Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault on Fedora 36 #1445

Open
webermar opened this issue Mar 1, 2023 · 2 comments
Open

Segfault on Fedora 36 #1445

webermar opened this issue Mar 1, 2023 · 2 comments

Comments

@webermar
Copy link

webermar commented Mar 1, 2023

System is a Intel i7-5600U with Fedora 36 and seafile-client v8.0.10 installed. (via official Repo aka dnf)

When trying to start the client, it crashes after opening/showing the Seafile-Client Window. Interaction with the gui isn't possible at any time.

The journal says it segfaults/crashes in __strlen_avx2_rtm:
abrt-notification[12317]: Process 220189 (seaf-daemon) crashed in __strlen_avx2_rtm()

Journal after trying to start the client:
[12270]: json_parse on "{"type":"rpm","name":"libxcrypt","version":"4.4.33-4.fc36","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:36"}\003" failed: Invalid argument
systemd-coredump[12269]: [🡕] Process 12261 (seaf-daemon) of user 1000 dumped core.

                                               Module linux-vdso.so.1 with build-id 2f84e7f3fad45f833dbddfb1bd2a0cd8b4b1152a
                                               Module libnss_resolve.so.2 with build-id a6a93e6f9428c11ab21661b965530fcf624dc6d4
                                               Metadata for module libnss_resolve.so.2 owned by FDO found: {
                                                       "type" : "rpm",
                                                       "name" : "systemd",
                                                       "version" : "250.10-2.fc36",
                                                       "architecture" : "x86_64",
                                                       "osCpe" : "cpe:/o:fedoraproject:fedora:36"
                                               }

                                               Module libnss_mdns4_minimal.so.2 with build-id fe461d55e34f82892fff98869493b1faba410e52
                                               Metadata for module libnss_mdns4_minimal.so.2 owned by FDO found: {
                                                       "type" : "rpm",
                                                       "name" : "nss-mdns",
                                                       "version" : "0.15.1-5.fc36",
                                                       "architecture" : "x86_64",
                                                       "osCpe" : "cpe:/o:fedoraproject:fedora:36"
                                               }

                                               Module libgcc_s.so.1 with build-id cbcf5689acb247f987a22375c392c19a530a85c0
                                               Module libnss_myhostname.so.2 with build-id 88f212fa2db41b7aa61581acf403cb5873bd7bcd
                                               Metadata for module libnss_myhostname.so.2 owned by FDO found: {
                                                       "type" : "rpm",
                                                       "name" : "systemd",
                                                       "version" : "250.10-2.fc36",
                                                       "architecture" : "x86_64",
                                                       "osCpe" : "cpe:/o:fedoraproject:fedora:36"
                                               }

                                               Module libpcre2-8.so.0 with build-id 0d207ce0c9db9ba59d4a8264b95c5ebf3ddec190
                                               Metadata for module libpcre2-8.so.0 owned by FDO found: {
                                                       "type" : "rpm",
                                                       "name" : "pcre2",
                                                       "version" : "10.40-1.fc36",
                                                       "architecture" : "x86_64",
                                                       "osCpe" : "cpe:/o:fedoraproject:fedora:36"
                                               }

                                               Module libcrypt.so.2 with build-id a8ca68e321a4a1d45d15cdd85e8a7a40b7d052ce
                                               Stack trace of thread 12266:
                                               #0  0x00007ff6619643bd __strlen_avx2_rtm (libc.so.6 + 0x1643bd)
                                               #1  0x000055ab1db336de seafile_decrypt_repo_enc_key (seaf-daemon + 0x1e6de)
                                               #2  0x000055ab1db4084d seaf_repo_fetch_and_checkout (seaf-daemon + 0x2b84d)
                                               #3  0x000055ab1db2cd6c http_download_thread (seaf-daemon + 0x17d6c)
                                               #4  0x000055ab1db27cc9 job_thread_wrapper (seaf-daemon + 0x12cc9)
                                               #5  0x00007ff661c8dd02 g_thread_pool_thread_proxy.lto_priv.0 (libglib-2.0.so.0 + 0x81d02)
                                               #6  0x00007ff661c8b302 g_thread_proxy (libglib-2.0.so.0 + 0x7f302)
                                               #7  0x00007ff66188cdcd start_thread (libc.so.6 + 0x8cdcd)
                                               #8  0x00007ff661912630 __clone3 (libc.so.6 + 0x112630)

                                               Stack trace of thread 12261:
                                               #0  0x00007ff661911c0e epoll_wait (libc.so.6 + 0x111c0e)
                                               #1  0x00007ff661dd5ba4 epoll_dispatch.lto_priv.0 (libevent-2.1.so.7 + 0x2eba4)
                                               #2  0x00007ff661dcd085 event_base_loop (libevent-2.1.so.7 + 0x26085)
                                               #3  0x000055ab1db20ba7 main (seaf-daemon + 0xbba7)
                                               #4  0x00007ff661829510 __libc_start_call_main (libc.so.6 + 0x29510)
                                               #5  0x00007ff6618295c9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x295c9)
                                               #6  0x000055ab1db21385 _start (seaf-daemon + 0xc385)

                                               Stack trace of thread 12262:
                                               #0  0x00007ff66190841c __select (libc.so.6 + 0x10841c)
                                               #1  0x000055ab1db3673a wt_monitor_job_linux.lto_priv.0 (seaf-daemon + 0x2173a)
                                               #2  0x000055ab1db27cc9 job_thread_wrapper (seaf-daemon + 0x12cc9)
                                               #3  0x00007ff661c8dd02 g_thread_pool_thread_proxy.lto_priv.0 (libglib-2.0.so.0 + 0x81d02)
                                               #4  0x00007ff661c8b302 g_thread_proxy (libglib-2.0.so.0 + 0x7f302)
                                               #5  0x00007ff66188cdcd start_thread (libc.so.6 + 0x8cdcd)
                                               #6  0x00007ff661912630 __clone3 (libc.so.6 + 0x112630)

                                               Stack trace of thread 12263:
                                               #0  0x00007ff66191323f accept (libc.so.6 + 0x11323f)
                                               #1  0x00007ff662258959 named_pipe_listen (libsearpc.so.1 + 0x5959)
                                               #2  0x00007ff66188cdcd start_thread (libc.so.6 + 0x8cdcd)
                                               #3  0x00007ff661912630 __clone3 (libc.so.6 + 0x112630)

                                               Stack trace of thread 12264:
                                               #0  0x00007ff6618d8695 clock_nanosleep@GLIBC_2.2.5 (libc.so.6 + 0xd8695)
                                               #1  0x00007ff6618dcf07 __nanosleep (libc.so.6 + 0xdcf07)
                                               #2  0x00007ff661c847ff g_usleep (libglib-2.0.so.0 + 0x787ff)
                                               #3  0x000055ab1db2c4e2 update_cached_head_commit_ids (seaf-daemon + 0x174e2)
                                               #4  0x00007ff66188cdcd start_thread (libc.so.6 + 0x8cdcd)
                                               #5  0x00007ff661912630 __clone3 (libc.so.6 + 0x112630)

                                               Stack trace of thread 12265:
                                               #0  0x00007ff6618d8695 clock_nanosleep@GLIBC_2.2.5 (libc.so.6 + 0xd8695)
                                               #1  0x00007ff6618dcf07 __nanosleep (libc.so.6 + 0xdcf07)
                                               #2  0x00007ff661c847ff g_usleep (libglib-2.0.so.0 + 0x787ff)
                                               #3  0x000055ab1db398d2 cleanup_deleted_stores.lto_priv.0 (seaf-daemon + 0x248d2)
                                               #4  0x00007ff66188cdcd start_thread (libc.so.6 + 0x8cdcd)
                                               #5  0x00007ff661912630 __clone3 (libc.so.6 + 0x112630)
                                               ELF object binary architecture: AMD x86-64

The i7-5600U has official Support for AVX2: https://www.intel.de/content/www/de/de/products/sku/85215/intel-core-i75600u-processor-4m-cache-up-to-3-20-ghz/specifications.html

I don't have any idea, what the real problem could be. It worked fine before.
@webermar webermar changed the title Segfault on Fedora Segfault on Fedora 36 Mar 1, 2023
@vasylenkomykola
Copy link

I have the same problem. A cursory inspection showed that from some places the seafile_decrypt_repo_enc_key function is called with the specified password as NULL. However, the strlen function is not null-safe. After moving one line, the problem disappeared, but I don't know how true this is. Encrypted and non-encrypted libraries work without crashes.

Module libcrypt.so.2 with build-id a8ca68e321a4a1d45d15cdd85e8a7a40b7d052ce
Stack trace of thread 7059:
#0  0x00007f09f915b87d __strlen_avx2 (libc.so.6 + 0x15b87d)
#1  0x00005630771556de seafile_decrypt_repo_enc_key (seaf-daemon + 0x1e6de)
#2  0x000056307716284d seaf_repo_fetch_and_checkout (seaf-daemon + 0x2b84d)
#3  0x000056307714ed6c http_download_thread (seaf-daemon + 0x17d6c)
#4  0x0000563077149cc9 job_thread_wrapper (seaf-daemon + 0x12cc9)
#5  0x00007f09f9538d02 g_thread_pool_thread_proxy.lto_priv.0 (libglib-2.0.so.0 + 0x81d02)
#6  0x00007f09f9536302 g_thread_proxy (libglib-2.0.so.0 + 0x7f302)
#7  0x00007f09f908cdcd start_thread (libc.so.6 + 0x8cdcd)
#8  0x00007f09f9112630 __clone3 (libc.so.6 + 0x112630)

seafile-8.0.10-sigsegv_strlen_avx2.patch

diff -upr a/common/seafile-crypt.c b/common/seafile-crypt.c
--- a/common/seafile-crypt.c    2022-12-27 10:53:39.000000000 +0200
+++ b/common/seafile-crypt.c    2023-03-04 01:23:18.214962454 +0200
@@ -236,9 +236,8 @@ seafile_decrypt_repo_enc_key (int enc_ve
 {
     unsigned char key[32], iv[16];

-    seafile_derive_key (passwd, strlen(passwd), enc_version, repo_salt, key, iv);
-
     if (enc_version == 1) {
+        seafile_derive_key (passwd, strlen(passwd), enc_version, repo_salt, key, iv);
         memcpy (key_out, key, 16);
         memcpy (iv_out, iv, 16);
         return 0;

@killing
Copy link
Member

killing commented Apr 17, 2023

This is a bug related to delete confirmation of files in encrypted libraries. It'll be fixed in 9.0.2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@killing @webermar @vasylenkomykola