[Bug c++/105709] New: FORTIFY_SOURCE=3 (*** buffer overflow detected ***: terminated) on Qt

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

From: "sam at gentoo dot org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c++/105709] New: FORTIFY_SOURCE=3 (*** buffer overflow detected ***: terminated) on Qt
Date: Tue, 24 May 2022 00:07:49 +0000	[thread overview]
Message-ID: <bug-105709-4@http.gcc.gnu.org/bugzilla/> (raw)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105709

            Bug ID: 105709
           Summary: FORTIFY_SOURCE=3 (*** buffer overflow detected ***:
                    terminated) on Qt
           Product: gcc
           Version: 10.3.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: sam at gentoo dot org
                CC: siddhesh at gcc dot gnu.org
  Target Milestone: ---

Originally reported downstream in Gentoo at https://bugs.gentoo.org/847145.

Noticed when building net-libs/accounts-qml (https://accounts-sso.gitlab.io/).
It crashed on calling qmake (part of qtcore) which was calling
/usr/lib64/qt5/bin/qmlplugindump (part of qtdeclarative):
```
make[1]: Entering directory
'/var/tmp/portage/net-libs/accounts-qml-0.7-r1/work/accounts-qml-module-VERSION_0.7/src'
export LD_PRELOAD=Ubuntu/OnlineAccounts/libAccounts.so;
/usr/lib64/qt5/bin/qmlplugindump -notrelocatable Ubuntu.OnlineAccounts 0.1 . >
Ubuntu/OnlineAccounts/plugin.qmltypes
/usr/lib64/qt5/bin/qmake -install qinstall
/var/tmp/portage/net-libs/accounts-qml-0.7-r1/work/accounts-qml-module-VERSION_0.7/src/Ubuntu/OnlineAccounts/qmldir
/var/tmp/portage/net-libs/accounts-qml-0.7-r1/image/usr/lib64/qt5/qml/Ubuntu/OnlineAccounts/qmldir
/usr/lib64/qt5/bin/qmake -install qinstall -exe
Ubuntu/OnlineAccounts/libAccounts.so
/var/tmp/portage/net-libs/accounts-qml-0.7-r1/image/usr/lib64/qt5/qml/Ubuntu/OnlineAccounts/libAccounts.so
*** buffer overflow detected ***: terminated
make[1]: *** [Makefile:818: Ubuntu/OnlineAccounts/plugin.qmltypes] Aborted
(core dumped)
make[1]: *** Deleting file 'Ubuntu/OnlineAccounts/plugin.qmltypes'
make[1]: Leaving directory
'/var/tmp/portage/net-libs/accounts-qml-0.7-r1/work/accounts-qml-module-VERSION_0.7/src'
make: *** [Makefile:71: sub-src-install_subtargets-ordered] Error 2
 * ERROR: net-libs/accounts-qml-0.7-r1::gentoo failed (install phase):
 *   emake failed
```

Backtrace of the original failure:
```
Using host libthread_db library "/usr/lib64/libthread_db.so.1".
Core was generated by `/usr/lib64/qt5/bin/qmlplugindump -notrelocatable
Ubuntu.OnlineAccounts 0.1 .'.
Program terminated with signal SIGABRT, Aborted.
#0  0x00007f06afee44ec in ?? () from /usr/lib64/libc.so.6
[Current thread is 1 (Thread 0x7f06ac1c31c0 (LWP 37))]
gef➤  bt
#0  0x00007f06afee44ec in  () at /usr/lib64/libc.so.6
#1  0x00007f06afe935e2 in raise () at /usr/lib64/libc.so.6
#2  0x00007f06afe7d46c in abort () at /usr/lib64/libc.so.6
#3  0x00007f06afed8126 in  () at /usr/lib64/libc.so.6
#4  0x00007f06aff77ce2 in __fortify_fail () at /usr/lib64/libc.so.6
#5  0x00007f06aff766c2 in  () at /usr/lib64/libc.so.6
#6  0x00007f06aff76ba0 in __readlinkat_chk () at /usr/lib64/libc.so.6
#7  0x00007f06b05607ce in readlink (__len=0x100, __buf=<optimized out>,
__path=0x55955442aab8 "/etc/localtime") at /usr/include/bits/unistd.h:119
#8  qt_readlink(char const*) (path=0x55955442aab8 "/etc/localtime") at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/kernel/qcore_unix.cpp:68
#9  0x00007f06b04b8c2a in QFileSystemEngine::getLinkTarget(QFileSystemEntry
const&, QFileSystemMetaData&) (link=..., data=...) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/io/qfilesystemengine_unix.cpp:628
#10 0x00007f06b045ce50 in
QFileInfoPrivate::getFileName(QAbstractFileEngine::FileName) const
(this=0x559554417310, name=QAbstractFileEngine::LinkName) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/io/qfileinfo.cpp:71
#11 0x00007f06b045edca in QFileInfo::symLinkTarget() const
(this=this@entry=0x7fff00632520) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/io/qfileinfo.cpp:1237
#12 0x00007f06b045884f in QFile::symLinkTarget(QString const&) (fileName=...)
at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/io/qfile.cpp:492
#13 0x00007f06b0438140 in (anonymous namespace)::ZoneNameReader::etcLocalTime
() at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezoneprivate_tz.cpp:1255
#14 (anonymous namespace)::ZoneNameReader::name (this=<optimized out>) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezoneprivate_tz.cpp:1205
#15 QTzTimeZonePrivate::systemTimeZoneId() const (this=<optimized out>) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezoneprivate_tz.cpp:1314
#16 0x00007f06b04387ce in QTzTimeZonePrivate::QTzTimeZonePrivate()
(this=this@entry=0x55955442aa20) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezoneprivate_tz.cpp:663
#17 0x00007f06b042a50c in newBackendTimeZone () at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezone.cpp:68
#18 QTimeZoneSingleton::QTimeZoneSingleton() (this=0x7f06b07eb6a8 <(anonymous
namespace)::Q_QGS_global_tz::innerFunction()::holder>) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezone.cpp:109
#19 Holder::Holder (this=0x7f06b07eb6a8 <(anonymous
namespace)::Q_QGS_global_tz::innerFunction()::holder>) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezone.cpp:118
#20 (anonymous namespace)::Q_QGS_global_tz::innerFunction () at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezone.cpp:118
#21 QGlobalStatic<QTimeZoneSingleton, (anonymous
namespace)::Q_QGS_global_tz::innerFunction, (anonymous
namespace)::Q_QGS_global_tz::guard>::operator-> (this=<optimized out>) at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/include/QtCore/../../src/corelib/global/qglobalstatic.h:140
#22 QTimeZone::systemTimeZone() () at
/usr/src/debug/dev-qt/qtcore-5.15.4/qtbase-everywhere-src-5.15.4/src/corelib/time/qtimezone.cpp:819
#23 0x00007f06b15ee3b3 in getLocalTZA () at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/src/qml/jsruntime/qv4dateobject.cpp:723
#24 QV4::DatePrototype::init(QV4::ExecutionEngine*, QV4::Object*)
(this=0x7f06ab16d068, engine=engine@entry=0x559554421360, ctor=0x7f06ab16d198)
at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/src/qml/jsruntime/qv4dateobject.cpp:848
#25 0x00007f06b15b777d in QV4::ExecutionEngine::ExecutionEngine(QJSEngine*)
(this=this@entry=0x559554421360, jsEngine=jsEngine@entry=0x7fff00632a50) at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/src/qml/jsruntime/qv4engine.cpp:630
#26 0x00007f06b15abdd4 in QJSEngine::QJSEngine(QJSEnginePrivate&, QObject*)
(this=this@entry=0x7fff00632a50, dd=..., parent=parent@entry=0x0) at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/src/qml/jsapi/qjsengine.cpp:355
#27 0x00007f06b1713be0 in QQmlEngine::QQmlEngine(QObject*)
(this=0x7fff00632a50, parent=0x0) at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/src/qml/qml/qqmlengine.cpp:982
#28 0x0000559552a57598 in main(int, char**) (argc=<optimized out>,
argv=<optimized out>) at
/usr/src/debug/dev-qt/qtdeclarative-5.15.4/qtdeclarative-everywhere-src-5.15.4/tools/qmlplugindump/main.cpp:1185
```

next             reply	other threads:[~2022-05-24  0:07 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-24  0:07 sam at gentoo dot org [this message]
2022-05-24  0:09 ` [Bug c++/105709] " sam at gentoo dot org
2022-05-24  0:09 ` [Bug middle-end/105709] " sam at gentoo dot org
2022-05-24  0:13 ` sam at gentoo dot org
2022-05-24  0:14 ` sam at gentoo dot org
2022-05-24  0:14 ` sam at gentoo dot org
2022-05-24  0:20 ` pinskia at gcc dot gnu.org
2022-05-24  0:28 ` pinskia at gcc dot gnu.org
2022-05-24  0:45 ` sam at gentoo dot org
2022-05-24  1:53 ` siddhesh at gcc dot gnu.org
2022-05-24  2:40 ` sam at gentoo dot org
2022-05-24  2:46 ` pinskia at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-105709-4@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).