Various apps segfault at random with glibc-2.14, including firefox-4.0.1-r1 and dig. It crashes more or less reliably with -O2 and without debug flags. With debug flags, I could not get it to crash. Reproducible: Sometimes Steps to Reproduce: Issue domain query that fails. I used `dig ohloh.net +trace` as test, but ohloh.net was timing out at testing time. Actual Results: Program received signal SIGSEGV, Segmentation fault. 0xb7fc3a17 in __libc_res_nquery () from /lib/libresolv.so.2 Expected Results: Query timeout error message emerge --info Portage 2.1.9.42 (default/linux/x86/10.0, gcc-4.4.5, libc-0-r0, 2.6.34-gentoo-r2 i686) ================================================================= System uname: Linux-2.6.34-gentoo-r2-i686-Intel-R-_Core-TM-2_Quad_CPU_Q8200_@_2.33GHz-with-gentoo-2.0.2 Timestamp of tree: Wed, 08 Jun 2011 08:00:01 +0000 app-shells/bash: 4.1_p9 dev-java/java-config: 2.1.11-r3 dev-lang/python: 2.5.4-r4, 2.6.6-r1, 2.7.1-r1, 3.1.3-r1, 3.2 dev-util/cmake: 2.8.4-r1 sys-apps/baselayout: 2.0.2 sys-apps/openrc: 0.8.2-r1 sys-apps/sandbox: 2.4 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.21.51.0.9 sys-devel/gcc: 4.3.4, 4.4.5, 4.5.1 sys-devel/gcc-config: 1.4.1-r1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.82 sys-kernel/linux-headers: 2.6.38 sys-libs/glibc: 2.14 virtual/os-headers: 0 ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="* -@EULA skype-eula dlj-1.1 PUEL AdobeFlash-10 AdobeFlash-10.1" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/openvpn/easy-rsa /var/bind /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -march=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests binpkg-logs distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="" GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="ru en" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/jbrout /usr/portage/local/layman/voyageur /usr/portage/local/layman/zugaina /usr/portage/local/layman/gentoo-quebec /usr/portage/local/layman/enlightenment /usr/portage/local/layman/emacs /usr/portage/local/layman/haxe /usr/portage/local/layman/sping /usr/portage/local/layman/sunrise /usr/portage/local/layman/scarabeus /usr/portage/local/layman/dev-zero /usr/portage/local/layman/gamerlay /usr/portage/local/layman/interactive-fiction /usr/portage/local/layman/dotnet" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl alsa bash-completion berkdb bluetooth bzip2 cairo cjk cli cracklib crypt cups curl cxx dbus dri emacs etk evdev fortran gdbm glitz gnutls gpm gtk iconv idn ipv6 jpeg jpg modules mudflap musicbrainz ncurses nptl nptlonly nsplugin opengl openmp pam pcre perl png pppd psyco pulseaudio python qt3support radeonhd readline session spell ssl svg sysfs tcpd theora unicode x86 xcb xine xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="ru en" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeon radeonhd ati fglrx" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 277027 [details] Backtrace for dig
Created attachment 277029 [details] Backtrace for firefox
Created attachment 277031 [details] Backtrace for dig with dig func names Dig is from net-dns/bind-tools-9.7.3
http://sources.redhat.com/ml/libc-alpha/2011-06/msg00015.html reverting 4769ae77fc6c8dacea6476addb015c8797848cdd from glibc git helps
*** Bug 371199 has been marked as a duplicate of this bug. ***
are you guys using the latest glibc-2.14 ? i already added a patch that should have addressed this. run `/lib/libc.so.6` and if it doesnt say Gentoo patchset 2, then re-emerge glibc and see if things still crash.
(In reply to comment #6) Yes, it seem to be latest version: #> /lib/libc.so.6 GNU C Library stable release version 2.14, by Roland McGrath et al. ... Compiled by GNU CC version 4.4.5. Compiled on a Linux 2.6.38 system on 2011-06-14. Available extensions: C stubs add-on version 2.1.2 crypt add-on version 2.1 by Michael Glad and others Gentoo patchset 2 GNU Libidn by Simon Josefsson Native POSIX Threads Library by Ulrich Drepper et al BIND-8.2.3-T5B libc ABIs: UNIQUE IFUNC
i committed an updated version here: http://sources.gentoo.org/gentoo/src/patchsets/glibc/2.14/0050_all_glibc-2.14-leak-revert-crash.patch?revision=1.2 (might take some time to sync ... the new ver should only be ~40 lines long) does that `dig` always crash for you ? seems to work for me ...
(In reply to comment #8) I've tried this patch - still segfaults for me. I hacked some simple testcase for it, which fails each time for me, attaching it below.
Created attachment 277333 [details] Simple testcase Compile flags: gcc -D_GNU_SOURCE -O2 -march=i686 -pipe -DDIG_SIGCHASE -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing -std=c99 -ggdb nsquerytest.c -o nsquerytest
Created attachment 277335 [details] Backtrace for testcase
that doesnt crash for me either, but i'm on a x86_64 system ... i'm guessing comment #4 doesnt apply to your system since that's what the patches i added did ...
Created attachment 277339 [details] Backtrace for testcase, with debug glibc I was able to get it to segfault with -ggdb glibc, so this backtrace should be more informative, I hope.
ive pushed out patchset-3. if you want to update and try that out and see if it still crashes, that'd be good.
No resolv-related crashes with patchset-3 so far, including testcase under heavy load.
Created attachment 277755 [details] __libc_res_nquery() assertion `hp != hp2' failed firefox backtrace There is not exactly same, but similar problem with resolver, possibly caused by same error, so attaching backtrace here. This backtrace is from glibc with patchset 3.
to keep things simple, we'll consider this fixed. please start a new bug for the hp/hp2 assert failure.
