Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot start pgagroal when compiled with clang in debug mode #491

Closed
fluca1978 opened this issue Jan 13, 2025 · 4 comments
Closed

Cannot start pgagroal when compiled with clang in debug mode #491

fluca1978 opened this issue Jan 13, 2025 · 4 comments
Labels
bug Something isn't working

Comments

@fluca1978
Copy link
Collaborator

Starting pgagroal resolves in:

% pgagroal                  
pgagroal: Unknown key <ev_backend> with value <io_uring> in section [pgagroal] (line 46 of file </etc/pgagroal/pgagroal.conf>)
2025-01-13 12:38:09 WARN  configuration.c:482 pgagroal: max_connections (20) is greater than allowed (8)
2025-01-13 12:38:09 DEBUG configuration.c:3074 PID file automatically set to: [/tmp/pgagroal.54322.pid]
=================================================================
==17659==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000009495 at pc 0x559726597f10 bp 0x7ffc9c1e2360 sp 0x7ffc9c1e1b00
WRITE of size 6 at 0x502000009495 thread T0
    #0 0x559726597f0f in vsprintf (/usr/local/bin/pgagroal+0x58f0f) (BuildId: 16ffc1dab018cfa8eed6b5cc7e6981bc6e861325)
    #1 0x55972659900e in sprintf (/usr/local/bin/pgagroal+0x5a00e) (BuildId: 16ffc1dab018cfa8eed6b5cc7e6981bc6e861325)
    #2 0x7f1cd144820b in bind_host /home/luca/pgagroal/src/libpgagroal/network.c:613:4
    #3 0x7f1cd1447bfc in pgagroal_bind /home/luca/pgagroal/src/libpgagroal/network.c:104:17
    #4 0x55972664e91c in main /home/luca/pgagroal/src/main.c:961:11
    #5 0x7f1cd10295cf in __libc_start_call_main (/lib64/libc.so.6+0x295cf) (BuildId: d78a44ae94f1d320342e0ff6c2315b2b589063f8)
    #6 0x7f1cd102967f in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2967f) (BuildId: d78a44ae94f1d320342e0ff6c2315b2b589063f8)
    #7 0x559726571a94 in _start (/usr/local/bin/pgagroal+0x32a94) (BuildId: 16ffc1dab018cfa8eed6b5cc7e6981bc6e861325)

0x502000009495 is located 0 bytes after 5-byte region [0x502000009490,0x502000009495)
allocated by thread T0 here:
    #0 0x55972660d04d in calloc (/usr/local/bin/pgagroal+0xce04d) (BuildId: 16ffc1dab018cfa8eed6b5cc7e6981bc6e861325)
    #1 0x7f1cd14481a3 in bind_host /home/luca/pgagroal/src/libpgagroal/network.c:607:12
    #2 0x7f1cd1447bfc in pgagroal_bind /home/luca/pgagroal/src/libpgagroal/network.c:104:17
    #3 0x55972664e91c in main /home/luca/pgagroal/src/main.c:961:11
    #4 0x7f1cd10295cf in __libc_start_call_main (/lib64/libc.so.6+0x295cf) (BuildId: d78a44ae94f1d320342e0ff6c2315b2b589063f8)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/usr/local/bin/pgagroal+0x58f0f) (BuildId: 16ffc1dab018cfa8eed6b5cc7e6981bc6e861325) in vsprintf
Shadow bytes around the buggy address:
  0x502000009200: fa fa 00 05 fa fa 00 00 fa fa 00 07 fa fa 00 07
  0x502000009280: fa fa 00 fa fa fa 00 00 fa fa 00 06 fa fa 00 07
  0x502000009300: fa fa 00 06 fa fa 00 07 fa fa 00 06 fa fa 00 03
  0x502000009380: fa fa 00 00 fa fa 00 07 fa fa 00 07 fa fa 00 07
  0x502000009400: fa fa 00 07 fa fa 00 01 fa fa 00 06 fa fa 00 02
=>0x502000009480: fa fa[05]fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x502000009500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x502000009580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x502000009600: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x502000009680: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x502000009700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb

This happens on commit f818ad10e7c63d0ae2c180df6cbf035dd00b2e65, on Rocky Linux 9, clang 18.1.8.

Information about the compilation:

% clang --version
clang version 18.1.8 (RESF 18.1.8-3.el9)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Configuration file: /etc/clang/x86_64-redhat-linux-gnu-clang.cfg


% pwd 
/home/luca/pgagroal/build
% make clean
% sudo rm /usr/local/lib64/libpgagroal*
% rm -rf * && cmake -DCMAKE_C_COMPILER=clang -DCMAKE_BUILD_TYPE=Debug  ..  && make && sudo make install
@fluca1978 fluca1978 added the bug Something isn't working label Jan 13, 2025
@jesperpedersen
Copy link
Collaborator

What is the pgagroal.conf ? And, how are the network card(s) configured ?

@fluca1978
Copy link
Collaborator Author

Pgagroal configuration follows:

% cat /etc/pgagroal/pgagroal.conf

[rachel]
host = 127.0.0.1
port = 5432
primary = on

[pgagroal]
host = *
port = 54322
unix_socket_dir = /tmp
#pidfile = foo.pid

#management=6432

log_type  = console
log_level = debug
#log_level = trace
log_path  = /var/log/pgagroal/pgagroal.log
log_path  = /var/log/pgagroal/pgagroal-%Y-%m-%d-%H-%M-%S.log   
log_mode  = create

#log_connections    = on
#log_disconnections = on
#log_rotation_size = "3Mb"# in megabytes
#log_rotation_age = 1m# one minute
#log_line_prefix  = "->" #  "PGAGROAL #%Y-%m-%d-%H:%M:%S" # the prefix of the log

max_connections = 20

pipeline = 'performance'
# solo per la pipeline transaction
allow_unknown_users = false
#blocking_timeout = 10000

#metrics = 8000
#metrics_cache_max_age = 10s
#metrics_cache_max_size = 50Kb

#idle_timeout = 0

#update_process_title = minimal

#master_key_file_location = /home/luca/tmp


ev_backend = io_uring # io_uring, epoll, kqueue

idle_timeout = 600
validation = off

and

% cat /etc/pgagroal/pgagroal_databases.conf
# DATABASE USER MAX INITIAL MIN
 pgbench pgbench 8 5  5

while network cards are:

 ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:e4:43:8d brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 65297sec preferred_lft 65297sec
    inet6 fe80::a00:27ff:fee4:438d/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:80:c2:76 brd ff:ff:ff:ff:ff:ff
    inet 192.168.222.50/24 brd 192.168.222.255 scope global noprefixroute enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe80:c276/64 scope link 
       valid_lft forever preferred_lft forever

What is puzzling me is that it seems to be there even from very old commits, I've run backwars until 07e64b7 (which still has the problem). Therefore, I think it is something related to libc or clang.

fluca1978 added a commit to fluca1978/pgagroal that referenced this issue Jan 13, 2025
@fluca1978
[agroal#491] Fix bug in binding to TCP/IP port
aca795b 
The problem is that the port string was created as a 5 chars, while it
can be 5 effective chars plus the string end '\0'.

Close agroal#491
@fluca1978
Copy link
Collaborator Author

@jesperpedersen ok to include in master?

@jesperpedersen
Copy link
Collaborator

@fluca1978 Yes

jesperpedersen pushed a commit that referenced this issue Jan 13, 2025
@fluca1978 @jesperpedersen
[#491] Fix bug in binding to TCP/IP port
366083c 
The problem is that the port string was created as a 5 chars, while it
can be 5 effective chars plus the string end '\0'.

Close #491
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jesperpedersen @fluca1978