Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 923326 - sys-apps/openrc-0.53 fails to power off system: free(): double free detected in tcache 2
Summary: sys-apps/openrc-0.53 fails to power off system: free(): double free detected ...
Status: UNCONFIRMED
Alias: None
Product: Gentoo Hosted Projects
Classification: Unclassified
Component: OpenRC (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: OpenRC Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-01-30 09:50 UTC by Jaak Ristioja
Modified: 2024-01-30 09:53 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
valgrind.log (valgrind.log,50.19 KB, text/plain)
2024-01-30 09:51 UTC, Jaak Ristioja 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jaak Ristioja 2024-01-30 09:50:24 UTC 
The poweroff command hangs and does not complete:

# valgrind --leak-check=full --show-leak-kinds=all --trace-children=yes --track-origins=yes --log-file=valgrind.log openrc-shutdown --poweroff now

Broadcast message from root@arm (pts/3) (Tue Jan 30 11:41:34 2024):

The system will power off now
^C * Shutdown cancelled


GDB backtrace from hang:

(gdb) thread apply all bt full

Thread 1 (Thread 0x7f20d9fa6b80 (LWP 15333) "openrc-shutdown"):
#0  0x00007f20da0d4d82 in __libc_open64 (file=0x561831099030 "/run/openrc/init.ctl", oflag=577) at ../sysdeps/unix/sysv/linux/open64.c:41
        sc_ret = -512
        sc_ret = <optimized out>
        mode = 438
#1  0x00007f20da065ee6 in __GI__IO_file_open (fp=fp@entry=0x56183224e2b0, filename=<optimized out>, posix_mode=<optimized out>, prot=prot@entry=438, read_write=4, is32not64=<optimized out>) at fileops.c:188
        fdesc = <optimized out>
#2  0x00007f20da066055 in _IO_new_file_fopen (fp=fp@entry=0x56183224e2b0, filename=filename@entry=0x561831099030 "/run/openrc/init.ctl", mode=<optimized out>, mode@entry=0x5618310997b9 "w", is32not64=is32not64@entry=1) at fileops.c:281
        oflags = <optimized out>
        omode = <optimized out>
        read_write = <optimized out>
        oprot = 438
        i = <optimized out>
        result = <optimized out>
        cs = <optimized out>
        last_recognized = <optimized out>
        __PRETTY_FUNCTION__ = "_IO_new_file_fopen"
#3  0x00007f20da05a49d in __fopen_internal (filename=filename@entry=0x561831099030 "/run/openrc/init.ctl", mode=mode@entry=0x5618310997b9 "w", is32=is32@entry=1) at iofopen.c:75
        new_f = 0x56183224e2b0
#4  0x00007f20da05a51e in _IO_new_fopen (filename=filename@entry=0x561831099030 "/run/openrc/init.ctl", mode=mode@entry=0x5618310997b9 "w") at iofopen.c:86
No locals.
#5  0x0000561831096813 in send_cmd (cmd=cmd@entry=0x56183109919a "poweroff") at ../openrc-0.53/src/openrc-shutdown/openrc-shutdown.c:145
        fifo = <optimized out>
        ignored = <optimized out>
#6  0x00005618310965ea in main (argc=<optimized out>, argv=<optimized out>) at ../openrc-0.53/src/openrc-shutdown/openrc-shutdown.c:348
        ch = <optimized out>
        opt = <optimized out>
        cmd_count = <optimized out>
        hour = 0
        min = 0
        shutdown_delay = 0
        sa = {__sigaction_handler = {sa_handler = 0x561831096770 <stop_shutdown>, sa_sigaction = 0x561831096770 <stop_shutdown>}, sa_mask = {__val = {0 <repeats 16 times>}}, sa_flags = 0, sa_restorer = 0x0}
        lt = <optimized out>
        tv = 0
        need_warning = <optimized out>
        msg = 0x56183224e490 "\rThe system will power off now\r\n"
        state = 0x56183224d2a0 "power off"
        time_arg = <optimized out>
        fp = <optimized out>

valgrind.log attached.
Comment 1 Jaak Ristioja 2024-01-30 09:51:47 UTC 
Created attachment 883709 [details]
valgrind.log
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-30 09:53:21 UTC 
I'd guess it's

commit 8b247dd5d8ec890608e5c2295fc57b45c066e787
Author: Mike Frysinger <vapier@gentoo.org>
Date:   Tue Dec 21 01:46:19 2021 -0500

    broadcast: fix compiler warnings

    Newer gcc reports:
    broadcast.c: In function 'broadcast':
    broadcast.c:132:15: warning: variable 'tp' might be clobbered by 'longjmp' or 'vfork' [-Wclobbered]
      132 |         FILE *tp;

    Move the storage off the stack to avoid.  This makes the function
    not safe for multithread use, but we don't do that anywhere, so
    who cares!