git-apply segfault.

git-apply segfault.

[Dave Jones]

I managed to get git-apply to segfault.

(18:35:37:davej@hera:agpgart)$ apply-mbox ~/Mail/mbox

Applying 'help text updates'

/home/davej/bin/applypatch: line 64: 17990 Segmentation fault      (core dumped) git-apply --index $PATCHFILE
(18:35:40:davej@hera:agpgart)$ file core
core: ELF 64-bit LSB core file AMD x86-64, version 1 (SYSV), SVR4-style, from 'git-apply'
(18:35:45:davej@hera:agpgart)$ gdb `which git-apply` core
GNU gdb Red Hat Linux (6.3.0.0-1.84rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread_db library "/lib64/libthread_db.so.1".

Core was generated by `git-apply --index .dotest/patch'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib64/libz.so.1...done.
Loaded symbols for /usr/lib64/libz.so.1
Reading symbols from /lib64/libcrypto.so.5...done.
Loaded symbols for /lib64/libcrypto.so.5
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
#0  0x0000003287f73474 in memset () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003287f73474 in memset () from /lib64/libc.so.6
#1  0x0000003287f6c92a in calloc () from /lib64/libc.so.6
#2  0x0000000000407399 in read_cache () at read-cache.c:537
#3  0x0000000000404e1b in apply_patch (fd=-1) at apply.c:1749
#4  0x0000000000405632 in main (argc=3, argv=0x7fffff841c38) at apply.c:1860
#5  0x0000003287f1c3cf in __libc_start_main () from /lib64/libc.so.6
#6  0x0000000000402459 in _start ()
#7  0x00007fffff841c28 in ?? ()
#8  0x0000000000000000 in ?? ()


git on hera is 1.1.6-1

		Dave

Re: git-apply segfault.

[Linus Torvalds]

On Fri, 10 Feb 2006, Dave Jones wrote:
>
> (gdb) bt
> #0  0x0000003287f73474 in memset () from /lib64/libc.so.6
> #1  0x0000003287f6c92a in calloc () from /lib64/libc.so.6
> #2  0x0000000000407399 in read_cache () at read-cache.c:537

Ouch. Looks like malloc heap corruption.

> git on hera is 1.1.6-1

Can you try running "valgrind" on it? That should show what corrupts the 
heap.

		Linus

Re: git-apply segfault.

[Dave Jones]

On Fri, Feb 10, 2006 at 11:22:46AM -0800, Linus Torvalds wrote:
 > 
 > 
 > On Fri, 10 Feb 2006, Dave Jones wrote:
 > >
 > > (gdb) bt
 > > #0  0x0000003287f73474 in memset () from /lib64/libc.so.6
 > > #1  0x0000003287f6c92a in calloc () from /lib64/libc.so.6
 > > #2  0x0000000000407399 in read_cache () at read-cache.c:537
 > 
 > Ouch. Looks like malloc heap corruption.

Indeed. Self-inflicted in this case.

 > > git on hera is 1.1.6-1
 > Can you try running "valgrind" on it? That should show what corrupts the 
 > heap.

Actually it's a glibc bug (fixed last September, but not backported to older releases).
Jakub is working on an FC4 update.

(It also only hits you if you're a loony and have something like
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 in your ~/.bashrc)

		Dave

git-apply segfault

[Andy Parkins]

Hello,

I've not got time to investigate this further just now, I'll try later.  In 
case anyone else wants to though; I just got this core dump when running git 
rebase using current git master (1.5.3.4.206.g58ba4):

Core was generated by `git 
apply --allow-binary-replacement --index .dotest/patch'.
Program terminated with signal 11, Segmentation fault.
#0  0xb7cd42a0 in memchr () from /lib/i686/cmov/libc.so.6
(gdb) bt
#0  0xb7cd42a0 in memchr () from /lib/i686/cmov/libc.so.6
#1  0x080c0931 in convert_to_git (path=0x8129a88 "ui/dmswindow.cc", 
src=0xb7c3d008 <Address 0xb7c3d008 out of bounds>, len=88306, dst=0xbfb689bc)
    at convert.c:428
#2  0x0804ecfd in check_patch_list (patch=0x81299d0) at builtin-apply.c:1434
#3  0x080510fa in apply_patch (fd=1, filename=0xffffffff <Address 0xffffffff 
out of bounds>, inaccurate_eof=1) at builtin-apply.c:2686
#4  0x0805233e in cmd_apply (argc=4, argv=0xbfb69d18, unused_prefix=0x0) at 
builtin-apply.c:2853
#5  0x0804ab3b in handle_internal_command (argc=4, argv=0xbfb69d18) at 
git.c:284
#6  0x0804b19f in main (argc=2037149808, argv=0x612d2d00) at git.c:467

It was (unfortunately) on a private repository so I can't share it for 
testing, but am happy to do tests if wanted.



Andy
-- 
Dr Andy Parkins, M Eng (hons), MIET
andyparkins@gmail.com

Re: git-apply segfault

[Pierre Habouzit]

[-- Attachment #1: Type: text/plain, Size: 734 bytes --]

On Wed, Oct 17, 2007 at 10:00:01AM +0000, Andy Parkins wrote:
> Hello,
> 
> I've not got time to investigate this further just now, I'll try later.  In 
> case anyone else wants to though; I just got this core dump when running git 
> rebase using current git master (1.5.3.4.206.g58ba4):

  It's not the current master, it's an old one, the fix is in:
90d16ec032b20f9f1146f3aceca12165aba3b6d6

  You must fetch from spearce.git[0] that has taken maintainance interim
until junio comes back.

Cheers,

  [0] git://repo.or.cz/git/spearce.git
-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]