[Pkg-javascript-devel] Bug#922075: npm: segfault during extract on i386
Ondrej Zary
ondrej at zary.sk
Fri Sep 17 13:29:10 BST 2021
I've just hit this bug while upgrading gitlab from stretch to buster.
"yarnpkg install" (run in postinst) segfaults:
Thread 1 "node" received signal SIGSEGV, Segmentation fault.
0xf6fdfb5b in node::fs::FSReqWrap::~FSReqWrap() () from /usr/lib/i386-linux-gnu/libnode.so.64
#0 0xf6fdfb5b in node::fs::FSReqWrap::~FSReqWrap() () from /usr/lib/i386-linux-gnu/libnode.so.64
#1 0xf6fd0a43 in node::fs::FSReqAfterScope::~FSReqAfterScope() () from /usr/lib/i386-linux-gnu/libnode.so.64
#2 0xf6fd14fe in node::fs::AfterInteger(uv_fs_s*) () from /usr/lib/i386-linux-gnu/libnode.so.64
#3 0xf6a8b662 in uv.work_done () from /usr/lib/i386-linux-gnu/libuv.so.1
#4 0xf6a8fb81 in ?? () from /usr/lib/i386-linux-gnu/libuv.so.1
#5 0xf6aa14d8 in uv.io_poll () from /usr/lib/i386-linux-gnu/libuv.so.1
#6 0xf6a90568 in uv_run () from /usr/lib/i386-linux-gnu/libuv.so.1
#7 0xf6f9ec76 in node::Start(v8::Isolate*, node::IsolateData*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >,
#8 0xf6f9cc97 in node::Start(int, char**) () from /usr/lib/i386-linux-gnu/libnode.so.64
#9 0x08049158 in main ()
Dump of assembler code for function _ZN4node2fs9FSReqWrapD0Ev:
0xf6fdfb10 <+0>: push %ebp
0xf6fdfb11 <+1>: mov %esp,%ebp
0xf6fdfb13 <+3>: push %esi
0xf6fdfb14 <+4>: push %ebx
0xf6fdfb15 <+5>: mov 0x8(%ebp),%esi
0xf6fdfb18 <+8>: call 0xf6f4d7e0
0xf6fdfb1d <+13>: add $0xfb8daf,%ebx
0xf6fdfb23 <+19>: mov 0x14240(%ebx),%eax
0xf6fdfb29 <+25>: add $0x8,%eax
0xf6fdfb2c <+28>: mov %eax,(%esi)
0xf6fdfb2e <+30>: mov 0x168(%esi),%eax
0xf6fdfb34 <+36>: test %eax,%eax
0xf6fdfb36 <+38>: je 0xf6fdfb4e <_ZN4node2fs9FSReqWrapD0Ev+62>
0xf6fdfb38 <+40>: lea 0x16c(%esi),%edx
0xf6fdfb3e <+46>: cmp %edx,%eax
0xf6fdfb40 <+48>: je 0xf6fdfb4e <_ZN4node2fs9FSReqWrapD0Ev+62>
0xf6fdfb42 <+50>: sub $0xc,%esp
0xf6fdfb45 <+53>: push %eax
0xf6fdfb46 <+54>: call 0xf6f2b630 <free at plt>
0xf6fdfb4b <+59>: add $0x10,%esp
0xf6fdfb4e <+62>: mov 0x14c(%esi),%eax
0xf6fdfb54 <+68>: test %eax,%eax
0xf6fdfb56 <+70>: je 0xf6fdfb64 <_ZN4node2fs9FSReqWrapD0Ev+84>
0xf6fdfb58 <+72>: sub $0xc,%esp
=> 0xf6fdfb5b <+75>: mov (%eax),%edx
0xf6fdfb5d <+77>: push %eax
0xf6fdfb5e <+78>: call *0x4(%edx)
0xf6fdfb61 <+81>: add $0x10,%esp
0xf6fdfb64 <+84>: mov 0x16ec8(%ebx),%eax
0xf6fdfb6a <+90>: mov 0x4(%esi),%ecx
0xf6fdfb6d <+93>: add $0x8,%eax
0xf6fdfb70 <+96>: mov %eax,(%esi)
0xf6fdfb72 <+98>: test %ecx,%ecx
0xf6fdfb74 <+100>: je 0xf6fdfba8 <_ZN4node2fs9FSReqWrapD0Ev+152>
0xf6fdfb76 <+102>: mov 0x20(%esi),%edx
0xf6fdfb79 <+105>: mov 0x24(%esi),%eax
0xf6fdfb7c <+108>: sub $0xc,%esp
0xf6fdfb7f <+111>: mov %eax,0x4(%edx)
0xf6fdfb82 <+114>: mov %edx,(%eax)
0xf6fdfb84 <+116>: push %esi
0xf6fdfb85 <+117>: call 0xf6f38eb0 <_ZN4node9AsyncWrapD2Ev at plt>
0xf6fdfb8a <+122>: pop %eax
0xf6fdfb8b <+123>: pop %edx
0xf6fdfb8c <+124>: push $0x1ac
0xf6fdfb91 <+129>: push %esi
0xf6fdfb92 <+130>: call 0xf6f152c0 <_ZdlPvj at plt>
0xf6fdfb97 <+135>: add $0x10,%esp
0xf6fdfb9a <+138>: lea -0x8(%ebp),%esp
0xf6fdfb9d <+141>: pop %ebx
0xf6fdfb9e <+142>: pop %esi
0xf6fdfb9f <+143>: pop %ebp
0xf6fdfba0 <+144>: ret
0xf6fdfba1 <+145>: lea 0x0(%esi,%eiz,1),%esi
0xf6fdfba8 <+152>: sub $0xc,%esp
0xf6fdfbab <+155>: pushl 0x16978(%ebx)
0xf6fdfbb1 <+161>: call 0xf6f1fcb0 <_ZN4node6AssertEPA4_KPKc at plt>
This is on a 64-bit CPU (P4) running i386 userspace. This does not look like a CPU problem.
It simply crashed in a C++ code.
nodejs 10.24.0~dfsg-1~deb10u1
yarnpkg 1.22.4-5~bpo10+1
--
Ondrej Zary
More information about the Pkg-javascript-devel
mailing list