Re: install/49284: sysinst segfaults when configuring network manually

To: install-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,gson%gson.org@localhost (Andreas Gustafsson)
Subject: Re: install/49284: sysinst segfaults when configuring network manually
From: Andreas Gustafsson <gson%gson.org@localhost>
Date: Wed, 15 Oct 2014 15:05:00 +0000 (UTC)

The following reply was made to PR install/49284; it has been noted by GNATS.

From: Andreas Gustafsson <gson%gson.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: christos%NetBSD.org@localhost
Subject: Re: install/49284: sysinst segfaults when configuring network manually
Date: Wed, 15 Oct 2014 18:03:55 +0300

 I managed to get a stack trace from the crashing "sysctl -a" by
 booting the install media, mounting a disk image containing an
 installed system built with MKDEBUG=YES on /mnt, and setting up a
 twisty little maze of null and union mounts to get the necessary
 libraries and debug symbol files to show up in the right places.
 
 Here's where it's crashing:
 
 (gdb) where
 #0  0x00007f7ff74ae212 in settzname ()
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:307
 #1  tzsetlcl (name=<optimized out>)
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:1243
 #2  0x00007f7ff74ae361 in tzset_unlocked ()
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:1260
 #3  0x00007f7ff74afc08 in localtime_tzset (setname=true, tmp=0x7f7ff7768dc0, 
     timep=0x7f7fffffcd30)
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:1427
 #4  __locatime50 (timep=timep@entry=0x7f7fffffcd30)
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:1438
 #5  0x00007f7ff74afdae in __ctime50 (timep=timep@entry=0x7f7fffffcd30)
     at /tmp/bracket/build/2014.10.15.06.57.27-amd64-debug/src/lib/libc/time/localtime.c:1675
 [...]
 (gdb) l
 302             ** And to get the latest zone names into tzname. . .
 303             */
 304             for (i = 0; i < sp->typecnt; ++i) {
 305                     const struct ttinfo * const     ttisp = &sp->ttis[i];
 306     
 307                     tzname[ttisp->tt_isdst] = &sp->chars[ttisp->tt_abbrind];
 308     #ifdef USG_COMPAT
 309                     if (ttisp->tt_isdst)
 310                             daylight = 1;
 311                     if (!ttisp->tt_isdst)
 
 and *sp contains garbage:
 
 (gdb) print *sp
 $36 = {leapcnt = 808475203, timecnt = 12340, typecnt = 318726532, 
   charcnt = 19884106, goback = false, goahead = false, ats = {54100216535619, 
     85401585298923907, 8751729935641018392, 54100216535619, 85401585298923906, 
     8751747527827062808, 55199728163395, 85401585298923905, 
     8751729935641018392, 55199728163395, 85401585298923904, 
 [...]
 
 I think what happens is that the malloced block pointed to by "lclptr"
 never gets initialized.  It is malloced in tzsetlcl() which tries to
 initialize it by calling zoneinit(), which in turn calls tzload().
 The tzload() fails, causing zoneinit() to return NULL, but tzsetcl()
 never checks the return value from zoneinit() and proceeds to call
 settzname() with lclptr still pointing to uninitialized data.
 -- 
 Andreas Gustafsson, gson%gson.org@localhost

Prev by Date: PR/48201 CVS commit: src/bin/sh
Next by Date: PR/49284 CVS commit: src/lib/libc/time
Previous by Thread: Re: install/49284: sysinst segfaults when configuring network manually
Next by Thread: Re: install/49284: sysinst segfaults when configuring network manually
Indexes:

Home | Main Index | Thread Index | Old Index