From: Sebastian Kemper <sebastian_ml@gmx.net>
To: musl@lists.openwall.com
Cc: Szabolcs Nagy <nsz@port70.net>
Subject: Re: Asterisk 16 segmentation fault
Date: Thu, 28 Feb 2019 23:01:29 +0100 [thread overview]
Message-ID: <20190228220129.GA2383@darth.lan> (raw)
In-Reply-To: <20190228211901.GJ21289@port70.net>
On Thu, Feb 28, 2019 at 10:19:02PM +0100, Szabolcs Nagy wrote:
> * Sebastian Kemper <sebastian_ml@gmx.net> [2019-02-28 21:27:51 +0100]:
> > I'm not a programmer so I have problems making sense of this. So I'm
> > hoping that maybe one of you can shine a light.
>
> it means dlerror() returned 0 and ast_strdupa calls strlen on
> this return value which segfaults as expected.
>
> it is entirely valid for dlerror() to return 0 if there was no
> error. did the dlopen("res_pjproject.so", flags) call succeed?
> i.e. mod->lib != 0 ?.
Hello Szabolcs,
Thanks for your reply. And thanks to Rich & Jeffrey as well, of course.
Again I'm blown away by how fast one gets a reply on the musl list :-)
I stepped through it again and tried to get the value of mod->lib:
952 if (resource_being_loaded) {
(gdb) step
951 mod->lib = dlopen(filename, flags);
(gdb) step
952 if (resource_being_loaded) {
(gdb) p mod->lib
$10 = (void *) 0x5fc210
(gdb) p mod->lib
$11 = (void *) 0x5fc210
(gdb) p mod->lib
$12 = (void *) 0x5fc210
(gdb) p mod->lib
$13 = (void *) 0x5fc210
(gdb) p (*mod).lib
$14 = (void *) 0x5fc210
(gdb) p (*mod).li
There is no member named li.
(gdb) p (*mod).lib
$15 = (void *) 0x5fc210
(gdb) step
955 const char *dlerror_msg = ast_strdupa(dlerror());
(gdb) step
Thread 1 "asterisk" received signal SIGSEGV, Segmentation fault.
strlen (s=0x0, s@entry=0x48d79d <load_dynamic_module+120> "\t\360\"\223\f\234\200\353\216#\005\032\240z\364e") at src/string/strlen.c:17
17 for (w = (const void *)s; !HASZERO(*w); w++);
(gdb)
So if I'm not mistaken mod->lib is indeed != 0.
> e.g. the segfault can be avoided by
>
> - const char *dlerror_msg = ast_strdupa(dlerror());
> + const char *dlerror_msg = dlerror(); dlerror_msg = ast_strdupa(dlerror_msg ? dlerror_msg : "");
>
> but we would need to know what this code is trying to do
> (and how it worked before) for a proper fix.
astmm.h defines ast_strdupa() like this:
#if !defined(ast_strdupa) && defined(__GNUC__)
/*!
* \brief duplicate a string in memory from the stack
* \param s The string to duplicate
*
* This macro will duplicate the given string. It returns a pointer to the stack
* allocatted memory for the new string.
*/
#define ast_strdupa(s) \
(__extension__ \
({ \
const char *__old = (s); \
size_t __len = strlen(__old) + 1; \
char *__new = __builtin_alloca(__len); \
memcpy (__new, __old, __len); \
__new; \
}))
#endif
This define is the same in both Asterisk 15 and 16 (the define only has
moved from include/asterisk/utils.h to include/asterisk/astmm.h).
The 'static struct ast_module *load_dlopen()' in which it's used has
changed, though, between Asterisk 15 and 16:
@@ -569,13 +950,60 @@
resource_being_loaded = mod;
mod->lib = dlopen(filename, flags);
if (resource_being_loaded) {
+ struct ast_str *list;
+ int c = 0;
+ const char *dlerror_msg = ast_strdupa(dlerror());
+
resource_being_loaded = NULL;
if (mod->lib) {
- ast_log(LOG_ERROR, "Module '%s' did not register itself during load\n", resource_in);
+ module_load_error("Module '%s' did not register itself during load\n", resource_in);
logged_dlclose(resource_in, mod->lib);
- } else if (!suppress_logging) {
- ast_log(LOG_WARNING, "Error loading module '%s': %s\n", resource_in, dlerror());
+
+ goto error_return;
+ }
+
+ if (suppress_logging) {
+ goto error_return;
}
+
+ resource_being_loaded = mod;
+ mod->lib = dlopen(filename, RTLD_LAZY | RTLD_LOCAL);
+ if (resource_being_loaded) {
+ resource_being_loaded = NULL;
+
+ module_load_error("Error loading module '%s': %s\n", resource_in, dlerror_msg);
+ logged_dlclose(resource_in, mod->lib);
+
+ goto error_return;
+ }
+
+ list = ast_str_create(64);
+ if (list) {
+ if (module_post_register(mod)) {
+ goto loaded_error;
+ }
+
+ c = load_dlopen_missing(&list, &mod->requires);
+ c += load_dlopen_missing(&list, &mod->enhances);
+#ifndef OPTIONAL_API
+ c += load_dlopen_missing(&list, &mod->optional_modules);
+#endif
+ }
+
+ if (list && ast_str_strlen(list)) {
+ module_load_error("Error loading module '%s', missing %s: %s\n",
+ resource_in, c == 1 ? "dependency" : "dependencies", ast_str_buffer(list));
+ } else {
+ module_load_error("Error loading module '%s': %s\n", resource_in, dlerror_msg);
+ }
+
+loaded_error:
+ ast_free(list);
+ unload_dynamic_module(mod);
+
+ return NULL;
+
+error_return:
ast_free(mod);
return NULL;
@@ -584,12 +1012,11 @@
So 'const char *dlerror_msg' seems to only be used for logging purposes.
Should I give the proposed change a spin?
I'm off to bed now. I would get back to you tomorrow evening.
Again thank you all, much appreciated!
With kind regards,
Seb
next prev parent reply other threads:[~2019-02-28 22:01 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-28 20:27 Sebastian Kemper
2019-02-28 21:15 ` Rich Felker
2019-02-28 21:32 ` Jeffrey Walton
2019-02-28 21:19 ` Szabolcs Nagy
2019-02-28 22:01 ` Sebastian Kemper [this message]
2019-03-02 17:16 ` Sebastian Kemper
2019-03-02 17:36 ` Rich Felker
2019-03-02 17:59 ` Sebastian Kemper
2019-05-27 20:14 ` Sebastian Kemper
2019-05-28 20:21 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190228220129.GA2383@darth.lan \
--to=sebastian_ml@gmx.net \
--cc=musl@lists.openwall.com \
--cc=nsz@port70.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).