Bug#889878: closed by Picca Frédéric-Emmanuel <picca at debian.org> (Bug#889878: fixed in hkl 5.0.0.2449-1)
Bernhard Übelacker
bernhardu at mailbox.org
Sat Aug 4 01:14:56 BST 2018
Hello,
tried have a look at this crash.
The hkl-5.0.0.2449/Documentation/figures/.libs/sirius executable makes
use of makecontext/swapcontext to execute function trajectory_gen_generator__.
But it looks like the argument given to makecontext got truncated to 32 bits.
So I looked for HAVE_POINTER_SAFE_MAKECONTEXT that is currently defined as 0.
hkl-5.0.0.2449/hkl/ccan/ccan_config.h
That file looks like generated by configurator executable.
hkl-5.0.0.2449/hkl/ccan/configurator.c
./configurator gcc > ccan_config.h.tmp && mv ccan_config.h.tmp ccan_config.h
Extracted the test for HAVE_POINTER_SAFE_MAKECONTEXT into test.c.
But unfortunately that one is also crashing and therefore configurator defines to 0.
[Sa Aug 4 02:11:49 2018] configurator.ou[17970]: segfault at 55c8595ccff8 ip 00007f8b36e50fc0 sp 000055c8595cd000 error 7 in ld-2.27.so[7f8b36e42000+1e000]
[Sa Aug 4 02:12:27 2018] sirius[20492]: segfault at 38093728 ip 00005649371a701f sp 0000564938092f40 error 4 in sirius[56493717c000+2c000]
$ gcc -g -O0 test.c -o test
$ gdb -q --args ./test
Reading symbols from ./test...done.
(gdb) run
Starting program: /home/benutzer/hkl/try1/test
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7fe4fc0 in _dl_name_match_p (name=0x555555554421 "libc.so.6", map=map at entry=0x7ffff7ffe170) at dl-misc.c:283
283 dl-misc.c: Datei oder Verzeichnis nicht gefunden.
(gdb) bt
#0 0x00007ffff7fe4fc0 in _dl_name_match_p (name=0x555555554421 "libc.so.6", map=map at entry=0x7ffff7ffe170) at dl-misc.c:283
#1 0x00007ffff7fde64e in do_lookup_x (undef_name=undef_name at entry=0x555555554442 "setcontext", new_hash=new_hash at entry=3641973206, old_hash=old_hash at entry=0x555555558140 <stack+160>, ref=0x555555554390,
result=result at entry=0x555555558150 <stack+176>, scope=<optimized out>, i=<optimized out>, version=0x7ffff7fbe560, flags=1, skip=<optimized out>, type_class=1, undef_map=0x7ffff7ffe170) at dl-lookup.c:541
#2 0x00007ffff7fdf217 in _dl_lookup_symbol_x (undef_name=0x555555554442 "setcontext", undef_map=0x7ffff7ffe170, ref=ref at entry=0x5555555581e8 <stack+328>, symbol_scope=0x7ffff7ffe4c8, version=0x7ffff7fbe560,
type_class=type_class at entry=1, flags=1, skip_map=<optimized out>) at dl-lookup.c:813
#3 0x00007ffff7fe38c3 in _dl_fixup (l=<optimized out>, reloc_arg=<optimized out>) at ../elf/dl-runtime.c:112
#4 0x00007ffff7fea3c3 in _dl_runtime_resolve_fxsave () at ../sysdeps/x86_64/dl-trampoline.h:125
#5 0x00005555555551b5 in fn (p=0x555555558080 <worked>, q=0xffffaaaaaaaa7f7f) at test.c:11
#6 0x00007ffff7e4c600 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#7 0x0000000000000000 in ?? ()
(gdb) list test.c:1,+23
1 #include <stddef.h>
2 #include <ucontext.h>
3 static int worked = 0;
4 static char stack[1024];
5 static ucontext_t a, b;
6 static void fn(void *p, void *q) {
7 void *cp = &worked;
8 void *cq = (void *)(~((ptrdiff_t)cp));
9 if ((p == cp) && (q == cq))
10 worked = 1;
11 setcontext(&b);
12 }
13 int main(void) {
14 void *ap = &worked;
15 void *aq = (void *)(~((ptrdiff_t)ap));
16 getcontext(&a);
17 a.uc_stack.ss_sp = stack;
18 a.uc_stack.ss_size = sizeof(stack);
19 makecontext(&a, (void (*)(void))fn, 2, ap, aq);
20 swapcontext(&b, &a);
21 return worked ? 0 : 1;
22 }
23
This test is crashing also at a stretch amd64 VM, but is
working in a jessie amd64 VM.
By using swapcontext instead of setcontext (like in attached
patch) the test succeeds, HAVE_POINTER_SAFE_MAKECONTEXT get defined
to 1, and the package could be built successfully, at least in my
buster amd64 VM.
Kind regards,
Bernhard
export LD_LIBRARY_PATH=/home/benutzer/hkl/try1/hkl-5.0.0.2449/hkl/.libs
benutzer at debian:~/hkl/try1/hkl-5.0.0.2449/Documentation/figures$ gdb --q --args .libs/sirius
directory /home/benutzer/hkl/try1/hkl-5.0.0.2449/hkl
directory /home/benutzer/hkl/try1/hkl-5.0.0.2449/hkl/api2
directory /home/benutzer/hkl/try1/hkl-5.0.0.2449/hkl/ccan/coroutine
directory /home/benutzer/hkl/try1/hkl-5.0.0.2449/hkl/ccan/generator
set height 0
set width 0
set pagination off
b main
run
b coroutine.c:226
record
cont
(gdb) bt
#0 0x0000555555592c97 in coroutine_init_ (cs=cs at entry=0x5555555c5fd0, fn=fn at entry=0x555555594000 <trajectory_gen_generator__>, arg=arg at entry=0x5555555c6730, stack=stack at entry=0x5555555c5fb8) at coroutine/coroutine.c:210
#1 0x0000555555592d93 in generator_new_ (fn=0x555555594000 <trajectory_gen_generator__>, retsize=<optimized out>) at generator/generator.c:41
#2 0x0000555555594585 in trajectory_gen (tconfig=...) at hkl2.c:246
#3 0x0000555555594639 in Trajectory_solve (tconfig=..., gconfig=..., sconfig=..., move=1) at hkl2.c:288
#4 0x00005555555697cc in main () at sirius.c:161
(gdb) list coroutine.c:193,+20
193 #if HAVE_UCONTEXT
194 void coroutine_init_(struct coroutine_state *cs,
195 void (*fn)(void *), void *arg,
196 struct coroutine_stack *stack)
197 {
198 getcontext (&cs->uc);
199
200 coroutine_uc_stack(&cs->uc.uc_stack, stack);
201
202 if (HAVE_POINTER_SAFE_MAKECONTEXT) {
203 makecontext(&cs->uc, (void *)fn, 1, arg);
204 } else {
205 ptrdiff_t si = ptr2int(arg);
206 ptrdiff_t mask = (1UL << (sizeof(int) * 8)) - 1;
207 int lo = si & mask;
208 int hi = si >> (sizeof(int) * 8);
209
210 makecontext(&cs->uc, (void *)fn, 2, lo, hi);
211 }
212
213 }
(gdb) print fn
$1 = (void (*)(void *)) 0x555555594000 <trajectory_gen_generator__>
(gdb) print/x arg
$3 = 0x5555555c6730
(gdb) print/x hi
$4 = 0x5555
(gdb) print/x lo
$5 = 0x555c6730
(gdb) bt
#0 0x0000555555592cf0 in coroutine_switch (from=from at entry=0x5555555c6378, to=to at entry=0x5555555c5fd0) at coroutine/coroutine.c:226
#1 0x000055555559478e in generator_next_ (ret_=0x5555555c6730) at ../../hkl/ccan/generator/generator.h:191
#2 0x000055555559478e in Trajectory_solve (tconfig=..., gconfig=..., sconfig=..., move=1) at hkl2.c:298
#3 0x00005555555697cc in main () at sirius.c:161
(gdb) list coroutine.c:220,+8
220
221 void coroutine_switch(struct coroutine_state *from,
222 const struct coroutine_state *to)
223 {
224 int rc;
225
226 rc = swapcontext(&from->uc, &to->uc);
227 assert(rc == 0);
228 }
Program received signal SIGSEGV, Segmentation fault.
trajectory_gen_generator__ (ret=0x555c6730) at hkl2.c:246
246 generator_def(trajectory_gen, struct Engine, struct Trajectory, tconfig)
(gdb) bt full
#0 0x000055555559401f in generator_argp_ (ret=0x555c6730) at ../../hkl/ccan/generator/generator.h:44
gen = 0x555c5fd0
args = <optimized out>
#1 0x000055555559401f in trajectory_gen_generator__ (ret=0x555c6730) at hkl2.c:246
gen = 0x555c5fd0
args = <optimized out>
#2 0x00007ffff7268600 in __start_context () at /lib/x86_64-linux-gnu/libc.so.6
#3 0x0000000000000000 in ()
(gdb) list hkl2.c:246
246 generator_def(trajectory_gen, struct Engine, struct Trajectory, tconfig)
247 {
(gdb) list generator.h:145
145 #define generator_def(name_, rtype_, ...) \
146 generator_def_(name_, rtype_, , __VA_ARGS__)
(gdb) list generator.h:119
119 #define generator_def_(name_, rtype_, storage_, ...) \
...
122 static void name_##_generator__(void *ret) \
123 { \
124 struct generator_ *gen; \
125 UNNEEDED generator_argstruct_(__VA_ARGS__) *args; \
126 gen = generator_state_(ret); \
127 args = generator_argp_(ret); \
128 name_##_generator_(ret generator_args_unpack_(__VA_ARGS__)); \
129 gen->complete = true; \
130 coroutine_jump(&gen->caller); \
131 assert(0); \
132 } \
...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 889878-make-test-for-pointer-safe-makecontext-succeed.patch
Type: text/x-patch
Size: 511 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-science-maintainers/attachments/20180804/0d531bc4/attachment-0001.bin>
More information about the debian-science-maintainers
mailing list