Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 684476 - app-portage/portage-utils-9999: qcache -s SEGV in qcache.c:407
Summary: app-portage/portage-utils-9999: qcache -s SEGV in qcache.c:407
Status: RESOLVED FIXED
Alias: None
Product: Portage Development
Classification: Unclassified
Component: Third-Party Tools (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Fabian Groffen
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-04-27 10:10 UTC by Kent Fredric (IRC: kent\n) (RETIRED)
Modified: 2019-05-31 09:34 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kent Fredric (IRC: kent\n) (RETIRED) gentoo-dev 2019-04-27 10:10:24 UTC
At commit: 0a3db7b186f0785d29c2c72c5ad6dbb93381ac35

Now I fussed around and got debugging working ( for some reason my standard debug -ggdb3 produces something gdb can't handle at all ).

Hopefully this is of value.

gdb --args qcache -s


run
Starting program: /usr/bin/qcache -s

Program received signal SIGSEGV, Segmentation fault.
qcache_stats (pkg_ctx=pkg_ctx@entry=0x0, priv=priv@entry=0x0) at qcache.c:407
407				switch (current_package_keywords[a]) {

(gdb) thread apply all bt full

Thread 1 (process 6599):
#0  qcache_stats (pkg_ctx=pkg_ctx@entry=0x0, priv=priv@entry=0x0) at qcache.c:407
        arch = <optimized out>
        border = '-' <repeats 66 times>
        runtime = 0
        numpkg = 0
        numebld = 0
        numcat = 0
        packages_stable = 0x0
        packages_testing = 0x0
        current_package_keywords = 0x0
        lastcat = 0x0
        lastpkg = '\000' <repeats 4095 times>
        a = 0
        atom = <optimized out>
        data = 0x0
#1  0x000055555555ff96 in qcache_main (argc=2, argv=0x7fffffffcf58) at qcache.c:798
        i = <optimized out>
        action = <optimized out>
        data = {qatom = 0x0, lastatom = 0x0, keywordsbuf = 0x5555555a2410, keywordsbuflen = 33, arch = 0x55555557fb73 "amd64", runfunc = 0x55555555f070 <qcache_stats>}
        pkg = <optimized out>
        cat = 0x0
        __func__ = "qcache_main"
#2  0x000055555555c52b in main (argc=2, argv=0x7fffffffcf58) at main.c:802
        st = {st_dev = 21, st_ino = 11, st_nlink = 1, st_mode = 8592, st_uid = 1000, st_gid = 5, __pad0 = 0, st_rdev = 34824, st_size = 0, st_blksize = 1024, st_blocks = 0, st_atim = {tv_sec = 1556358600, tv_nsec = 902652970}, st_mtim = {tv_sec = 1556358600, tv_nsec = 902652970}, st_ctim = {tv_sec = 1554896883, tv_nsec = 902652970}, __glibc_reserved = {0, 0, 0}}

(gdb) info line
Line 407 of "qcache.c" starts at address 0x55555555f2e3 <qcache_stats+627> and ends at 0x55555555f2eb <qcache_stats+635>.

                const char border[] = "------------------------------------------------------------------";

                /* include stats for last package */
                for (a = 0; a < archlist_count; a++) {
                        switch (current_package_keywords[a]) {
                                case stable:
                                        packages_stable[a]++;
                                        break;
                                case testing:
                                        packages_testing[a]++;
                                default:
                                        break;
                        }
                }

                printf


(gdb) print archlist_count
$1 = 33

(gdb) print current_package_keywords
$2 = (int *) 0x0


(gdb) info all-registers 
rax            0x0                 0
rbx            0x55555557fe88      93824992411272
rcx            0x21                33
rdx            0x0                 0
rsi            0x0                 0
rdi            0x0                 0
rbp            0x2                 0x2
rsp            0x7fffffffb850      0x7fffffffb850
r8             0x0                 0
r9             0x5555555a7e00      93824992574976
r10            0x802               2050
r11            0x246               582
r12            0x7fffffffcf58      140737488342872
r13            0x12                18
r14            0x0                 0
r15            0x0                 0
rip            0x55555555f2e3      0x55555555f2e3 <qcache_stats+627>
eflags         0x10246             [ PF ZF IF RF ]
cs             0x33                51
ss             0x2b                43
ds             0x0                 0
es             0x0                 0
fs             0x0                 0
gs             0x0                 0
st0            0                   (raw 0x00000000000000000000)
st1            0                   (raw 0x00000000000000000000)
st2            0                   (raw 0x00000000000000000000)
st3            0                   (raw 0x00000000000000000000)
st4            0                   (raw 0x00000000000000000000)
st5            0                   (raw 0x00000000000000000000)
st6            0                   (raw 0x00000000000000000000)
st7            0                   (raw 0x00000000000000000000)
fctrl          0x37f               895
fstat          0x0                 0
ftag           0xffff              65535
fiseg          0x0                 0
fioff          0x0                 0
foseg          0x0                 0
fooff          0x0                 0
fop            0x0                 0
mxcsr          0x1f80              [ IM DM ZM OM UM PM ]
ymm0           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x2d <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x2d2d, 0x2d2d, 0x2d2d, 0x2d2d, 0x2d2d, 0x2d2d, 0x2d2d, 0x2d2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x2d2d2d2d, 0x2d2d2d2d, 0x2d2d2d2d, 0x2d2d2d2d, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x2d2d2d2d2d2d2d2d, 0x2d2d2d2d2d2d2d2d, 0x0, 0x0}, v2_int128 = {0x2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d, 0x0}}
ymm1           {v8_float = {0xc5000000, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x50, 0xbc, 0x5b, 0x55, 0x55, 0x55, 0x0, 0x0, 0x0, 0xba, 0x5c, 0x55, 0x55, 0x55, 0x0 <repeats 18 times>}, v16_int16 = {0xbc50, 0x555b, 0x5555, 0x0, 0xba00, 0x555c, 0x5555, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x555bbc50, 0x5555, 0x555cba00, 0x5555, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5555555bbc50, 0x5555555cba00, 0x0, 0x0}, v2_int128 = {0x5555555cba0000005555555bbc50, 0x0}}
ymm2           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm3           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm4           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0 <repeats 22 times>}, v16_int16 = {0xff, 0x0, 0x0, 0x0, 0xff00, 0x0 <repeats 11 times>}, v8_int32 = {0xff, 0x0, 0xff00, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xff, 0xff00, 0x0, 0x0}, v2_int128 = {0xff0000000000000000ff, 0x0}}
ymm5           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0 <repeats 19 times>}, v16_int16 = {0x0, 0xff, 0x0, 0xffff, 0xffff, 0xffff, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xff0000, 0xffff0000, 0xffffffff, 0xff, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xffff000000ff0000, 0xffffffffff, 0x0, 0x0}, v2_int128 = {0xffffffffffffff000000ff0000, 0x0}}
ymm6           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x0 <repeats 15 times>, 0xff, 0x0 <repeats 16 times>}, v16_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x0, 0x0, 0x0, 0xff000000, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0xff00000000000000, 0x0, 0x0}, v2_int128 = {0xff000000000000000000000000000000, 0x0}}
ymm7           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm8           {v8_float = {0x37000000, 0x0, 0x4c000000, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x70, 0xb3, 0x5c, 0x55, 0x55, 0x55, 0x0, 0x0, 0xc0, 0xb4, 0x5c, 0x55, 0x55, 0x55, 0x0 <repeats 18 times>}, v16_int16 = {0xb370, 0x555c, 0x5555, 0x0, 0xb4c0, 0x555c, 0x5555, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x555cb370, 0x5555, 0x555cb4c0, 0x5555, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5555555cb370, 0x5555555cb4c0, 0x0, 0x0}, v2_int128 = {0x5555555cb4c000005555555cb370, 0x0}}
ymm9           {v8_float = {0x37d21, 0x0, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x7fffffffffffffff, 0x0, 0x0}, v32_int8 = {0x6a, 0x48, 0x5f, 0x48, 0x5f, 0x4b, 0x49, 0x17, 0x76, 0x5b, 0x4e, 0x5f, 0x49, 0x4e, 0x17, 0x69, 0x0 <repeats 16 times>}, v16_int16 = {0x486a, 0x485f, 0x4b5f, 0x1749, 0x5b76, 0x5f4e, 0x4e49, 0x6917, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x485f486a, 0x17494b5f, 0x5f4e5b76, 0x69174e49, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x17494b5f485f486a, 0x69174e495f4e5b76, 0x0, 0x0}, v2_int128 = {0x69174e495f4e5b7617494b5f485f486a, 0x0}}
ymm10          {v8_float = {0xfb175400, 0x35549, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x7fffffffffffffff, 0x0, 0x0, 0x0}, v32_int8 = {0x54, 0x17, 0x7b, 0x4f, 0x4e, 0x52, 0x55, 0x48, 0x17, 0x71, 0x7f, 0x74, 0x6e, 0x74, 0x76, 0x17, 0x0 <repeats 16 times>}, v16_int16 = {0x1754, 0x4f7b, 0x524e, 0x4855, 0x7117, 0x747f, 0x746e, 0x1776, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x4f7b1754, 0x4855524e, 0x747f7117, 0x1776746e, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x4855524e4f7b1754, 0x1776746e747f7117, 0x0, 0x0}, v2_int128 = {0x1776746e747f71174855524e4f7b1754, 0x0}}
ymm11          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm12          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm13          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm14          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm15          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}}

info frame
Stack level 0, frame at 0x7fffffffb8d0:
 rip = 0x55555555f2e3 in qcache_stats (qcache.c:407); saved rip = 0x55555555ff96
 called by frame at 0x7fffffffc960
 source language c.
 Arglist at 0x7fffffffb848, args: pkg_ctx=pkg_ctx@entry=0x0, priv=priv@entry=0x0
 Locals at 0x7fffffffb848, Previous frame's sp is 0x7fffffffb8d0
 Saved registers:
  rbx at 0x7fffffffb8a8, rbp at 0x7fffffffb8b0, r12 at 0x7fffffffb8b8, r13 at 0x7fffffffb8c0, rip at 0x7fffffffb8c8

Dump of assembler code for function qcache_stats:
....
   0x000055555555f2b0 <+576>:	je     0x55555555f2f8 <qcache_stats+648>
   0x000055555555f2b2 <+578>:	mov    0x32657(%rip),%rsi        # 0x555555591910 <current_package_keywords.6451>
   0x000055555555f2b9 <+585>:	xor    %eax,%eax
   0x000055555555f2bb <+587>:	mov    0x32646(%rip),%r8        # 0x555555591908 <packages_stable.6449>
   0x000055555555f2c2 <+594>:	mov    0x32637(%rip),%rdi        # 0x555555591900 <packages_testing.6450>
   0x000055555555f2c9 <+601>:	jmp    0x55555555f2e3 <qcache_stats+627>
   0x000055555555f2cb <+603>:	nopl   0x0(%rax,%rax,1)
   0x000055555555f2d0 <+608>:	cmp    $0x2,%edx
   0x000055555555f2d3 <+611>:	jne    0x55555555f2da <qcache_stats+618>
   0x000055555555f2d5 <+613>:	addl   $0x1,(%r8,%rax,4)
   0x000055555555f2da <+618>:	add    $0x1,%rax
   0x000055555555f2de <+622>:	cmp    %rcx,%rax
   0x000055555555f2e1 <+625>:	je     0x55555555f2f8 <qcache_stats+648>
=> 0x000055555555f2e3 <+627>:	mov    (%rsi,%rax,4),%edx
   0x000055555555f2e6 <+630>:	cmp    $0x1,%edx
   0x000055555555f2e9 <+633>:	jne    0x55555555f2d0 <qcache_stats+608>
   0x000055555555f2eb <+635>:	addl   $0x1,(%rdi,%rax,4)
   0x000055555555f2ef <+639>:	add    $0x1,%rax
   0x000055555555f2f3 <+643>:	cmp    %rcx,%rax
   0x000055555555f2f6 <+646>:	jne    0x55555555f2e3 <qcache_stats+627>
   0x000055555555f2f8 <+648>:	mov    %rsp,%r13
   0x000055555555f2fb <+651>:	mov    $0x19,%edx
   0x000055555555f300 <+656>:	mov    $0x1,%edi
   0x000055555555f305 <+661>:	mov    %r13,%rcx
   0x000055555555f308 <+664>:	xor    %eax,%eax
   0x000055555555f30a <+666>:	xor    %ebx,%ebx
   0x000055555555f30c <+668>:	lea    0x2071f(%rip),%rsi        # 0x55555557fa32
   0x000055555555f313 <+675>:	callq  0x55555555b6a0 <__printf_chk@plt>
   0x000055555555f318 <+680>:	lea    0x2071b(%rip),%rdi        # 0x55555557fa3a
Comment 1 Larry the Git Cow gentoo-dev 2019-04-30 07:54:19 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/portage-utils.git/commit/?id=737cbc7da8473b7f2cd98b18201bf438c7e6c8c7

commit 737cbc7da8473b7f2cd98b18201bf438c7e6c8c7
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2019-04-30 07:52:27 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2019-04-30 07:52:27 +0000

    libq/cache: fix some issues (likely bugs #684252 and #684476)
    
    cache_next_pkg: fix package traversal and cat_ctx shoveling
    cache_read_file_ebuild: fix key parsing (not to loop forever)
    cache_pkg_read: open correct file for ebuild case
    
    Bug: https://bugs.gentoo.org/684252
    Bug: https://bugs.gentoo.org/684476
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 libq/cache.c | 37 ++++++++++++++++++++++++++++---------
 1 file changed, 28 insertions(+), 9 deletions(-)
Comment 2 Fabian Groffen gentoo-dev 2019-05-31 09:34:08 UTC
I think bug is fixed by now