Skip to content

SIGABRT (malloc(): corrupted top size) with v1.5.0-rc2 #355

Open
Open
SIGABRT (malloc(): corrupted top size) with v1.5.0-rc2#355
@jmtd

Description

@jmtd
jmtd
opened on Apr 2, 2026

I'm seeing a crash after building and linking against Debian's libtkrzw, shortly after starting an index

▶;./duc index -d ./duc.db -x ~
opening tkzrw DB with compression: RECORD_COMP_ZSTD
malloc(): corrupted top size
Aborted

looks like a buffer overflow so I captured a backtrace with electric fence enabled

(gdb) set args  index -d ./duc.db -x /home/jon
(gdb) efence
Enabled Electric Fence
(gdb) run
Starting program: /home/jon/git/debian/duc/duc index -d ./duc.db -x /home/jon

  Electric Fence 2.2 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

  Electric Fence 2.2 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
opening tkzrw DB with compression: RECORD_COMP_ZSTD

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7ba7430 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) bt
#0  0x00007ffff7ba7430 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x0000555555559c00 in buffer_put (b=b@entry=0x7ffff75fefe0, data=data@entry=0x7ffff75f557b, len=21) at src/libduc/buffer.c:57
#2  0x0000555555559c92 in buffer_put_string (b=0x7ffff75fefe0, s=0x7ffff75f557b "lmroman12-regular.lua") at src/libduc/buffer.c:109
#3  0x000055555555a05b in buffer_put_dirent (b=0x7ffff75fefe0, ent=ent@entry=0x7ffffffdcd90) at src/libduc/buffer.c:184
#4  0x000055555555d6b5 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff75f2f90) at src/libduc/index.c:603
#5  0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff75e0f90) at src/libduc/index.c:548
#6  0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff75cef90) at src/libduc/index.c:548
#7  0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff75bcf90) at src/libduc/index.c:548
#8  0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff75aaf90) at src/libduc/index.c:548
#9  0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff7598f90) at src/libduc/index.c:548
#10 0x000055555555dcd7 in scanner_scan (scanner_dir=scanner_dir@entry=0x7ffff7528f90) at src/libduc/index.c:548
#11 0x000055555555f06b in duc_index (req=0x7ffff751af70, path=<optimized out>,
    flags=flags@entry=(DUC_INDEX_XDEV | DUC_INDEX_TOPN_FILES)) at src/libduc/index.c:752
#12 0x000055555556466a in index_main (duc=0x7ffff7514fe8, argc=<optimized out>, argv=<optimized out>) at src/duc/cmd-index.c:153
#13 0x0000555555559aa7 in main (argc=<optimized out>, argv=<optimized out>) at src/duc/main.c:183

haven't dug deeper

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions