Bug 16446 - lircd segfaults in __strcmp_ssse3
Summary: lircd segfaults in __strcmp_ssse3
Status: RESOLVED DUPLICATE of bug 13978
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 5
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-07-22 19:42 CEST by Gilles Mouchard
Modified: 2015-07-24 18:27 CEST (History)
0 users

See Also:
Source RPM: lirc-0.9.1a-3.mga5.src.rpm
CVE:
Status comment:


Attachments

Description Gilles Mouchard 2015-07-22 19:42:45 CEST
Description of problem:

My machine is based on an Atom 230 processor.
Although everything was running fine since update from mageia 4 to mageia 5 early june, after updating today (July 22, 2015), lircd service hangs (segmentation fault in libc.so.6) at startup. Below status of lircd service from systemctl:

lircd.service - LIRC Infrared Signal Decoder
   Loaded: loaded (/usr/lib/systemd/system/lircd.service; enabled)
   Active: failed (Result: start-limit) since Wed 2015-07-22 18:57:13 CEST; 30min ago
  Process: 1408 ExecStart=/usr/sbin/lircd --nodaemon (code=killed, signal=SEGV)
 Main PID: 1408 (code=killed, signal=SEGV)

Jul 22 18:57:13 ion lircd[1408]: 'lirc' written to protocols file /sys/class/rc/rc0/protocols
Jul 22 18:57:13 ion systemd[1]: lircd.service: main process exited, code=killed, status=11/SEGV
Jul 22 18:57:13 ion systemd[1]: Unit lircd.service entered failed state.
Jul 22 18:57:13 ion systemd[1]: lircd.service failed.
Jul 22 18:57:13 ion systemd[1]: start request repeated too quickly for lircd.service
Jul 22 18:57:13 ion systemd[1]: Failed to start LIRC Infrared Signal Decoder.
Jul 22 18:57:13 ion systemd[1]: lircd.service failed.

Tried to directly run lircd from the command prompt just if as systemd would have started lircd process (command line seen in /lib/systemd/system/lircd.service):
$ /usr/sbin/lircd --nodaemon

Below the backtrace from GDB (after installing debuginfo):
#0  0xb7e0b698 in __strcmp_ssse3 () from /lib/i686/libc.so.6
#1  0x0804b7cd in main (argc=2, argv=0xbffff214) at lircd.c:2337

Below some informations from valgrind:
==2017== Invalid read of size 1
==2017==    at 0x402D3AA: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2017==    by 0x804B7CC: main (lircd.c:2337)
==2017==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==2017== 
==2017== 
==2017== Process terminating with default action of signal 11 (SIGSEGV)
==2017==  Access not within mapped region at address 0x0
==2017==    at 0x402D3AA: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2017==    by 0x804B7CC: main (lircd.c:2337)

Not sure but seems related to this bug: http://sourceforge.net/p/lirc/tickets/39/

Version-Release number of selected component (if applicable):
0.9.1a

How reproducible:

Steps to Reproduce:
1. systemctl start lircd
2. systemctl status lircd
3.


Reproducible: 

Steps to Reproduce:
Comment 1 Gilles Mouchard 2015-07-23 19:05:09 CEST
In fact, lirc has been updated yesterday, probably because of package dependencies, from lirc-0.9.0-10.3.mga4.i586 to lirc-0.9.1a-3.mga5.i586.
That's why everything was working fine until yesterday.

*** This bug has been marked as a duplicate of bug 13978 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE

Comment 2 Gilles Mouchard 2015-07-24 18:27:39 CEST
In File /lib/systemd/system/lircd.service, I tried to work around the bug (default value for socket file which is a null string pointer) by setting it in the ExecStart rule:
ExecStart=/usr/sbin/lircd --output=/var/run/lirc/lircd --nodaemon

It works for me.

Note You need to log in before you can comment on or make changes to this bug.