[Issue 18667] New: Segfault in std.file.dirEntries

d-bugmail at puremagic.com d-bugmail at puremagic.com
Mon Mar 26 23:39:59 UTC 2018 

https://issues.dlang.org/show_bug.cgi?id=18667

          Issue ID: 18667
           Summary: Segfault in std.file.dirEntries
           Product: D
           Version: D2
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Keywords: bootcamp
          Severity: normal
          Priority: P1
         Component: phobos
          Assignee: nobody at puremagic.com
          Reporter: greensunny12 at gmail.com

DScanner sometimes segfaults in dirEntries:

---
0x00007ffff6fa6fb6 in __readdir (dirp=0x0) at ../sysdeps/posix/readdir.c:44
44      ../sysdeps/posix/readdir.c: No such file or directory.
#0  0x00007ffff6fa6fb6 in __readdir (dirp=0x0) at ../sysdeps/posix/readdir.c:44
#1  0x0000000000a89169 in std.file.DirIteratorImpl.next() (this=...) at
std/file.d:4029
#2  0x0000000000a89628 in std.file.DirIteratorImpl.popFront() (this=...) at
std/file.d:4133
#3  0x0000000000a898e9 in std.file.DirIterator.popFront() (this=...) at
std/file.d:4155
#4  0x00000000008c8da1 in dsymbol.modulecache.ModuleCache.addImportPaths()
(this=0x7ffff7ee9530, root=...) at dsymbol/src/dsymbol/modulecache.d:133
#5  0x00000000008c8d95 in dsymbol.modulecache.ModuleCache.addImportPaths()
(this=0x7ffff7ee9530, root=...) at dsymbol/src/dsymbol/modulecache.d:132
#6  0x00000000008c8d95 in dsymbol.modulecache.ModuleCache.addImportPaths()
(this=0x7ffff7ee9530, root=...) at dsymbol/src/dsymbol/modulecache.d:132
#7  0x00000000008c8bcb in dsymbol.modulecache.ModuleCache.addImportPaths()
(this=..., paths=...) at dsymbol/src/dsymbol/modulecache.d:136
#8  0x0000000000a565ed in D main (args=...) at src/main.d:151
#9  0x0000000000a75784 in rt.dmain2._d_run_main() (this=0x7fffffffe3e0) at
src/rt/dmain2.d:508
#10 0x0000000000a755cc in rt.dmain2._d_run_main() (this=0x7fffffffe3e0, dg=...)
at src/rt/dmain2.d:469
#11 0x0000000000a756d9 in rt.dmain2._d_run_main() (this=0x7fffffffe3e0) at
src/rt/dmain2.d:508
#12 0x0000000000a755cc in rt.dmain2._d_run_main() (this=0x7fffffffe3e0, dg=...)
at src/rt/dmain2.d:469
#13 0x0000000000a75530 in _d_run_main (argc=7, argv=0x7fffffffe4e8,
mainFunc=0xa56010 <D main>) at src/rt/dmain2.d:528
#14 0x0000000000a63a0e in main ()
---

https://github.com/dlang/phobos/pull/6344

I haven't been able to reproduce this locally and segfault is copied from the
failing CircleCi run.

The Dlang side:

https://github.com/dlang/phobos/blob/4c4c37d0b464df05e2f5298d4ddc9b6a9f16bb1b/std/file.d#L4029

for (dirent* fdata; (fdata = readdir(_stack[$-1].h)) != null; ) 

The glibc side:

https://github.molgen.mpg.de/git-mirror/glibc/blob/master/sysdeps/posix/readdir.c

#ifndef __READDIR
# define __READDIR __readdir
...
#endif

__READDIR (DIR *dirp)
{
  DIRENT_TYPE *dp;
  int saved_errno = errno;

#if IS_IN (libc)
  __libc_lock_lock (dirp->lock);
#endif

So it looks like we are passing a null pointer to readdir.
A first start would be to modify the dirEntries implementation to ensure that
no invalid data is passed to readdir by e.g. adding more asserts.

--

More information about the Digitalmars-d-bugs mailing list