#564259 cpio: Cpio core dumps

Package:
cpio
Source:
cpio
Description:
GNU cpio -- a program to manage archives of files
Submitter:
Nigel Horne
Date:
2010-01-11 09:51:03 UTC
Severity:
normal
#564259#5
Date:
2010-01-08 19:16:46 UTC
From:
To:
See bug 505445.  I can't seem to post to that bug.

Please provide a cpio-dbg package so that I can create a stacktrace.

#0  memcpy () at ../sysdeps/x86_64/memcpy.S:208
208    ../sysdeps/x86_64/memcpy.S: No such file or directory.
   in ../sysdeps/x86_64/memcpy.S
   (gdb) bt
   #0  memcpy () at ../sysdeps/x86_64/memcpy.S:208
   #1  0x000000000040b611 in ?? ()
   #2  0x000000000040b6d8 in ?? ()
   #3  0x00000000004072a6 in ?? ()
   #4  0x0000000000408ae7 in ?? ()
   #5  0x00007f905dd65abd in __libc_start_main (main=<value optimized out>,
      argc=<value optimized out>, ubp_av=<value optimized out>,
         init=<value optimized out>, fini=<value optimized out>,
	    rtld_fini=<value optimized out>, stack_end=0x7fffb54815b8)
	       at libc-start.c:222
	       #6  0x0000000000402919 in ?? ()
	       #7  0x00007fffb54815b8 in ?? ()
	       #8  0x000000000000001c in ?? ()
	       #9  0x0000000000000003 in ?? ()
	       #10 0x00007fffb5482f4c in ?? ()
	       #11 0x00007fffb5482f51 in ?? ()
	       #12 0x00007fffb5482f57 in ?? ()
	       #13 0x0000000000000000 in ?? ()
	       Current language:  auto
	       The current source language is "auto; currently asm".
	       (gdb)

strace -f output:
lstat("mnt/gateway/home/njh/bin/pop3-bounce", {st_mode=S_IFREG|0744, st_size=5399, ...}) = 0
write(2, "media/1d901e30-6139-4105-8f2f-05"..., 81media/1d901e30-6139-4105-8f2f-055dc758dd40//mnt/gateway/home/njh/bin/pop3-bounce
) = 81
lstat("mnt/gateway/home/njh/bin/cvacant", {st_mode=S_IFREG|0755, st_size=51180, ...}) = 0
lstat("media/1d901e30-6139-4105-8f2f-055dc758dd40//mnt/gateway/home/njh/bin/cvacant", {st_mode=S_IFREG|0600, st_size=23552, ...}) = 0
unlink("media/1d901e30-6139-4105-8f2f-055dc758dd40//mnt/gateway/home/njh/bin/cvacant") = 0
open("mnt/gateway/home/njh/bin/cvacant", O_RDONLY) = 3
open("media/1d901e30-6139-4105-8f2f-055dc758dd40//mnt/gateway/home/njh/bin/cvacant", O_WRONLY|O_CREAT, 0600) = 4
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
write(4, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
--- SIGSEGV (Segmentation fault) @ 0 (0) ---

#564259#10
Date:
2010-01-09 02:39:23 UTC
From:
To:
No cpio-dbg package, but you can use
http://people.debian.org/~schizo/tmp/cpio_2.10-1.nostrip_amd64.deb
which has all the debug symbols.

That does not look promising.  You might want libc6-dbg as well.

#564259#15
Date:
2010-01-09 15:04:03 UTC
From:
To:
Program terminated with signal 11, Segmentation fault.
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:208
208    ../sysdeps/x86_64/memcpy.S: No such file or directory.
     in ../sysdeps/x86_64/memcpy.S
(gdb) bt
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:208
#1  0x000000000040b54e in disk_buffered_write (
     in_buf=0x13ad05b <Address 0x13ad05b out of bounds>, out_des=4,
     num_bytes=<value optimized out>) at ../../src/util.c:283
#2  0x000000000040b61a in copy_files_disk_to_disk (in_des=3, out_des=4,
     num_bytes=0, filename=0x138d450 "mnt/gateway/home/njh/bin/cvacant")
     at ../../src/util.c:562
#3  0x000000000040731c in process_copy_pass () at ../../src/copypass.c:185
#4  0x0000000000408b34 in main (argc=3, argv=0x7fff8a39fc58)
     at ../../src/main.c:798
Current language:  auto
The current source language is "auto; currently asm".
(gdb)
I already have libc6-dbg installed:

packard:/# dpkg -l libc6-dbg
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  libc6-dbg      2.10.2-4       Embedded GNU C Library: detached
debugging s
packard:/#

#564259#20
Date:
2010-01-09 16:20:13 UTC
From:
To:

is mnt/gateway/home/njh/bin/cvacant actually 0 bytes?
disk_buffered_write() shouldn't even be called at all in that case.
set env LD_LIBRARY_PATH /usr/lib/debug

#564259#25
Date:
2010-01-09 16:56:38 UTC
From:
To:
No:

njh@packard:~$ ls -l /mnt/gateway/home/njh/bin/cvacant
-rwxr-xr-x 1 njh njh 51180 Jan  6 21:43 /mnt/gateway/home/njh/bin/cvacant

It's on an NFS mounted file-system, if that's relevant.

#564259#30
Date:
2010-01-09 17:28:58 UTC
From:
To:
Could be.

Try
http://people.debian.org/~schizo/tmp/cpio_2.10-1.nostrip+noopt_amd64.deb

It has compiler optimizations disabled so it should give a saner backtrace.

#564259#35
Date:
2010-01-10 12:34:35 UTC
From:
To:
Done:

(gdb) bt
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:78
#1  0x000000000040ba7d in disk_buffered_write (in_buf=0x18e4e1e "",
out_des=4,
     num_bytes=422173) at ../../src/util.c:283
#2  0x000000000040c354 in copy_files_disk_to_disk (in_des=3, out_des=4,
     num_bytes=422173,
     filename=0x18c5450 "mnt/gateway/home/njh/Mail/Sent Items")
     at ../../src/util.c:562
#3  0x00000000004085e3 in process_copy_pass () at ../../src/copypass.c:185
#4  0x000000000040a633 in main (argc=3, argv=0x7fffddd51578)
     at ../../src/main.c:798
Current language:  auto
The current source language is "auto; currently asm".
(gdb)

#564259#40
Date:
2010-01-10 16:07:36 UTC
From:
To:
Could you try running it under valgrind to see what its exact memcpy
complaint is, perhaps an overlap?

#564259#45
Date:
2010-01-10 16:19:03 UTC
From:
To:
I could, but it may take AGES. The dump takes about an hour before it fails,
so unless you're going to rent me some time on a Cray you may be asking
something I can't achieve!  Still, I'll give it a go...

#564259#50
Date:
2010-01-10 16:25:41 UTC
From:
To:
Good news, I got lots of errors straight away:

==2623== Source and destination overlap in memcpy(0x517c1d0, 0x517c190, 145)
==2623==    at 0x4C236BA: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C236E8: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c1cf is 1 bytes before a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C236F2: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c1ce is 2 bytes before a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C236FC: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c1cd is 3 bytes before a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C236E0: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c1cc is 4 bytes before a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C23740: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c190 is 0 bytes after a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A557: initialize_buffers (main.c:771)
==2623==    by 0x40A624: main (main.c:794)
==2623==
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/Drafts
==2623== Invalid read of size 1
==2623==    at 0x4C237B1: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c3d0 is 0 bytes after a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C23798: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c3d1 is 1 bytes after a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C2379F: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c3d2 is 2 bytes after a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C237A8: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c3d3 is 3 bytes after a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C237F0: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c491 is 1 bytes after a block of size 128 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x408E8D: ds_init (dstring.c:40)
==2623==    by 0x408220: process_copy_pass (copypass.c:72)
==2623==    by 0x40A632: main (main.c:798)
==2623==
==2623== Invalid read of size 1
==2623==    at 0x4C23800: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c493 is 3 bytes after a block of size 128 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x408E8D: ds_init (dstring.c:40)
==2623==    by 0x408220: process_copy_pass (copypass.c:72)
==2623==    by 0x40A632: main (main.c:798)
==2623==
==2623== Syscall param write(buf) points to uninitialised byte(s)
==2623==    at 0x4EE55A0: __write_nocancel (in /lib/libc-2.10.2.so)
==2623==    by 0x40B68A: disk_empty_output_buffer (util.c:141)
==2623==    by 0x4085EC: process_copy_pass (copypass.c:186)
==2623==    by 0x40A632: main (main.c:798)
==2623==  Address 0x517c1e0 is 16 bytes inside a block of size 512 alloc'd
==2623==    at 0x4C221A7: malloc (vg_replace_malloc.c:195)
==2623==    by 0x418C27: xmalloc (xmalloc.c:47)
==2623==    by 0x40A59B: initialize_buffers (main.c:777)
==2623==    by 0x40A624: main (main.c:794)
==2623==
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/SPAM
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/.imap
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/Junk
E-mail
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/Sent
Items
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/.subscriptions
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail/Secunia
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail/Jobs
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail/Music
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail/force9
==2623==
==2623== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==2623==  Access not within mapped region at address 0x557A000
==2623==    at 0x4C23798: memcpy (mc_replace_strmem.c:482)
==2623==    by 0x40BA7C: disk_buffered_write (util.c:283)
==2623==    by 0x40C353: copy_files_disk_to_disk (util.c:562)
==2623==    by 0x4085E2: process_copy_pass (copypass.c:185)
==2623==    by 0x40A632: main (main.c:798)
==2623==  If you believe this happened as a result of a stack
==2623==  overflow in your program's main thread (unlikely but
==2623==  possible), you can try to increase the size of the
==2623==  main thread stack using the --main-stacksize= flag.
==2623==  The main thread stack size used in this run was 4194304.
==2623==
==2623== FILE DESCRIPTORS: 5 open at exit.
==2623== Open file descriptor 4:
media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/mail/FamilyTree
==2623==    at 0x4EE5300: __open_nocancel (in /lib/libc-2.10.2.so)
==2623==    by 0x40856A: process_copy_pass (copypass.c:170)
==2623==    by 0x40A632: main (main.c:798)

#564259#55
Date:
2010-01-10 17:00:13 UTC
From:
To:
Good, that definitely shouldn't happen.

Now, if you're not sick of this yet, could you rerun it under gdb,
and when it segfaults, do the following:

bt full
print out_buff
print output_size

#564259#60
Date:
2010-01-10 17:57:50 UTC
From:
To:
packard:/# LD_LIBRARY_PATH=/usr/lib/debug gdb /bin/cpio core
GNU gdb (GDB) 7.0-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /bin/cpio...done.

warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libc.so.6...Reading symbols from
/usr/lib/debug/lib/libc-2.10.2.so...done.
(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from
/usr/lib/debug/lib/ld-2.10.2.so...done.
(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `cpio -pvdu
media/1d901e30-6139-4105-8f2f-055dc758dd40'.
Program terminated with signal 11, Segmentation fault.
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:209
209    ../sysdeps/x86_64/memcpy.S: No such file or directory.
     in ../sysdeps/x86_64/memcpy.S
(gdb) bt full
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:209
No locals.
#1  0x000000000040ba7d in disk_buffered_write (in_buf=0x18daf92 "",
out_des=4,
     num_bytes=450090) at ../../src/util.c:283
         bytes_left = 321066
         space_left = 512
#2  0x000000000040c354 in copy_files_disk_to_disk (in_des=3, out_des=4,
     num_bytes=450090,
     filename=0x18bb450 "mnt/gateway/home/njh/Mail/Sent Items")
     at ../../src/util.c:562
         size = 450090
         k = 42949672960
         original_num_bytes = 450090
         rc = 32680
#3  0x00000000004085e3 in process_copy_pass () at ../../src/copypass.c:185
         link_res = -1
         input_name = {ds_length = 128,
           ds_string = 0x18bb450 "mnt/gateway/home/njh/Mail/Sent Items"}
         output_name = {ds_length = 81,
           ds_string = 0x18bb4e0
"media/1d901e30-6139-4105-8f2f-055dc758dd40/mnt/gateway/home/njh/Mail/Sent
Items"}
         dirname_len = 42
         res = 0
         slash = 0x18bb450 "mnt/gateway/home/njh/Mail/Sent Items"
         in_file_stat = {st_dev = 18, st_ino = 1510308597, st_nlink = 1,
           st_mode = 33188, st_uid = 1000, st_gid = 1000, __pad0 = 0,
           st_rdev = 0, st_size = 450090, st_blksize = 8192, st_blocks =
896,
           st_atim = {tv_sec = 1259681719, tv_nsec = 0}, st_mtim = {
             tv_sec = 1263141397, tv_nsec = 0}, st_ctim = {tv_sec =
1263141397,
             tv_nsec = 0}, __unused = {0, 0, 0}}
         out_file_stat = {st_dev = 2054, st_ino = 2359305, st_nlink = 1,
           st_mode = 33152, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev
= 0,
           st_size = 129024, st_blksize = 4096, st_blocks = 264, st_atim = {
             tv_sec = 1263146047, tv_nsec = 0}, st_mtim = {tv_sec =
1263146047,
             tv_nsec = 0}, st_ctim = {tv_sec = 1263146047, tv_nsec = 0},
           __unused = {0, 0, 0}}
         in_file_des = 3
         out_file_des = 4
         existing_dir = 0
#4  0x000000000040a633 in main (argc=3, argv=0x7ffff48700f8)
     at ../../src/main.c:798
No locals.
Current language:  auto
The current source language is "auto; currently asm".
(gdb) print out_buff
$1 = 0x18bb240 ""
(gdb) print output_size
$2 = 0

#564259#65
Date:
2010-01-10 19:52:52 UTC
From:
To:
Sergey, Nigel is having a problem with cpio -pdu over NFS.  I cannot reproduce it,
but it always manifests in a memcpy() segfault, sometimes a src/dest overlap in
a copy smaller than 512 bytes, sometimes not (as above).

Any idea what the culprit is?

#564259#70
Date:
2010-01-10 20:16:31 UTC
From:
To:
Hi Clint,

Thanks for the dump. Are -pdu the only options given to cpio?

Regards,
Sergey

#564259#75
Date:
2010-01-10 21:17:55 UTC
From:
To:
Sergey Poznyakoff wrote:
No - I also use the v option:

find `cat usr/local/lib/dirs/usb` -mtime -7 -print | cpio -pvdu
media/8313e1a8-e5d9-4e37-8bfb-f69dcb0af44c/

#564259#80
Date:
2010-01-11 07:40:35 UTC
From:
To:
Hi Nigel,
file? How many files/bytes (approximately) are archived before it
happens?

Regards,
Sergey

#564259#85
Date:
2010-01-11 09:47:36 UTC
From:
To:
1) No.  But I think it's always an NFS file.
2) I just tried it and 50688 out of 530816 where copied.  I do not know
how typical that count it.

For what it's worth, I've seen this on 32-bit and 64-bit machines on
both Debian/Linux and Debian/Hurd.