From mboxrd@z Thu Jan  1 00:00:00 1970
From: john at keeping.me.uk (John Keeping)
Date: Wed, 16 Aug 2017 09:36:28 +0100
Subject: cgit segfaults
In-Reply-To: <20170816012652.00e95163@home.rlworkman.net>
References: <20170816012652.00e95163@home.rlworkman.net>
Message-ID: <20170816083628.GC1987@john.keeping.me.uk>

On Wed, Aug 16, 2017 at 01:26:52AM -0500, Robby Workman wrote:
> We're running cgit-1.1 with git-2.10.4 at https://git.slackbuilds.org and are seeing
> some reproducible segfaults.
> 
> root at git:/var/log# dmesg -T
> [Wed Aug 16 01:14:23 2017] traps: cgit.cgi[2210] general protection ip:4515bd sp:7ffd787a9470 error:0 in cgit.cgi[400000+103000]
> 
> This can be reliably triggered (i.e. every time) with at least one particular link (I'll share it 
> privately with cgit devs, but since I don't know if there's any security impact, I'm not going
> to put it out on the list as yet).
> 
> I've applied 1b4ef6783a71962f8b5da3a23f283 and c699866699411346c5dba4064575
> from git master since they appeared to address some segfaults, but apparently they were
> unrelated to whatever it is that we're seeing. 
> 
> Aside from (obviously) sharing the reproducer, any tips on debugging this? We of course
> have a strong preference for debugging tips that don't impact services on the machine,
> but if needed, we'll do what we have to do...

You can run cgit from the command line with your config and the URL
using something like:

	CGIT_CONFIG=/path/to/cgitrc QUERY_STRING=url=cgit/repo/... cgit

This is what the tests do in tests/setup.sh::cgit_url().

That should allow you to build a debug binary and reproduce under that
without a webserver involved, which means you can run under gdb or
valgrind.