bin/42811: ldd(1) does not handle loops gracefully

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: bin/42811: ldd(1) does not handle loops gracefully
From: njoly%pasteur.fr@localhost
Date: Sun, 14 Feb 2010 22:05:01 +0000 (UTC)

>Number:         42811
>Category:       bin
>Synopsis:       ldd(1) does not handle loops gracefully
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Feb 14 22:05:01 +0000 2010
>Originator:     Nicolas Joly
>Release:        NetBSD 5.99.24
>Organization:
Institut Pasteur
>Environment:
System: NetBSD lanfeust.sis.pasteur.fr 5.99.24 NetBSD 5.99.24 (LANFEUST) #0: 
Fri Feb 12 12:12:29 CET 2010 
njoly%lanfeust.sis.pasteur.fr@localhost:/local/src/NetBSD/obj.amd64/sys/arch/amd64/compile/LANFEUST
 amd64
Architecture: x86_64
Machine: amd64
>Description:
While checking dynamic libraries dependencies in one of my systems, i found
the ldd(1) crashed with 2 of them: libelf.so and libnvpair.so.

njoly@lanfeust [~]> ldd /usr/lib/libelf.so
/usr/lib/libelf.so:
zsh: segmentation fault (core dumped)  ldd /usr/lib/libelf.so

A further look, show that those 2 libraries have themselves as dependencies:

njoly@lanfeust [~]> objdump x /usr/lib/libelf.so
/usr/lib/libelf.so:     file format elf64-x86-64
/usr/lib/libelf.so
architecture: i386:x86-64, flags 0x00000150:
HAS_SYMS, DYNAMIC, D_PAGED
start address 0x0000000000002f60
[...]
Dynamic Section:
  NEEDED               libelf.so.0
  NEEDED               libc.so.12
  SONAME               libelf.so.0
  INIT                 0x0000000000002b20
[...]

In that case, ldd will enter a recursive loop trying to display libelf.so
needed libs, starting with itself ...

njoly@lanfeust [~]> gdb ldd ldd.core 
GNU gdb 6.5
[...]
Core was generated by `ldd'.
Program terminated with signal 11, Segmentation fault.
#0  0x00000000004019ba in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:286
286     {
(gdb) bt
#0  0x00000000004019ba in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:286
#1  0x00000000004019fa in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:293
#2  0x00000000004019fa in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:293
[...]
(gdb) up
#1  0x00000000004019fa in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:293
293                             print_needed(needed->obj, fmt1, fmt2);
(gdb) p *needed->obj
$2 = {magic = 0, version = 0, next = 0x7f7ffdff2400, 
  path = 0x7f7ffdff1140 "/usr/lib/libelf.so.0", refcount = 2, dl_refcount = 0, 
  mapbase = 0x7f7ffd000000 <Address 0x7f7ffd000000 out of bounds>, 
[...]
(gdb) up
#2  0x00000000004019fa in print_needed (obj=0x7f7ffdff2200, fmt1=0x0, fmt2=0x0)
    at /local/src/NetBSD/src/usr.bin/ldd/ldd.c:293
293                             print_needed(needed->obj, fmt1, fmt2);
(gdb) p *needed->obj
$3 = {magic = 0, version = 0, next = 0x7f7ffdff2400, 
  path = 0x7f7ffdff1140 "/usr/lib/libelf.so.0", refcount = 2, dl_refcount = 0, 
  mapbase = 0x7f7ffd000000 <Address 0x7f7ffd000000 out of bounds>, 
[...]
>How-To-Repeat:
echo "void foo(void) {}" >foo.c
cc -shared -fPIC -o libfoo.so foo.c
cc -shared -fPIC -Wl,-rpath,. -o libbar.so foo.c -L. -lfoo
mv libbar.so libfoo.so
ldd ./libfoo.so
>Fix:

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: PR/42787 CVS commit: src/sys/arch/i386/i386
Previous by Thread: Re: port-i386/32424 (compat_svr4 fails to execute Solaris 10 binaries)
Next by Thread: Re: port-i386/42585: linux emul panic while installing pkgsrc/net/citrix_ica
Indexes:

Home | Main Index | Thread Index | Old Index