Bug 76082 – glibc-2.2.4-30 crashes Jabber

Bug 76082 - glibc-2.2.4-30 crashes Jabber

Summary:	glibc-2.2.4-30 crashes Jabber

Status:	CLOSED DUPLICATE of bug 75128

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	glibc (Show other bugs)
Sub Component:
Version:	7.1
Hardware:	i686 Linux

Priority	medium Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Jakub Jelinek
QA Contact:	Brian Brock
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2002-10-16 13:40 EDT by mjstrom
Modified:	2016-11-24 09:54 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2002-10-16 13:40:44 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description mjstrom 2002-10-16 13:40:37 EDT

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826

Description of problem:
After appling the new glibc-2.2.4-30 packages to a system, components of jabber
core dump on a regular expression.   Prior to the upgrade this never happened. 
When perfoming specific operations, the process is killed with signal 11 (SEGV).
 This appears to be a conflict between GNU pth 1.4.0 and this version of glibc.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Launch Jabber with the AOL transport enabled.
2. Attempt to register the gateway with a client.
3. Jabberd process dumps core on server.
	

Additional info:

Here is a stack backtrace from one of the core dumps:

#0  0x4000d365 in fixup (l=0xfe1e0, reloc_offset=1074044772) at 
../sysdeps/i386/dl-machine.h:292
#1  0x4000d4e0 in _dl_runtime_resolve () from /lib/ld-linux.so.2
#2  0x4018b7b5 in aim_newconn (sess=0x8177b90, type=7, dest=0x401a80b7 
"login.oscar.aol.com") at conn.c:646
#3  0x4019ee51 in at_session_create (ti=0x8170d30, aim_data=0x8177770, 
jp=0x8176680) at sessions.c:854
#4  0x401992d8 in at_register (ti=0x8170d30, jp=0x8176680) at register.c:111
#5  0x40197f02 in at_parse_packet (arg=0x8176670) at parser.c:37
#6  0x08056ce7 in mtq_main (arg=0x80ce900) at mtq.c:151
#7  0x08082e43 in pth_spawn_trampoline ()
#8  0x400931b4 in __makecontext () at __makecontext:-1
#9  0x0805a36e in _pool_free (p=0x80ce848, f=0x8171060, arg=0x18) at 
pool.c:124
#10 0x400c09de in chunk_alloc (ar_ptr=0x18, nb=135729248) at malloc.c:2843
#11 0x40176e34 in __DTOR_END__ () from /lib/i686/libc.so.6

From what I have gathered, the aim_newconn function is at the point where it
calls the aim_proxyconnect function.  in that function the atons is called.  

Looking at the symbol dump for the libc that the process is using the htons
function is located at : 000fe1e0 T htons which corresponds to the first
parameter to the fixup function.

I have also seen the process crash with a (runtime) linker error that states the
"htons" function could not be located.

Comment 1 Jakub Jelinek 2002-10-18 16:47:20 EDT


*** This bug has been marked as a duplicate of 75128 ***

Note You need to log in before you can comment on or make changes to this bug.