Skip to content

fix: remove race when writing errors in generic cataloger#3875

Merged
wagoodman merged 2 commits intomainfrom
fix-sync-race
May 9, 2025
Merged

fix: remove race when writing errors in generic cataloger#3875
wagoodman merged 2 commits intomainfrom
fix-sync-race

Conversation

@wagoodman
Copy link
Copy Markdown
Contributor

@wagoodman wagoodman commented May 9, 2025
edited
Loading

I'm seeing partial values referenced in the issue traceback and a nil dereference:

unexpected fault address 0x0
fatal error: fault
[0001] DEBUG discovered 0 packages cataloger=go-module-binary-cataloger
[signal SIGSEGV: segmentation violation code=0x80 addr=0x0 pc=0x123a0da]

goroutine 85 gp=0xc000cb36c0 m=21 mp=0xc000278008 [running]:
runtime.throw({0x1c6f462?, 0xb0efc6?})
        /opt/hostedtoolcache/go/1.24.2/x64/src/runtime/panic.go:1101 +0x48 fp=0xc002f29938 sp=0xc002f29908 pc=0x479ac8
runtime.sigpanic()
        /opt/hostedtoolcache/go/1.24.2/x64/src/runtime/signal_unix.go:939 +0x26c fp=0xc002f29998 sp=0xc002f29938 pc=0x47bbec
github.com/anchore/syft/internal/unknown.visitErrors({0x6168732f7273752f, 0x656e746f642f6572}, 0xc002f29d70)
        /home/runner/work/syft/syft/internal/unknown/coordinate_error.go:170 +0x3a fp=0xc002f29ad0 sp=0xc002f29998 pc=0x123a0da
github.com/anchore/syft/internal/unknown.visitErrors({0x22afe20, 0xc005a4f3e0}, 0xc002f29d70)
        /home/runner/work/syft/syft/internal/unknown/coordinate_error.go:173 +0xf8 fp=0xc002f29c08 sp=0xc002f29ad0 pc=0x123a198
github.com/anchore/syft/internal/unknown.visitErrors({0x22afe20, 0xc002d807b0}, 0xc002f29d70)
        /home/runner/work/syft/syft/internal/unknown/coordinate_error.go:173 +0xf8 fp=0xc002f29d40 sp=0xc002f29c08 pc=0x123a198
github.com/anchore/syft/internal/unknown.ExtractCoordinateErrors({0x22afe20?, 0xc002d807b0?})
        /home/runner/work/syft/syft/internal/unknown/coordinate_error.go:106 +0x47 fp=0xc002f29d90 sp=0xc002f29d40 pc=0x1239767
...

Which:

  • github.com/anchore/syft/internal/unknown.visitErrors({0x6168732f7273752f, 0x656e746f642f6572}, 0xc002f29d70) when decoded appears to be entod/erahs/rsu/, when flipped /usr/share/dotne, I don't think I should be seeing partial values here
  • based off of a code analysis of visitErrors, it seems that the address of the error after type assertion is assigned out of band to 0 (which would not be possible without multiple concurrent writers)

I think a reproduction without concurrent writers of this would be something akin to (but not exactly the same as what the traceback is):

func TestCorruptErrorSegfault(t *testing.T) {
	path := "/usr/share/dotnet"

	var err error
	strPtr := unsafe.Pointer(&path)
	errPtr := (*error)(unsafe.Pointer(&strPtr))
	err = *errPtr

	defer func() {
		if r := recover(); r != nil {
			t.Logf("Test recovered from panic: %v", r)
		}
	}()

	_, _ = ExtractCoordinateErrors(err)
}

The fix is to ensure that the errors being processed are only written within the Collect() closure, and not to a variable on the stack of the caller.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • I have added unit tests that cover changed behavior
  • I have tested my code in common scenarios and confirmed there are no regressions
  • I have added comments to my code, particularly in hard-to-understand sections

@wagoodman
fix generic cataloger race
c7ba948 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
@wagoodman wagoodman self-assigned this May 9, 2025
kzantow
kzantow reviewed May 9, 2025
View reviewed changes
Comment thread syft/pkg/cataloger/generic/cataloger.go Outdated
kzantow
kzantow reviewed May 9, 2025
View reviewed changes
Comment thread syft/pkg/cataloger/generic/cataloger.go Outdated
@wagoodman
update race test
3998f4c 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
kzantow
kzantow approved these changes May 9, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍 Thanks for jumping on this!

@wagoodman wagoodman enabled auto-merge (squash) May 9, 2025 17:40
@wagoodman wagoodman merged commit abe5e27 into main May 9, 2025
13 checks passed
@wagoodman wagoodman deleted the fix-sync-race branch May 9, 2025 17:46
spiffcs added a commit that referenced this pull request May 13, 2025
@spiffcs
Merge branch 'main' into 3088-new-license-ctx-scaner
a1a046b 
* main:
  Translate Portage license strings to SPDX expressions (#1763)
  fix: stop emitting redis redis CPE for PHP PECL redis (#3881)
  feat: Add PURL list input/output format (#3853)
  chore(deps): update CPE dictionary index (#3877)
  chore(deps): update tools to latest versions (#3878)
  do not search binary contents for version for go package (#3874)
  fix: remove race when writing errors in generic cataloger (#3875)
  clear devel version for go packages (#3873)

Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
@BrewTestBot BrewTestBot mentioned this pull request May 14, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kzantow kzantow kzantow approved these changes

Assignees

@wagoodman wagoodman

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Syft crash [signal SIGSEGV: segmentation violation code=0x80 addr=0x0 pc=0x123a0da]

2 participants

@wagoodman @kzantow