NetBSD Problem Report #53634
From www@NetBSD.org Thu Sep 27 16:19:37 2018
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 9E8437A1DB
for <gnats-bugs@gnats.NetBSD.org>; Thu, 27 Sep 2018 16:19:37 +0000 (UTC)
Message-Id: <20180927161936.213EE7A233@mollari.NetBSD.org>
Date: Thu, 27 Sep 2018 16:19:36 +0000 (UTC)
From: coypu@sdf.org
Reply-To: coypu@sdf.org
To: gnats-bugs@NetBSD.org
Subject: mandoc dumps core building from linux
X-Send-Pr-Version: www-1.0
>Number: 53634
>Category: bin
>Synopsis: mandoc dumps core building from linux
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Sep 27 16:20:00 +0000 2018
>Closed-Date: Thu Nov 15 20:04:35 +0000 2018
>Last-Modified: Thu Nov 15 20:04:35 +0000 2018
>Originator: coypu
>Release: NetBSD 8.99.25
>Organization:
>Environment:
Linux lin 4.15.0-34-generic #37-Ubuntu SMP Mon Aug 27 15:21:48 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
>Description:
while building from linux, we dump core in libc man pages (getdirentries). I built with more debug info:
Core was generated by `/home/fly/obj/tooldir.Linux-4.15.0-34-generic-x86_64/bin/nbmandoc -Thtml -Oman='.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000056057b525561 in memcpy (__len=32, __src=0x7fff13df8850, __dest=0x7c841c40) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34
34 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
(gdb) bt
#0 0x000056057b525561 in memcpy (__len=32, __src=0x7fff13df8850, __dest=0x7c841c40) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34
#1 mdoc_argv (mdoc=mdoc@entry=0x56057c82b9e0, line=line@entry=154, tok=tok@entry=MDOC_Bl, reta=reta@entry=0x7fff13df88f8,
pos=pos@entry=0x7fff13df896c, buf=buf@entry=0x56057c82bb30 ".Bl -tag")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc_argv.c:367
#2 0x000056057b527106 in blk_full (mdoc=0x56057c82b9e0, tok=MDOC_Bl, line=154, ppos=1, pos=0x7fff13df896c, buf=0x56057c82bb30 ".Bl -tag")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc_macro.c:1035
#3 0x000056057b5243d4 in mdoc_macro (mdoc=mdoc@entry=0x56057c82b9e0, tok=tok@entry=MDOC_Bl, line=line@entry=154, ppos=<optimized out>,
pos=pos@entry=0x7fff13df896c, buf=buf@entry=0x56057c82bb30 ".Bl -tag")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc.c:86
#4 0x000056057b52459a in mdoc_pmacro (mdoc=mdoc@entry=0x56057c82b9e0, ln=ln@entry=154, buf=buf@entry=0x56057c82bb30 ".Bl -tag", offs=<optimized out>)
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc.c:403
#5 0x000056057b524a7f in mdoc_parseln (mdoc=0x56057c82b9e0, ln=154, buf=0x56057c82bb30 ".Bl -tag", offs=<optimized out>)
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc.c:78
#6 0x000056057b52f9b5 in mparse_buf_r (curp=curp@entry=0x56057c82b2b0, blk=..., i=<optimized out>, start=start@entry=1)
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/read.c:536
#7 0x000056057b52fa9b in mparse_parse_buffer (curp=curp@entry=0x56057c82b2b0, blk=...,
file=file@entry=0x7fff13dfaa0f "/home/fly/src/lib/libc/db/man/mpool.3")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/read.c:703
#8 0x000056057b52fb44 in mparse_readfd (curp=0x56057c82b2b0, fd=<optimized out>, file=0x7fff13dfaa0f "/home/fly/src/lib/libc/db/man/mpool.3")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/read.c:740
#9 0x000056057b50b7b5 in parse (curp=0x7fff13df8bd0, fd=4, file=0x7fff13dfaa0f "/home/fly/src/lib/libc/db/man/mpool.3")
at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/main.c:828
#10 0x000056057b50c789 in main (argc=1, argv=0x7fff13df8d90) at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/main.c:545
>How-To-Repeat:
Build on Ubuntu.
>Fix:
>Release-Note:
>Audit-Trail:
From: Valery Ushakov <uwe@stderr.spb.ru>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/53634: mandoc dumps core building from linux
Date: Fri, 28 Sep 2018 01:56:10 +0300
On Thu, Sep 27, 2018 at 16:20:01 +0000, coypu@sdf.org wrote:
> while building from linux, we dump core in libc man pages (getdirentries). I built with more debug info:
>
> Core was generated by `/home/fly/obj/tooldir.Linux-4.15.0-34-generic-x86_64/bin/nbmandoc -Thtml -Oman='.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 0x000056057b525561 in memcpy (__len=32, __src=0x7fff13df8850, __dest=0x7c841c40) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34
> 34 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
> (gdb) bt
> #0 0x000056057b525561 in memcpy (__len=32, __src=0x7fff13df8850, __dest=0x7c841c40) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34
> #1 mdoc_argv (mdoc=mdoc@entry=0x56057c82b9e0, line=line@entry=154, tok=tok@entry=MDOC_Bl, reta=reta@entry=0x7fff13df88f8,
> pos=pos@entry=0x7fff13df896c, buf=buf@entry=0x56057c82bb30 ".Bl -tag")
> at /home/fly/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mdoc_argv.c:367
[...]
The crash happens b/c the return value from reallocarray is truncated
to 32-bit b/c the prototype is missing:
# compile mandoc/mandoc_aux.lo
cc -g -DOSNAME=\"NetBSD\ 8.99\" -DHAVE_CONFIG_H -I. -D_OPENBSD_SOURCE -I/home/uwe/work/netbsd/build/tools/include/compat -I/home/uwe/work/netbsd/ro/src/tools/compat -DHAVE_NBTOOL_CONFIG_H=1 -D_FILE_OFFSET_BITS=64 -c -o mandoc_aux.lo.o /home/uwe/work/netbsd/ro/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mandoc_aux.c
/home/uwe/work/netbsd/ro/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mandoc_aux.c: In function 'mandoc_reallocarray':
/home/uwe/work/netbsd/ro/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mandoc_aux.c:83:8: warning: implicit declaration of function 'reallocarray'; did you mean 'recallocarray'? [-Wimplicit-function-declaration]
ptr = reallocarray(ptr, num, size);
^~~~~~~~~~~~
recallocarray
/home/uwe/work/netbsd/ro/src/tools/mandoc/../../external/bsd/mdocml/bin/mandoc/../../dist/mandoc_aux.c:83:6: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
ptr = reallocarray(ptr, num, size);
^
The prototype is missing b/c the code assumes that including
<stdlib.h> is enough, but glibc hides reallocarray under __USE_GNU.
test-reallocarray.c doesn't detect this. It also gets the warning
when it's compiled, but that's ignored. The program links ok, since
the symbol is present, so it assumes reallocarray is available.
Forcing the test to fail by adding #error to test-reallocarray.c makes
mandoc happy.
-uwe
From: Ingo Schwarze <schwarze@usta.de>
To: gnats-bugs@NetBSD.org
Cc: Thomas Klausner <wiz@NetBSD.org>, Valery Ushakov <uwe@stderr.spb.ru>,
coypu@sdf.org
Subject: Re: bin/53634: mandoc dumps core building from linux
Date: Fri, 28 Sep 2018 09:38:20 +0200
Hi,
Tlery Ushakovhomas Klausner NetBSD wrote on Fri, Sep 28, 2018 at 01:03:13AM +0200:
Valery Ushakov wrote:
> The crash happens b/c the return value from reallocarray is truncated
> to 32-bit b/c the prototype is missing:
[...]
> The prototype is missing b/c the code assumes that including
> <stdlib.h> is enough, but glibc hides reallocarray under __USE_GNU.
All three of the following define _GNU_SOURCE on Linux:
* the old, outdated ./configure script contained in NetBSD base;
* the improved ./configure script contained in mandoc.bsd.lv HEAD;
* the old, outdated include/config.h contained in NetBSD base.
Is that insufficient?
Do you really mean to say that (some versions of?) glibc require
_GNU_SOURCE for getsubopt(3), strcasestr(3), strptime(3), and
vasprintf(3) but __USE_GNU for reallocarray(3) and recallocarray(3)?
If so, i have to improve the ./configure script upstream.
> test-reallocarray.c doesn't detect this. It also gets the warning
> when it's compiled, but that's ignored.
That was a bug in ./configure which only hit when CFLAGS was manually
defined in configure.local. It was fixed on Aug 15, 2018 in
mandoc.bsd.lv HEAD, ./configure rev. 1.67, following a bug report
from wiz@NetBSD. Now, the test-*.c files are always compiled with
-Werror if the compiler supports that, even if CFLAGS manually set
in configure.local does not contain it.
> The program links ok, since
> the symbol is present, so it assumes reallocarray is available.
>
> Forcing the test to fail by adding #error to test-reallocarray.c makes
> mandoc happy.
That's not the way to do it.
If you want to force using the bundled replacement implementation
of reallocarray(3), say
echo 'HAVE_REALLOCARRAY=0' >> configure.local
see INSTALL and configure.local.example for details.
But you don't want to use the replacement if the function is actually
available in libc. Instead, make sure _GNU_SOURCE (or __USE_GNU?)
is defined in config.h such that the correct #define is set before
including the standard headers.
Yours,
Ingo
From: "Valeriy E. Ushakov" <uwe@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/53634 CVS commit: src/external/bsd/mdocml/dist
Date: Fri, 28 Sep 2018 13:21:37 +0000
Module Name: src
Committed By: uwe
Date: Fri Sep 28 13:21:37 UTC 2018
Modified Files:
src/external/bsd/mdocml/dist: configure
Log Message:
Don't include nbtool_config.h too early. It pulls in system headers
and so #define _GNU_SOURCE afterwards doesn't have any effect on them.
PR bin/53634
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 src/external/bsd/mdocml/dist/configure
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Thu, 15 Nov 2018 20:04:35 +0000
State-Changed-Why:
fixed by uwe.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home