Segfault on basic operations

Question

Segfault on basic operations

haampie opened this issue a year ago · comments

Bisected to

464672404ed64337855fcd634b0173657202183f is the first bad commit
commit 464672404ed64337855fcd634b0173657202183f
Author: Ariadne Conill <ariadne@dereferenced.org>
Date:   Sun Jun 26 04:30:35 2022 +0000

    cache: refactor to use a continguous table and bsearch
    
    cache functions are the hottest part of the pkgconf code when
    profiled, by removing the linked list for lookups, we can turn
    lookups into an O(k) operation

:040000 040000 fc2e5c66c1f78ff26ed02e374ce805783012f244 4bc088c0ce37750681005039b81126263fd78fd5 M	libpkgconf

Starting program: /tmp/tmp.H6ZvwNUjnU/._view/p3zwbwx7pzit5gytopeid3lqup4x4xvc/bin/pkg-config --libs libpkgconf
warning: Error disabling address space randomization: Operation not permitted

Program received signal SIGSEGV, Segmentation fault.
0x0000ffffbf2c98a4 in pkgconf_cache_add (client=0xaaaab9e3b7b0 <pkg_client>, pkg=0xaaaac43bbef0) at libpkgconf/cache.c:133
133		client->cache_table[client->cache_count - 1] = pkg;
(gdb) bt
#0  0x0000ffffbf2c98a4 in pkgconf_cache_add (client=0xaaaab9e3b7b0 <pkg_client>, pkg=0xaaaac43bbef0) at libpkgconf/cache.c:133
#1  0x0000ffffbf2cc464 in pkgconf_pkg_find (client=0xaaaab9e3b7b0 <pkg_client>, name=0xaaaac43bbca0 "libpkgconf") at libpkgconf/pkg.c:787
#2  0x0000ffffbf2cd018 in pkgconf_pkg_verify_dependency (client=0xaaaab9e3b7b0 <pkg_client>, pkgdep=0xaaaac43bbc40, eflags=0xfffffc57de48) at libpkgconf/pkg.c:1354
#3  0x0000ffffbf2cd3cc in pkgconf_pkg_walk_list (client=0xaaaab9e3b7b0 <pkg_client>, parent=0xfffffc57df58, deplist=0xfffffc57dff8, func=0x0, data=0x0, depth=2000, skip_flags=0)
    at libpkgconf/pkg.c:1455
#4  0x0000ffffbf2cd910 in pkgconf_pkg_traverse (client=0xaaaab9e3b7b0 <pkg_client>, root=0xfffffc57df58, func=0x0, data=0x0, maxdepth=2000, skip_flags=0)
    at libpkgconf/pkg.c:1582
#5  0x0000ffffbf2cd160 in pkgconf_pkg_verify_graph (client=0xaaaab9e3b7b0 <pkg_client>, root=0xfffffc57df58, depth=2000) at libpkgconf/pkg.c:1399
#6  0x0000ffffbf2d18dc in pkgconf_queue_verify (client=0xaaaab9e3b7b0 <pkg_client>, world=0xfffffc57df58, list=0xfffffc57e180, maxdepth=2000) at libpkgconf/queue.c:116
#7  0x0000ffffbf2d1a98 in pkgconf_queue_validate (client=0xaaaab9e3b7b0 <pkg_client>, list=0xfffffc57e180, maxdepth=2000) at libpkgconf/queue.c:189
#8  0x0000aaaab9e2511c in main (argc=3, argv=0xfffffc58ea68) at cli/main.c:1337

using GCC 7.5.0 on Ubuntu 18.04, ^ was under env -i.

Harmen Stoppels · Answer 1 · Mon Apr 24 2023 20:21:31 GMT+0800 (China Standard Time)

Probably a duplicate of #285

Harmen Stoppels · Answer 2 · Mon Apr 24 2023 20:30:07 GMT+0800 (China Standard Time)

reallocarray was introduced in glibc 2.26, and needs -D_GNU_SOURCE for old glibc:

    reallocarray():

    Since glibc 2.29:
        _DEFAULT_SOURCE

    glibc 2.28 and earlier:
        _GNU_SOURCE

Harmen Stoppels · Answer 3 · Mon Apr 24 2023 20:59:22 GMT+0800 (China Standard Time)

Yeah, so the issue here is that reallocarray is implicitly declared as int reallocarray(...) because no header is included (and the relevant define is missing), which means that on 64-bit glibc systems you get that

(void *) reallocarray

casts an int to a pointer, meaning you get 4 bytes from the return value instead of 8.

The configure tests that checks whether the symbol reallocarray can be linked to is simply not good enough. The configure test looks like this:

char reallocarrayy ();

int
main (void)
{
return reallocarrayy ();
  ;
  return 0;
}

which passes but doesn't guard against implicit declarations.

Ariadne Conill · Answer 4 · Wed May 03 2023 03:00:23 GMT+0800 (China Standard Time)

Fixed in pending 1.9.5, thanks!