Bug#533040: Segementation fault on strace when doing a cp -a
reassign 533040 strace
thanks
On Sun, Jun 14, 2009 at 11:49:53AM +0300, Yni Mous wrote:
> Package: libc6
> Version: 2.7-18
>
> Hi,
>
> I get a segmentation fault, when trying to do strace on a cp -a
> command. For example:
>
> # strace -o cp.strace cp -a /usr/src/linux-2.6.30/Documentation .
> Segmentation fault
>
> # dmesg | tail -1
> strace[14189] general protection ip:7f0bc23b3a47 sp:7fff20eef1c0
> error:0 in libc-2.7.so[7f0bc2340000+14a000]
>
> #uname -r
> 2.6.30
>
> I did a small analysis to find the bug, but I'm not sure if it's correct:
>
> # export LD_LIBRARY_PATH=/usr/lib/debug/
> # gdb -q
> (gdb) file strace
> Reading symbols from /usr/bin/strace...(no debugging symbols found)...done.
> (gdb) directory /usr/src/debian/glibc-2.7/glibc-2.7/malloc/ # <---
> apt-get source and untar
> Source directories searched:
> /usr/src/debian/glibc-2.7/glibc-2.7/malloc:$cdir:$cwd
> (gdb) run -o 1 cp -a /usr/src/linux-2.6.30/Documentation .
> Starting program: /usr/bin/strace -o 1 cp -a
> /usr/src/linux-2.6.30/Documentation .
> (no debugging symbols found)
> (no debugging symbols found)
> (no debugging symbols found)
>
> Program received signal SIGSEGV, Segmentation fault.
> malloc_consolidate (av=0x7fa23bb309e0) at malloc.c:4834
> 4834 unlink(p, bck, fwd);
> (gdb) list
> 4829
> 4830 if (!prev_inuse(p)) {
> 4831 prevsize = p->prev_size;
> 4832 size += prevsize;
> 4833 p = chunk_at_offset(p, -((long) prevsize));
> 4834 unlink(p, bck, fwd);
> 4835 }
> 4836
> 4837 if (nextchunk != av->top) {
> 4838 nextinuse = inuse_bit_at_offset(nextchunk, nextsize);
> (gdb) print fwd
> $1 = (mchunkptr) 0x1
>
>
> Of course, it could be either cp or strace that have the bug (e.g.
> memory corruption).
If the problem only appears when using strace, it is more likely a bug
in strace. Reassigning the bug.
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
Reply to: