_fifo_fops' at /home/mark/src/systemtap/testsuite/buildok/seventeen.stp:11:19

This might be a different issue though. The test did PASS with the 0.135 elfutils and systemtap from fedora 9.

Comment 3 Mark Wielaard 2008-10-01 14:25:37 UTC
The no error in that semantic error message is somewhat weird. dwfl_addrmodule returns NULL but doesn't set dwfl_errno.

Comment 4 Mark Wielaard 2008-10-01 18:30:53 UTC
Roland pointed out that I should also apply the elfutils-0.137-fixes.patch from the elfutils-0.137-2.fc9 rpm. Combined these patches plus the libdwfl fix from comment #1 make that test PASS!

Comment 7 Masami Hiramatsu 2008-10-07 00:16:30 UTC
is this truly fixed on rhel5.3?

Comment 8 Petr Muller 2008-10-13 08:42:50 UTC
not yet, respin was requested, but not yet done as far as I know

Comment 9 Roland McGrath 2008-10-13 19:00:58 UTC
built a while back, but forgot erratum respin magic hooey until today

Comment 14 errata-xmlrpc 2009-01-20 21:08:12 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0214.html