946366 – dev-libs/protobuf-c-1.5.0-r2 fails tests: FAIL: test-generated-code2 (with sys-devel/gcc:15 due to union initialisation change)

Bug 946366 - dev-libs/protobuf-c-1.5.0-r2 fails tests: FAIL: test-generated-code2 (with sys-devel/gcc:15 due to union initialisation change)

Summary: dev-libs/protobuf-c-1.5.0-r2 fails tests: FAIL: test-generated-code2 (with sy...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it

URL:
Whiteboard:
Keywords:	TESTFAILURE

Depends on:
Blocks:	gcc-15
	Show dependency tree

Reported:	2024-12-13 14:44 UTC by Agostino Sarubbo
Modified:	2025-02-11 08:39 UTC (History)
CC List:	1 user (show)

See Also:	946544 https://github.com/protobuf-c/protobuf-c/issues/690 https://github.com/protobuf-c/protobuf-c/pull/703 https://github.com/protobuf-c/protobuf-c/issues/745
Package list:
Runtime testing required:	---

Attachments
build.log (build.log,245.93 KB, text/plain) 2024-12-13 14:44 UTC, Agostino Sarubbo	Details
1-test-suite.log (1-test-suite.log,2.72 KB, text/plain) 2024-12-13 14:44 UTC, Agostino Sarubbo	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2024-12-13 14:44:45 UTC

https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/

Issue: dev-libs/protobuf-c-1.5.0-r2 fails tests.
Discovered on: arm64 (internal ref: tinderbox_arm64)
System: GCC-15-SYSTEM (https://wiki.gentoo.org/wiki/Project:Tinderbox/Common_Issues_Helper#GCC-15)

Info about the issue:
https://wiki.gentoo.org/wiki/Project:Tinderbox/Common_Issues_Helper#CF0015

Comment 1 Agostino Sarubbo gentoo-dev

2024-12-13 14:44:47 UTC

Created attachment 913921 [details]
build.log

build log and emerge --info

Comment 2 Agostino Sarubbo gentoo-dev

2024-12-13 14:44:47 UTC

Created attachment 913922 [details]
1-test-suite.log

1-test-suite.log

Comment 3 Agostino Sarubbo gentoo-dev

2024-12-13 14:44:48 UTC

Error(s) that match a know pattern in addition to what has been reported in the summary:


/var/tmp/portage/dev-libs/protobuf-c-1.5.0-r2/work/protobuf-c-1.5.0/build-aux/test-driver: line 119:   957 Segmentation fault      "$@" >> "$log_file" 2>&1
FAIL: t/generated-code2/test-generated-code2

Comment 4 Sam James archtester

2024-12-13 14:45:43 UTC

Needs checking...

Comment 5 Sam James archtester

2024-12-23 04:51:42 UTC

* GCC 15: fails with -O1 even
* GCC 15: fails with -O0
* GCC 14: passes with -O2
* GCC 14: passes with -O1
* Clang: tests crash w/ invalid free (!)

Maybe same as bug 946544?

Comment 6 Sam James archtester

2024-12-23 04:54:29 UTC

(In reply to Sam James from comment #5)
> Maybe same as bug 946544?

yes, -fzero-init-padding-bits=unions fixes it

Comment 7 Larry the Git Cow gentoo-dev

2024-12-23 05:07:33 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=20eaafa4033bfaeab15a5952bec5839e7f8684ea

commit 20eaafa4033bfaeab15a5952bec5839e7f8684ea
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-12-23 05:05:55 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-12-23 05:05:55 +0000

    dev-libs/protobuf-c: fix tests with GCC 15
    
    GCC 15 makes a change to union initialisation and exposes a bug in
    protobuf-c. Build with the new -fzero-init-padding-bits=unions flag if
    supported to fix the testsuite until the upstream bug is fixed.
    
    Note that the upstream bug has not yet been reported so keeping
    the Gentoo bug open.
    
    Bug: https://bugs.gentoo.org/946366
    Signed-off-by: Sam James <sam@gentoo.org>

 ...{protobuf-c-1.4.1-r1.ebuild => protobuf-c-1.4.1-r2.ebuild} | 11 +++++++++--
 ...{protobuf-c-1.5.0-r2.ebuild => protobuf-c-1.5.0-r3.ebuild} |  9 ++++++++-
 2 files changed, 17 insertions(+), 3 deletions(-)

Comment 8 Sam James archtester

2024-12-23 05:08:35 UTC

Workaround applied for the tests.

TODO:
* Report it upstream to protobuf-c
* Figure out if the generated code by protobuf-c is safe? The flag change may only fix the tests, not packages *using* protobuf-c...

Comment 9 Sam James archtester

2024-12-23 05:12:20 UTC

Building with -Og -ggdb3 with GCC 15:
```
Test: test oneof TestEnum...  done.
Test: test oneof string...  done.
Test: test oneof bytes...
Program received signal SIGSEGV, Segmentation fault.
0xf7d9d860 in __GI___libc_free (mem=0x41013dd8) at malloc.c:3375
3375      if (chunk_is_mmapped (p))                       /* release mmapped memory. */
(gdb) bt
#0  0xf7d9d860 in __GI___libc_free (mem=0x41013dd8) at malloc.c:3375
#1  0xf7fb2cf1 in system_free (allocator_data=0x0, data=0x41013dd8) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:161
#2  0xf7fb62ef in do_free (allocator=0xf7fbb004 <protobuf_c.allocator>, data=<optimized out>)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:174
#3  parse_required_member (scanned_member=scanned_member@entry=0xffffcf4c, member=member@entry=0x565935e8, allocator=allocator@entry=0xf7fbb004 <protobuf_c.allocator>, maybe_clear=1)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2582
#4  0xf7fb652f in parse_oneof_member (scanned_member=scanned_member@entry=0xffffcf4c, member=member@entry=0x565935e8, message=message@entry=0x565935d0,
    allocator=0xf7fbb004 <protobuf_c.allocator>) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2686
#5  0xf7fb66ec in parse_member (scanned_member=scanned_member@entry=0xffffcf4c, message=message@entry=0x565935d0, allocator=allocator@entry=0xf7fbb004 <protobuf_c.allocator>)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2913
#6  0xf7fb5e1a in protobuf_c_message_unpack (desc=0x565908a0 <foo.test_mess_oneof.descriptor>, allocator=0xf7fbb004 <protobuf_c.allocator>, len=<optimized out>,
    data=0x565931a0 "\212\001") at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:3290
#7  0x56557a5f in test_compare_pack_methods (message=message@entry=0xffffd13c, packed_len_out=packed_len_out@entry=0xffffd134, packed_out=packed_out@entry=0xffffd138)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:81
#8  0x5655e60a in test_oneof_bytes () at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:987
#9  0x5656c833 in main () at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:2382
```

... which makes it sound like it's related to the Clang issue too, and there's something more going on here?

Comment 10 Sam James archtester

2024-12-23 05:13:48 UTC

For amd64 (not multilib as above):

Test: test oneof TestEnumSmall...  done.
Test: test oneof TestEnum...  done.
Test: test oneof string...
Program received signal SIGSEGV, Segmentation fault.
__GI___libc_free (mem=0x41013dd800000000) at malloc.c:3375
3375      if (chunk_is_mmapped (p))                       /* release mmapped memory. */
(gdb) bt
#0  __GI___libc_free (mem=0x41013dd800000000) at malloc.c:3375
#1  0x00007ffff7fb5cf6 in system_free (allocator_data=<optimized out>, data=<optimized out>)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:161
#2  0x00007ffff7fb90fa in do_free (allocator=0x7ffff7fbd010 <protobuf_c.allocator>, data=<optimized out>)
    at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:174
#3  parse_required_member (scanned_member=scanned_member@entry=0x7fffffffdcd0, member=member@entry=0x555555593688, allocator=allocator@entry=0x7ffff7fbd010 <protobuf_c.allocator>,
    maybe_clear=maybe_clear@entry=1) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2560
#4  0x00007ffff7fb93a7 in parse_oneof_member (scanned_member=scanned_member@entry=0x7fffffffdcd0, member=member@entry=0x555555593688, message=message@entry=0x555555593660,
    allocator=allocator@entry=0x7ffff7fbd010 <protobuf_c.allocator>) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2686
#5  0x00007ffff7fb957d in parse_member (scanned_member=scanned_member@entry=0x7fffffffdcd0, message=message@entry=0x555555593660,
    allocator=allocator@entry=0x7ffff7fbd010 <protobuf_c.allocator>) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:2913
#6  0x00007ffff7fb8cd5 in protobuf_c_message_unpack (desc=<optimized out>, allocator=0x7ffff7fbd010 <protobuf_c.allocator>, allocator@entry=0x0, len=len@entry=3,
    data=data@entry=0x5555555932a0 "\202\001") at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/protobuf-c/protobuf-c.c:3290
#7  0x0000555555556a71 in test_compare_pack_methods (message=message@entry=0x7fffffffdfd0, packed_len_out=packed_len_out@entry=0x7fffffffdfc0,
    packed_out=packed_out@entry=0x7fffffffdfc8) at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:81
#8  0x000055555555dff2 in test_oneof_string () at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:976
#9  0x000055555556c312 in main () at /var/tmp/portage/dev-libs/protobuf-c-1.5.0-r3/work/protobuf-c-1.5.0/t/generated-code2/test-generated-code2.c:2382

then

Test: test required default values...  done.
Test: test optional default values...  done.
Test: test optional lowercase enum default value...  done.
Test: test field merge...  done.
Test: test submessage merge... ==165564== Conditional jump or move depends on uninitialised value(s)
==165564==    at 0x4864A13: merge_messages (protobuf-c.c:2275)
==165564==    by 0x4867026: parse_required_member (protobuf-c.c:2619)
==165564==    by 0x48674D8: parse_member (protobuf-c.c:2908)
==165564==    by 0x4866CD4: protobuf_c_message_unpack (protobuf-c.c:3290)
==165564==    by 0x123199: foo__test_mess_sub_mess__unpack (test-full.pb-c.c:1765)
==165564==    by 0x109B96: test_submessage_merge (test-generated-code2.c:1941)
==165564==    by 0x120311: main (test-generated-code2.c:2382)
==165564==
 done.
Test: test free unpacked...  done.
Test: test alloc failure...  done.
Test: test free unpacked input check for null message...  done.
Test: test free unpacked input check for null repeated field...  done.
Test: test required_fields_bitmap...  done.
Test: test field flags...  done.
Test: test message_check()...  done.
Test: test freeing NULL...  done.
==165564==

Comment 11 Sam James archtester

2024-12-23 05:14:16 UTC

With more detail:
```

Test: test optional lowercase enum default value...  done.
Test: test field merge...  done.
Test: test submessage merge... ==165611== Conditional jump or move depends on uninitialised value(s)
==165611==    at 0x4864A13: merge_messages (protobuf-c.c:2275)
==165611==    by 0x4867026: parse_required_member (protobuf-c.c:2619)
==165611==    by 0x48674D8: parse_member (protobuf-c.c:2908)
==165611==    by 0x4866CD4: protobuf_c_message_unpack (protobuf-c.c:3290)
==165611==    by 0x123199: foo__test_mess_sub_mess__unpack (test-full.pb-c.c:1765)
==165611==    by 0x109B96: test_submessage_merge (test-generated-code2.c:1941)
==165611==    by 0x120311: main (test-generated-code2.c:2382)
==165611==  Uninitialised value was created by a heap allocation
==165611==    at 0x4848BD3: malloc (vg_replace_malloc.c:446)
==165611==    by 0x4863D06: system_alloc (protobuf-c.c:154)
==165611==    by 0x48666BF: do_alloc (protobuf-c.c:167)
==165611==    by 0x48666BF: protobuf_c_message_unpack (protobuf-c.c:3063)
==165611==    by 0x48671FE: parse_required_member (protobuf-c.c:2607)
==165611==    by 0x48674D8: parse_member (protobuf-c.c:2908)
==165611==    by 0x4866CD4: protobuf_c_message_unpack (protobuf-c.c:3290)
==165611==    by 0x123199: foo__test_mess_sub_mess__unpack (test-full.pb-c.c:1765)
==165611==    by 0x109B96: test_submessage_merge (test-generated-code2.c:1941)
==165611==    by 0x120311: main (test-generated-code2.c:2382)
==165611==
 done.
Test: test free unpacked...  done.
Test: test alloc failure...  done.
```

Comment 12 Sam James archtester

2024-12-23 05:15:01 UTC

```
                        switch (field->type) {
                        case PROTOBUF_C_TYPE_MESSAGE: {
                                ProtobufCMessage *em = *(ProtobufCMessage **) earlier_elem;
                                ProtobufCMessage *lm = *(ProtobufCMessage **) latter_elem;
                                if (em != NULL) {
                                        if (lm != NULL) { /* <----- uninit here */
                                                if (!merge_messages(em, lm, allocator))
                                                        return FALSE;
                                                /* Already merged */
                                                need_to_merge = FALSE;
                                        } else {
                                                /* Zero copy the message */
                                                need_to_merge = TRUE;
                                        }
                                }
                                break;
                        }
```

Comment 13 Sam James archtester

2024-12-23 05:21:36 UTC

The fix from https://github.com/protobuf-c/protobuf-c/pull/703 for https://github.com/protobuf-c/protobuf-c/issues/690 doesn't fix it.

See https://github.com/protobuf-c/protobuf-c/issues/690#issuecomment-1902671842 especially.

I feel like it's still related.

Comment 14 Larry the Git Cow gentoo-dev

2024-12-23 05:24:25 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab07577ee5982667cee52b561b0334c373ab8612

commit ab07577ee5982667cee52b561b0334c373ab8612
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-12-23 05:23:00 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-12-23 05:23:35 +0000

    dev-libs/protobuf-c: backport memory corruption fix
    
    Note that this *doesn't* fix bug #946366, I just initially thought it did,
    so I mentioned it there.
    
    Bug: https://bugs.gentoo.org/946366
    Signed-off-by: Sam James <sam@gentoo.org>

 .../files/protobuf-c-1.5.0-free-corruption.patch   | 44 +++++++++++++++
 dev-libs/protobuf-c/protobuf-c-1.5.0-r4.ebuild     | 66 ++++++++++++++++++++++
 2 files changed, 110 insertions(+)

Comment 15 Larry the Git Cow gentoo-dev

2025-02-11 08:39:27 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5fa121ef134550dcd6ae98054d380cdfd238bf4d

commit 5fa121ef134550dcd6ae98054d380cdfd238bf4d
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2025-02-11 03:07:12 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2025-02-11 08:39:03 +0000

    dev-libs/protobuf-c: add 1.5.1
    
    Closes: https://bugs.gentoo.org/946366
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-libs/protobuf-c/Manifest                |  1 +
 dev-libs/protobuf-c/protobuf-c-1.5.1.ebuild | 54 +++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+)