On Fri, 2006-07-28 at 08:04 +0100, Alastair McKinstry wrote:
> [my own message removed]
> Ok,
>
>
> ignore my last reply about slang; it appears I had it backwards.
> Examining the issue in more depth,
> the code fails in newt.c at:
>
> if (!handle)
> handle = dlopen("/usr/lib/libfribidi.so.0", RTLD_LAZY |
> RTLD_GLOBAL);
>
> from the backtrace it appears this is triggering a bug in _glibc_ rather
> than newt, but I cannot
> reproduce it yet; could you do the following:
>
> (1) upgrade libc6 to 2.3.6-16 to make sure the bug hasn't gone away
Done that. The problem persists unfortunately.
> (2) produce a small test example; showing how to reproduce the bug with
> mindi, mondoarchive, etc.
Running the following minimal setup should do the trick:
mondoarchive -Oig0NE "/" -S "/tmp" -T "/tmp" -d "/tmp"
(Once we get things to work I suggest I do a few somewhat more extensive
test run if that's ok.)
> I think perhaps clearing error state by calling dlerror() before each
> dlopen() call may fix it, ie.
> --- newt.c-old 2006-07-28 07:16:21.000000000 +0100
> +++ newt.c 2006-07-28 07:15:27.000000000 +0100
> @@ -254,8 +254,10 @@
> FriBidiStrIndex *, FriBidiStrIndex *,
> FriBidiLevel *);
>
> + dlerror(); /* clear error state */
> if (!handle)
> handle = dlopen("/usr/lib/libfribidi.so.0", RTLD_LAZY |
> RTLD_GLOBAL);
> + dlerror();
> if (!handle)
> handle = dlopen("/lib/libfribidi.so.0", RTLD_LAZY | RTLD_GLOBAL);
> if (!handle)
>
> but I would like to ensure no bugs in glibc, too.
>
> I am uploading a version of newt to experimental (0.52.2-6) which
> contains this fix to test
> with,
I have tested with this version (from incoming actually) and it still
crashes. However, it appears that this happens at a somewhat later
stage. The backtrace (without debugging symbols in the experimental
libnewt) is:
*** glibc detected *** free(): invalid next size (fast): 0x080b9f08 ***
Program received signal SIGABRT, Aborted.
[Switching to Thread -1479627968 (LWP 10126)]
0xffffe410 in __kernel_vsyscall ()
(gdb) bt
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xa7dfe8b1 in raise () from /lib/tls/i686/cmov/libc.so.6
#2 0xa7e00049 in abort () from /lib/tls/i686/cmov/libc.so.6
#3 0xa7e33eaa in __fsetlocking () from /lib/tls/i686/cmov/libc.so.6
#4 0xa7e3b73f in mallopt () from /lib/tls/i686/cmov/libc.so.6
#5 0xa7e3b7e2 in free () from /lib/tls/i686/cmov/libc.so.6
#6 0xa7f22baa in newtEntrySet () from /usr/lib/libnewt.so.0.52
#7 0xa7f20a56 in newtFormDestroy () from /usr/lib/libnewt.so.0.52
#8 0x0807bc6c in close_evalcall_form () at newt-specific.c:308
#9 0x08068c24 in run_program_and_log_to_screen (
basic_call=0x80bc370 "mindi
--custom /tmp/tmp.mondo.8654/tmp.mondo.12804
/tmp/mondo.scratch.23676/mondo.scratch.10109/images '/boot/vmlinuz-2.6.17-1-k7'
'' '' 1 'no' 'no' '' 'yes' 0 1 '' 'no' 'no' 'no' 32768 0",
what_i_am_doing=0x8081c48 "Generating boot+data disks")
at libmondo-fork.c:490
#10 0x08057811 in call_mindi_to_supply_boot_disks (bkpinfo=0x8098c08)
at libmondo-archive.c:1009
#11 0x08058288 in backup_data (bkpinfo=0x8098c08) at
libmondo-archive.c:640
#12 0x0804aea8 in main (argc=9, argv=0xaff16764) at main.c:455
(If you want me to rerun with debugging symbols in the experimental
libnewt I am happy to do this. I was just too lazy to force things
despite dependency conflicts between fribidi and the experimental
libnewt - it's getting late here in Sydney. ;-) )
> Regards
> Alastair
Cheers,
Andree
--
Andree Leidenfrost
@ Debian Developer
Sydney - Australia
signature.asc
Description: This is a digitally signed message part
