Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 686914

Summary: net-libs/libvncserver-0.9.12: wstest fails with SIGBUS
Product: Gentoo Linux Reporter: Rolf Eike Beer <eike>
Component: Current packagesAssignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed>
Status: RESOLVED FIXED    
Severity: normal CC: alexander
Priority: Normal Keywords: PullRequest, TESTFAILURE
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/LibVNC/libvncserver/pull/308
https://github.com/gentoo/gentoo/pull/12359
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 371525, 684596    
Attachments: build.log

Description Rolf Eike Beer archtester 2019-05-28 15:34:44 UTC
Created attachment 577932 [details]
build.log

Program received signal SIGBUS, Bus error.
0xf7f949b4 in hybiReadAndDecode () from /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12-.sparc32/libvncserver.so.1
(gdb) bt
#0  0xf7f949b4 in hybiReadAndDecode () from /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12-.sparc32/libvncserver.so.1
#1  0xf7f950d4 in webSocketsDecodeHybi () from /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12-.sparc32/libvncserver.so.1
#2  0x70000a0c in main ()

I'll try to get a proper backtrace with debug symbols.
Comment 1 Rolf Eike Beer archtester 2019-05-28 15:39:46 UTC
I replaced the access in line 386 that gcc warns about with memcpy, and the next is this one:

#0  hybiReadAndDecode (wsctx=0xffff2500, dst=0xffff24c4 "", len=6, sockRet=0xffff2460, nInBuf=<optimized out>) at /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12/libvncserver/ws_decode.c:389
#1  0xf7f95114 in webSocketsDecodeHybi (wsctx=0xffff2500, dst=0xffff24c4 "", len=6) at /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12/libvncserver/ws_decode.c:512
#2  0x70000a0c in run_test (ctx=0xffff2500, ft=0x70012118 <tests>) at /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12/test/wstest.c:132
#3  main () at /var/tmp/portage/net-libs/libvncserver-0.9.12/work/libvncserver-LibVNCServer-0.9.12/test/wstest.c:189
Comment 2 Rolf Eike Beer archtester 2019-05-28 16:28:01 UTC
Ok, the memcpy was completely wrong, as that is an array, not a single value. The fix is to completely delete data32 and replace the loop that uses it with this:

  for (i = 0; i < (toDecode >> 2); i++) {
    uint32_t tmp;
    memcpy(&tmp, data + i * sizeof(tmp), sizeof(tmp));
    tmp ^= wsctx->header.mask.u;
    memcpy(data + i * sizeof(tmp), &tmp, sizeof(tmp));
  }

Then all tests pass for me. Will report upstream.
Comment 3 Larry the Git Cow gentoo-dev 2019-07-16 17:16:34 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=594b7ead9c34a3970c3e37f252a24869452fbf8f

commit 594b7ead9c34a3970c3e37f252a24869452fbf8f
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2019-06-30 14:01:53 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2019-07-16 17:16:22 +0000

    net-libs/libvncserver: add fix for unaligned access crash
    
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
    Package-Manager: Portage-2.3.66, Repoman-2.3.11
    Closes: https://bugs.gentoo.org/686914
    Closes: https://github.com/gentoo/gentoo/pull/12359
    Closes: https://github.com/gentoo/gentoo/pull/12359
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 .../libvncserver-0.9.12-sparc-unaligned.patch      | 40 +++++++++++++
 .../libvncserver/libvncserver-0.9.12-r2.ebuild     | 68 ++++++++++++++++++++++
 2 files changed, 108 insertions(+)