I have a very strange segfault with glibc 2.3.2, code worked with earlier glibc versions. Program received signal SIGSEGV, Segmentation fault. 0x400873bd in _IO_seekoff_unlocked (fp=0x8049b68, offset=0, dir=0, mode=3) at ioseekoff.c:55 55 ioseekoff.c: No such file or directory. in ioseekoff.c (gdb) bt #0 0x400873bd in _IO_seekoff_unlocked (fp=0x8049b68, offset=0, dir=0, mode=3) at ioseekoff.c:55 #1 0x4008bf36 in *__GI_rewind (fp=0x8049b68) at rewind.c:38 #2 0x0804883a in main (argc=1, argv=0xbffff7c4) at test.c:40 I only get these segfaults in the mooix environment. Here's a test case: int main (int argc, char **argv) { FILE *f; int i; char *dir = getenv("THIS"); if (dir != NULL) chdir(getenv("THIS")); i = open("list", O_RDWR | O_NOFOLLOW); if (i < 0) { perror("open"); exit(1); } f = fdopen(i, "r+"); if (! f) { perror("fopen"); exit(1); } fprintf(stderr, "at rewind; fileno(f) = %i\n", fileno(f)); rewind(f); fprintf(stderr, "passed rewind\n"); fclose(f); f = fopen("list", "r+"); if (! f) { perror("fopen"); exit(1); } fprintf(stderr, "at rewind; fileno(f) = %i\n", fileno(f)); rewind(f); fprintf(stderr, "passed rewind\n"); fclose(f); exit(1); } It segfaults at the second rewind. If this is run in the mooix environment, a LD_PRELOADed wrapper library intercepts the open and fopen calls. In the case of fopen, it's converted into an open call. Then they are proxied them through to the mooix daemon, which does the open, and passes back a file descriptor. Then for fopen, the wrapper library fdopen's the file descriptor to get the FILE to return. I can't see any bugs in my wrapper library, and I've checked all the obvious things, I think. As far as I can tell my wrapper library is parsing "r+" correctly, is passing the right arguments to the daemon, and is getting back a valid fd, and making a valid FILE out of it. But surely something in there does something that taints the FILE so glibc cannot rewind it. If, before the second rewind, I put f = fdopen(fileno(f), "r+"), then it doesn't segfault any more. Other workarounds that work include changing the code to not rewind at all -- it can go on and write to f without any segfaults. I'm at my wits end so if anyone can see why it'd segfault where it does in the backtrace above, or knows of any recent changes in glibc or libio that might have led to the problem, I would really appreciate some help. -- see shy jo
Attachment:
pgpGBkX1aH1fs.pgp
Description: PGP signature