From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 22505 invoked from network); 24 Sep 2021 13:49:14 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 24 Sep 2021 13:49:14 -0000
Received: (qmail 1117 invoked by uid 550); 24 Sep 2021 13:49:11 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 1097 invoked from network); 24 Sep 2021 13:49:10 -0000
Date: Fri, 24 Sep 2021 09:48:58 -0400
From: Rich Felker <dalias@libc.org>
To: Ivo Palli <Ivo.Palli@bytesnet.nl>
Cc: "musl@lists.openwall.com" <musl@lists.openwall.com>
Message-ID: <20210924134857.GG13220@brightrain.aerifal.cx>
References: <PR1PR07MB4908BA643BA38689D2C5D3D2F6A49@PR1PR07MB4908.eurprd07.prod.outlook.com>
 <20210924123717.GE13220@brightrain.aerifal.cx>
 <PR1PR07MB49085E8B6F80D1485FA776F0F6A49@PR1PR07MB4908.eurprd07.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <PR1PR07MB49085E8B6F80D1485FA776F0F6A49@PR1PR07MB4908.eurprd07.prod.outlook.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [musl] Musl compiled gawk coredumps. How to find out where?

On Fri, Sep 24, 2021 at 01:02:27PM +0000, Ivo Palli wrote:
> That helped!
> 
> (gdb) backtrace
> #0  __restore_sigs (set=set@entry=0x7fff62ee5de0) at ./arch/x86_64/syscall_arch.h:40
> #1  0x00000000004cf1c4 in raise (sig=sig@entry=6) at src/signal/raise.c:11
> #2  0x00000000004c96ea in abort () at src/exit/abort.c:11
> #3  0x0000000000452f16 in catchsig (sig=<optimized out>) at main.c:1231
> #4  catchsig (sig=<optimized out>) at main.c:1217
> #5  <signal handler called>
> #6  get_meta (p=p@entry=0x7f4d35d74f50 "\260\232\243\001") at src/malloc/mallocng/meta.h:141
> #7  0x00000000004ca62c in __libc_free (p=0x7f4d35d74f50) at src/malloc/mallocng/free.c:105
> #8  0x0000000000459d57 in r_unref (tmp=tmp@entry=0x7f4d35f5c778) at node.c:492
> #9  0x00000000004456e5 in unref (r=0x7f4d35f5c778) at awk.h:1898
> #10 purge_record () at field.c:360
> #11 0x0000000000445f36 in set_record (
>     buf=0x7f4d34f34cfe "SIZE\t1KB\t192758\t112698119\nSIZE\t4KB\t462090\t1122421206\nSIZE\t16KB\t355596\t3138948391\nSIZE\t64KB\t413028\t13558910172\nSIZE\t256KB\t1014012\t165385758947\nSIZE\t1MB\t2546508\t1346405498466\nSIZE\t10MB\t480844\t1602796961"..., cnt=25, fw=0x0) at field.c:269
> #12 0x000000000044e765 in inrec (iop=<optimized out>, errcode=errcode@entry=0x7fff62ee6cb0) at io.c:608
> #13 0x00000000004414f8 in h_interpret (code=<optimized out>) at interpret..h:1289
> #14 0x0000000000402631 in main (argc=<optimized out>, argv=<optimized out>) at main.c:516
> 
> Little unsure where gawk stops and musl begins. I guess #6 is where
> it goes wrong. Any musl developer want to work with me to figure
> this out?

Line 141 of meta.h is catching double-free. This is almost surely a
bug in gawk, potentially a serious one. Running under valgrind might
tell you more about where the corresponding alloc and previous free
occurred.

Rich