Package: maxima
Version: 5.31.0-4
Severity: important
Dear Maintainer,
I've had bug #678404 recur on ia32. (Sorry if I should have reopened that one
instead)
$ gdb /usr/lib/maxima/5.31.0/binary-gcl/maxima
Program received signal SIGSEGV, Segmentation fault.
0x00068179 in ?? ()
(gdb) bt
#0 0x00068179 in ?? ()
#1 0x00069955 in ?? ()
#2 0x000b4c94 in malloc ()
#3 0xb7c4fa51 in __GI___strdup (s=0xbffffdb4 "QT_IM_MODULE=xim") at strdup.c:42
#4 0x00021a0e in ?? ()
#5 0xb7beb8c5 in __libc_start_main (main=0x20bf0, argc=1, ubp_av=0xbffff594,
init=0x31ccd0, fini=0x31cd40, rtld_fini=0xb7fee0c0 <_dl_fini>,
stack_end=0xbffff58c) at libc-start.c:260
#6 0x00021e78 in ?? ()
(gdb) disas $eip,+20
Dump of assembler code from 0x68179 to 0x6818d:
=> 0x00068179: mov DWORD PTR [eax+0x4],edi
0x0006817c: add esp,0x6c
0x0006817f: mov eax,0x1
0x00068184: pop ebx
0x00068185: pop esi
0x00068186: pop edi
0x00068187: pop ebp
0x00068188: ret
0x00068189: fstp st(0)
0x0006818b: fld1
(gdb) info registers
eax 0x8a8cb0 9079984
ecx 0x438000 4423680
edx 0x7 7
ebx 0x2335 9013
esp 0xbffff280 0xbffff280
ebp 0x32d 0x32d
esi 0x1 1
edi 0x5dc740 6145856
eip 0x68179 0x68179
eflags 0x10246 [ PF ZF IF RF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
(gdb) x (int *)0x8a8cb4
0x8a8cb4: 0x005dc740
[...]
cat /proc/[pid]/maps
[...]
00885000-008a9000 r-xp 0086c000 09:00 805313494
/usr/lib/maxima/5.31.0/binary-gcl/maxima
008a9000-008d6000 rwxp 00890000 09:00 805313494
/usr/lib/maxima/5.31.0/binary-gcl/maxima
[...]
So it's trying to update a pointer that's (barely) not in a writeable page.
strace:
[...]
personality(0xffffffff /* PER_??? */) = 0
personality(0x8240000 /* PER_??? */) = 0
personality(0xffffffff /* PER_??? */) = 0x8240000
mprotect(0x7ae000, 26652672, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
rt_sigaction(SIGSEGV, {0x25f30, [SEGV], SA_STACK|SA_RESTART|SA_SIGINFO}, NULL,
8) = 0
brk(0) = 0x345d000
brk(0x3679000) = 0x3679000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
ltrace:
[...]
[pid 16410] memset(0x01389608, '\000', 26112)
= 0x01389608
[pid 16410] sbrk(0)
= 0x02adf000
[pid 16410] sbrk(0)
= 0x02adf000
[pid 16410] sbrk(2211840)
= 0x02adf000
[pid 16410] --- SIGSEGV (Segmentation fault) ---
I looked into the process of getting debugging symbols but it looks a
bit daunting.
As far as I know, neither SELinux nor any other thing should be
messing up permissions; sbrk and brk (obviously) don't look like
they're randomized, and the personality() call seemed to have returned
success.
Bisecting using snapshot.debian.org shows this started happening
between 5.31.0-1 and 5.31.0-3, and only on ia32. (My amd64 machine
works fine)
Is there anything else I should try?
Thanks-
- Robert Jacobs
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.10-1-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages maxima depends on:
ii gnuplot-x11 4.6.4-1
ii libc6 2.17-93
ii libgmp10 2:5.1.2+dfsg-3
ii libreadline6 6.2+dfsg-0.1
ii libx11-6 2:1.6.2-1
Versions of packages maxima recommends:
ii maxima-share 5.31.0-4
Versions of packages maxima suggests:
ii maxima-doc 5.31.0-4
pn maxima-emacs <none>
pn texmacs <none>
ii tk8.4 [wish] 8.4.20-1
ii tk8.5 [wish] 8.5.14-2
ii xmaxima 5.31.0-4
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
