From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/13654 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Szabolcs Nagy Newsgroups: gmane.linux.lib.musl.general Subject: Re: Infinite loop in malloc Date: Sat, 26 Jan 2019 14:59:26 +0100 Message-ID: <20190126135926.GZ21289@port70.net> References: <20190125151350.GB20330@r> <20190125222832.GW21289@port70.net> <20190125231136.GX21289@port70.net> <20190126013014.GX23599@brightrain.aerifal.cx> Reply-To: musl@lists.openwall.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="43716"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: Mutt/1.10.1 (2018-07-13) Cc: r yang To: musl@lists.openwall.com Original-X-From: musl-return-13670-gllmg-musl=m.gmane.org@lists.openwall.com Sat Jan 26 14:59:43 2019 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.89) (envelope-from ) id 1gnOUn-000BHH-LD for gllmg-musl@m.gmane.org; Sat, 26 Jan 2019 14:59:41 +0100 Original-Received: (qmail 24488 invoked by uid 550); 26 Jan 2019 13:59:39 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 24468 invoked from network); 26 Jan 2019 13:59:38 -0000 Mail-Followup-To: musl@lists.openwall.com, r yang Content-Disposition: inline In-Reply-To: <20190126013014.GX23599@brightrain.aerifal.cx> Xref: news.gmane.org gmane.linux.lib.musl.general:13654 Archived-At: * Rich Felker [2019-01-25 20:30:14 -0500]: > On Sat, Jan 26, 2019 at 12:11:37AM +0100, Szabolcs Nagy wrote: > > * Szabolcs Nagy [2019-01-25 23:28:32 +0100]: > > > * r yang [2019-01-25 10:13:50 -0500]: > > > > pmbootstrap is a development environment to build/install postmarketOS > > > > (based on Alpine Linux) for Android devices. One of the things it does > > > > is use qemu static to emulate an ARM based Alpine Linux chroot > > > > environment. > > > > > > > > There is a bug while compiling certain packages in the qemu ARM chroot. > > > > The qemu process can get stuck in an infinite loop when calling malloc. > > > > > > > > pmbootstrap uses Alpine Linux edge repositories. It's using the current > > > > musl package version 1.1.20. > > > > > > > > Here is a gdb backtrace. > > > > #0 malloc (n=, n@entry=9) at src/malloc/malloc.c:320 > > > > #1 0x0000000060184ad3 in g_malloc (n_bytes=n_bytes@entry=9) at gmem.c:99 > > > > #2 0x000000006018bcab in g_strdup (str=, str@entry=0x60200abf "call_rcu") at gstrfuncs.c:363 > > > > #3 0x000000006016e31d in qemu_thread_create (thread=thread@entry=0x7ffe89fb1a10, name=name@entry=0x60200abf "call_rcu", > > > > start_routine=start_routine@entry=0x60174c00 , arg=arg@entry=0x0, mode=mode@entry=1) at /home/pmos/build/src/qemu-3.1.0/util/qemu-thread-posix.c:526 > > > > #4 0x0000000060174b99 in rcu_init_complete () at /home/pmos/build/src/qemu-3.1.0/util/rcu.c:327 > > > > #5 0x00000000601c4fac in __fork_handler (who=1) at src/thread/pthread_atfork.c:26 > > > > #6 0x00000000601be8db in fork () at src/process/fork.c:33 > > > > it seems the issue is simply that qemu-arm-static is a multi-threaded > > process and here it forks and calls malloc in the fork handler of > > the child process. > > > > it's easy to imagine that if fork runs concurrently with a free > > the malloc state remains corrupted in the child hence the malloc > > fails there. > > > > i'm not sure if musl can detect or fix this up easily. > > In that case it's undefined behavior by qemu. After a multithreaded > process forks, the child process is permanently in an async signal > context. Calling malloc or any other AS-unsafe function is undefined. > > Without knowing what qemu is trying to do, it's not clear how fixable > this might be. reported at https://bugs.launchpad.net/qemu/+bug/1813398