GNU bug report logs -
#25004
Bug in OD utility
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 25004 in the body.
You can then email your comments to 25004 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Wed, 23 Nov 2016 16:30:03 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Marcel Böhme <boehme.marcel <at> gmail.com>
:
New bug report received and forwarded. Copy sent to
bug-coreutils <at> gnu.org
.
(Wed, 23 Nov 2016 16:30:03 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Dear all,
The following input crashes the od utility 3 out of 10 times.
Seems to depend on startup timing: Couldn’t reproduce it within GDB or Valgrind. Not sure if its a bug in GNULIB (ftoastr.c) or OD (od.c).
$ printf "abcde\x00\x00\x00a " | od -tazfL -
Segmentation fault
ASAN says:
==91757==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f757ec161c0 bp 0x7ffc048a5ff0 sp 0x7ffc048a5208 T0)
#0 0x7f757ec161bf (/lib/x86_64-linux-gnu/libc.so.6+0x4f1bf)
#1 0x7f757ec16e77 in __printf_fp (/lib/x86_64-linux-gnu/libc.so.6+0x4fe77)
#2 0x7f757ec156d2 in vfprintf (/lib/x86_64-linux-gnu/libc.so.6+0x4e6d2)
#3 0x7f757ecd0164 in __vsnprintf_chk (/lib/x86_64-linux-gnu/libc.so.6+0x109164)
#4 0x7f757ecd00c7 in __snprintf_chk (/lib/x86_64-linux-gnu/libc.so.6+0x1090c7)
#5 0x40ce1a in snprintf /usr/include/x86_64-linux-gnu/bits/stdio2.h:64
#6 0x40ce1a in ldtoastr ../lib/ftoastr.c:131
#7 0x408e69 in print_long_double ../src/od.c:479
#8 0x40a2f1 in write_block ../src/od.c:1221
#9 0x403eec in dump ../src/od.c:1436
#10 0x403eec in main ../src/od.c:1978
#11 0x7f757ebe8f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
#12 0x405bd9 (/home/ubuntu/subjects/coreutils/obj-asan/src/od+0x405bd9)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x4f1bf)
This bug was found by AFLFast, a fork of AFL. Thanks also to Van-Thuan Pham!
Best regards,
- Marcel
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Thu, 24 Nov 2016 00:46:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 25004 <at> debbugs.gnu.org (full text, mbox):
On 23/11/16 13:56, Marcel Böhme wrote:
> Dear all,
>
> The following input crashes the od utility 3 out of 10 times.
> Seems to depend on startup timing: Couldn’t reproduce it within GDB or Valgrind. Not sure if its a bug in GNULIB (ftoastr.c) or OD (od.c).
>
> $ printf "abcde\x00\x00\x00a " | od -tazfL -
> Segmentation fault
>
> ASAN says:
> ==91757==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f757ec161c0 bp 0x7ffc048a5ff0 sp 0x7ffc048a5208 T0)
> #0 0x7f757ec161bf (/lib/x86_64-linux-gnu/libc.so.6+0x4f1bf)
> #1 0x7f757ec16e77 in __printf_fp (/lib/x86_64-linux-gnu/libc.so.6+0x4fe77)
> #2 0x7f757ec156d2 in vfprintf (/lib/x86_64-linux-gnu/libc.so.6+0x4e6d2)
> #3 0x7f757ecd0164 in __vsnprintf_chk (/lib/x86_64-linux-gnu/libc.so.6+0x109164)
> #4 0x7f757ecd00c7 in __snprintf_chk (/lib/x86_64-linux-gnu/libc.so.6+0x1090c7)
> #5 0x40ce1a in snprintf /usr/include/x86_64-linux-gnu/bits/stdio2.h:64
> #6 0x40ce1a in ldtoastr ../lib/ftoastr.c:131
> #7 0x408e69 in print_long_double ../src/od.c:479
> #8 0x40a2f1 in write_block ../src/od.c:1221
> #9 0x403eec in dump ../src/od.c:1436
> #10 0x403eec in main ../src/od.c:1978
> #11 0x7f757ebe8f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
> #12 0x405bd9 (/home/ubuntu/subjects/coreutils/obj-asan/src/od+0x405bd9)
>
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x4f1bf)
>
> This bug was found by AFLFast, a fork of AFL. Thanks also to Van-Thuan Pham!
Since coreutils-8.24 we have relied on gnulib to indicate
whether the system printf routines are safe to use (i.e. crash or not).
http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.23-81-gf57bfbb
http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.23-176-gb817f62
It seems like we'll have to add another check to gnulib to detect
this issue in the system libs?
I can't reproduce the issue here BTW with ASAN and running in a tight
loop for a few minutes. So perhaps it has been fixed in glibc already?
I have glibc-2.22-10.fc23.x86_64
Depending on how widespread the issue is will determine if it's worth
adding the check to gnulib.
What libc are you using?
thanks,
Pádraig
p.s. I tested od with AFL a lot on this system a while back
and didn't find any issues.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Thu, 24 Nov 2016 01:17:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 25004 <at> debbugs.gnu.org (full text, mbox):
Hi Pádraig,
> On 24 Nov 2016, at 8:45 AM, Pádraig Brady <P <at> draigBrady.com> wrote:
>
> I can't reproduce the issue here BTW with ASAN and running in a tight
> loop for a few minutes. So perhaps it has been fixed in glibc already?
> I have glibc-2.22-10.fc23.x86_64
> Depending on how widespread the issue is will determine if it's worth
> adding the check to gnulib.
I can reproduce the crash on Ubuntu 14.04 x86_64 with preinstalled od version 8.21 and the version in trunk.
> What libc are you using?
$ /lib/x86_64-linux-gnu/libc.so.6
GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.9) stable release version 2.19, by Roland McGrath et al.
Copyright (C) 2014 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 4.8.4.
Compiled on a Linux 3.13.11 system on 2016-05-26.
Available extensions:
crypt add-on version 2.1 by Michael Glad and others
GNU Libidn by Simon Josefsson
Native POSIX Threads Library by Ulrich Drepper et al
BIND-8.2.3-T5B
libc ABIs: UNIQUE IFUNC
For bug reporting instructions, please see:
<https://bugs.launchpad.net/ubuntu/+source/eglibc/+bugs>.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Thu, 24 Nov 2016 01:56:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 25004 <at> debbugs.gnu.org (full text, mbox):
On 24/11/16 01:16, Marcel Böhme wrote:
> Hi Pádraig,
>
>> On 24 Nov 2016, at 8:45 AM, Pádraig Brady <P <at> draigBrady.com> wrote:
>>
>> I can't reproduce the issue here BTW with ASAN and running in a tight
>> loop for a few minutes. So perhaps it has been fixed in glibc already?
>> I have glibc-2.22-10.fc23.x86_64
>> Depending on how widespread the issue is will determine if it's worth
>> adding the check to gnulib.
>
> I can reproduce the crash on Ubuntu 14.04 x86_64 with preinstalled od version 8.21 and the version in trunk.
>
>> What libc are you using?
>
> $ /lib/x86_64-linux-gnu/libc.so.6
> GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.9) stable release version 2.19, by Roland McGrath et al.
> Copyright (C) 2014 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions.
> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
> PARTICULAR PURPOSE.
> Compiled by GNU CC version 4.8.4.
> Compiled on a Linux 3.13.11 system on 2016-05-26.
> Available extensions:
> crypt add-on version 2.1 by Michael Glad and others
> GNU Libidn by Simon Josefsson
> Native POSIX Threads Library by Ulrich Drepper et al
> BIND-8.2.3-T5B
> libc ABIs: UNIQUE IFUNC
> For bug reporting instructions, please see:
> <https://bugs.launchpad.net/ubuntu/+source/eglibc/+bugs>.
For completeness, where we discussed the this in relation to gnulib last was:
https://sourceware.org/ml/libc-alpha/2015-02/threads.html#00181
and drilling down to there is the reference to original crash bug:
https://sourceware.org/bugzilla/show_bug.cgi?id=4586
That was fixed in 2007 so this must be something else.
thanks,
Pádraig
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Thu, 24 Nov 2016 03:58:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 25004 <at> debbugs.gnu.org (full text, mbox):
Marcel Böhme wrote:
> I can reproduce the crash on Ubuntu 14.04 x86_64 with preinstalled od version 8.21 and the version in trunk.
I can't reproduce it in Ubuntu 16.04.1 x86-64 with preinstalled od. This is
glibc 2.23-0ubuntu4. I hope the bug, whatever it was, was fixed in glibc so that
we no longer have to worry about it.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Thu, 24 Nov 2016 04:51:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 25004 <at> debbugs.gnu.org (full text, mbox):
On Wed, Nov 23, 2016 at 5:16 PM, Marcel Böhme <boehme.marcel <at> gmail.com> wrote:
> Hi Pádraig,
>
>> On 24 Nov 2016, at 8:45 AM, Pádraig Brady <P <at> draigBrady.com> wrote:
>>
>> I can't reproduce the issue here BTW with ASAN and running in a tight
>> loop for a few minutes. So perhaps it has been fixed in glibc already?
>> I have glibc-2.22-10.fc23.x86_64
>> Depending on how widespread the issue is will determine if it's worth
>> adding the check to gnulib.
>
> I can reproduce the crash on Ubuntu 14.04 x86_64 with preinstalled od version 8.21 and the version in trunk.
>
>> What libc are you using?
>
> $ /lib/x86_64-linux-gnu/libc.so.6
> GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.9) stable release version 2.19, by Roland McGrath et al.
> Copyright (C) 2014 Free Software Foundation, Inc.
...
> Compiled by GNU CC version 4.8.4.
...
Both gcc-4.8.4 and EGLIBC 2.19 are showing their age.
I too have failed to reproduce this. I used a Fedora 25 system, which
has glibc-2.24.
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#25004
; Package
coreutils
.
(Sun, 28 Oct 2018 07:26:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 25004 <at> debbugs.gnu.org (full text, mbox):
close 25004
stop
(triaging old bugs)
On 2016-11-23 9:49 p.m., Jim Meyering wrote:
> On Wed, Nov 23, 2016 at 5:16 PM, Marcel Böhme <boehme.marcel <at> gmail.com> wrote:
>>
>>> On 24 Nov 2016, at 8:45 AM, Pádraig Brady <P <at> draigBrady.com> wrote:
>>>
>>> I can't reproduce the issue here BTW with ASAN and running in a tight
>>> loop for a few minutes. So perhaps it has been fixed in glibc already?
>>> I have glibc-2.22-10.fc23.x86_64
>>> Depending on how widespread the issue is will determine if it's worth
>>> adding the check to gnulib.
>>
>> I can reproduce the crash on Ubuntu 14.04 x86_64 with preinstalled od version 8.21 and the version in trunk.
>>
>>> What libc are you using?
>>
>> $ /lib/x86_64-linux-gnu/libc.so.6
>> GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.9) stable release version 2.19, by Roland McGrath et al.
>> Copyright (C) 2014 Free Software Foundation, Inc.
> ...
>> Compiled by GNU CC version 4.8.4.
> ...
>
> Both gcc-4.8.4 and EGLIBC 2.19 are showing their age.
> I too have failed to reproduce this. I used a Fedora 25 system, which
> has glibc-2.24.
Given the above (and other comments in the thread indicating it's
a too-old-glibc issue), I'm closing this bug.
Discussion can continue by replying to this thread.
-assaf
bug closed, send any further explanations to
25004 <at> debbugs.gnu.org and Marcel Böhme <boehme.marcel <at> gmail.com>
Request was from
Assaf Gordon <assafgordon <at> gmail.com>
to
control <at> debbugs.gnu.org
.
(Sun, 28 Oct 2018 07:26:02 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Sun, 25 Nov 2018 12:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 6 years and 263 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.