Bug 1270327 - guestfish crashes with SIGSEGV, invalid free
guestfish crashes with SIGSEGV, invalid free
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: libguestfs (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Richard W.M. Jones
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-09 12:08 EDT by David Shea
Modified: 2015-10-09 12:55 EDT (History)
4 users (show)

See Also:
Fixed In Version: libguestfs-1:1.31.16-1.fc24
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-09 12:55:46 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
gzipped core file (586.63 KB, application/x-gzip)
2015-10-09 12:08 EDT, David Shea
no flags Details

  None (edit)
Description David Shea 2015-10-09 12:08:55 EDT
Created attachment 1081385 [details]
gzipped core file

Description of problem:

guestfish is crashing on SIGSEGV during a call to free(). Core file attached.

Version-Release number of selected component (if applicable):
libguestfs-tools-c-1.31.13-1.fc24.x86_64

This is happening via a call to virt-copy-out
Comment 1 Richard W.M. Jones 2015-10-09 12:12:44 EDT
I think it's probably this, fixed earlier today:

https://github.com/libguestfs/libguestfs/commit/63342614975bc222027a60d0ae2cbc3a8a9ada7a
Comment 2 Richard W.M. Jones 2015-10-09 12:13:58 EDT
I didn't look at the core, but can you grab a stack trace and check
that it occurs in the same function (parse_os_release)?

If it's that bug, then it will be fixed in the next version (1.31.16).
Comment 3 David Shea 2015-10-09 12:16:32 EDT
(In reply to Richard W.M. Jones from comment #2)
> I didn't look at the core, but can you grab a stack trace and check
> that it occurs in the same function (parse_os_release)?

yeah.

(gdb) bt
#0  __GI___libc_free (mem=0x42000f5f5) at malloc.c:2945
#1  0x00007f7814e28fb2 in parse_os_release (filename=0x7f7814e67ad7 "/etc/os-release", 
    fs=0x55f3576dd730, g=0x55f3576d9f20) at inspect-fs-unix.c:235
#2  guestfs_int_check_linux_root (g=g@entry=0x55f3576d9f20, fs=fs@entry=0x55f3576dd730)
    at inspect-fs-unix.c:480
#3  0x00007f7814e25c19 in check_filesystem (m=<optimized out>, m=<optimized out>, whole_device=0, 
    mountable=<optimized out>, g=0x55f3576d9f20) at inspect-fs.c:223
#4  guestfs_int_check_for_filesystem_on (g=g@entry=0x55f3576d9f20, mountable=<optimized out>)
    at inspect-fs.c:122
#5  0x00007f7814e222a0 in guestfs_impl_inspect_os (g=g@entry=0x55f3576d9f20) at inspect.c:66
#6  0x00007f7814d92cd3 in guestfs_inspect_os (g=g@entry=0x55f3576d9f20) at actions-0.c:500
#7  0x000055f356e99402 in inspect_mount_handle (g=0x55f3576d9f20) at inspect.c:69
#8  0x000055f356e71f41 in main (argc=8, argv=0x7ffe21fcbf48) at fish.c:504
Comment 4 Richard W.M. Jones 2015-10-09 12:55:46 EDT
Thanks for checking.  I've just pushed 1.31.16 to the git
repository, which contains this fix.  The build happens automatically
some time soon.

Note You need to log in before you can comment on or make changes to this bug.