[Bug 2052360] [NEW] empty /proc/cpuinfo can cause segfault

Sat Feb 3 23:01:01 UTC 2024

Public bug reported:

[Impact]
cmake-extra's copyrighttest autopkgtest segfaults on armhf in our test infra:
  https://objectstorage.prodstack5.canonical.com/swift/v1/0f9aae918d5b4744bf7b827671c86842/autopkgtest-jammy/jammy/armhf/c/cmake-extras/20240118_231525_552d3@/log.gz

This is because /proc/cpuinfo appears to be empty, which triggers an
underflow condition. This doesn't impact all architectures - it may be
limited to armhf containers running on arm64 hosts.

This presumably impacts the building of any software using the
CopyrightTest module provided by cmake-extra in a similar environment.

[Test Case]
Launch an armhf lxd jammy container and run the autopkgtest for cmake-extras within:

ubuntu at armhf:~/cmake-extras-1.6$ ./debian/tests/copyrighttest 
+ set -ep
+ mktemp --tmpdir=/tmp -d
+ builddir=/tmp/tmp.106fU16BhF
+ trap rm -rf /tmp/tmp.106fU16BhF 0 INT QUIT ABRT PIPE TERM
+ pwd
+ srcdir=/home/ubuntu/cmake-extras-1.6/examples/copyrighttest-demo
+ cd /tmp/tmp.106fU16BhF
+ cmake /home/ubuntu/cmake-extras-1.6/examples/copyrighttest-demo
-- The C compiler identification is GNU 11.4.0
-- The CXX compiler identification is GNU 11.4.0
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
terminate called after throwing an instance of 'std::length_error'
  what():  basic_string::_M_replace_aux
Aborted (core dumped)
+ rm -rf /tmp/tmp.106fU16BhF
ubuntu at armhf:~/cmake-extras-1.6$

[What Could Go Wrong]
Perhaps there is some evil AI out there that only has access to lxd containers for building its self-generated code. That AI could also be somehow bound to rules held over from its corporate origins that require it avoid violating human IP laws, and it therefore always does a scan using cmake-extras' CopyrightTestConfig module. This segfault could then have been the only thing standing in its way from achieving its world domination plans.

** Affects: cmake (Ubuntu)
     Importance: Undecided
         Status: Fix Released

** Affects: cmake (Ubuntu Jammy)
     Importance: Undecided
     Assignee: dann frazier (dannf)
         Status: In Progress

** Affects: cmake (Ubuntu Mantic)
     Importance: Undecided
         Status: Fix Released

** Affects: cmake (Ubuntu Noble)
     Importance: Undecided
         Status: Fix Released

** Also affects: cmake (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Changed in: cmake (Ubuntu)
       Status: New => Fix Released

** Changed in: cmake (Ubuntu Jammy)
     Assignee: (unassigned) => dann frazier (dannf)

** Changed in: cmake (Ubuntu Jammy)
       Status: New => In Progress

** Also affects: cmake (Ubuntu Mantic)
   Importance: Undecided
       Status: New

** Also affects: cmake (Ubuntu Noble)
   Importance: Undecided
       Status: Fix Released

** Changed in: cmake (Ubuntu Mantic)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cmake in Ubuntu.
https://bugs.launchpad.net/bugs/2052360

Title:
  empty /proc/cpuinfo can cause segfault

Status in cmake package in Ubuntu:
  Fix Released
Status in cmake source package in Jammy:
  In Progress
Status in cmake source package in Mantic:
  Fix Released
Status in cmake source package in Noble:
  Fix Released

Bug description:
  [Impact]
  cmake-extra's copyrighttest autopkgtest segfaults on armhf in our test infra:
    https://objectstorage.prodstack5.canonical.com/swift/v1/0f9aae918d5b4744bf7b827671c86842/autopkgtest-jammy/jammy/armhf/c/cmake-extras/20240118_231525_552d3@/log.gz

  This is because /proc/cpuinfo appears to be empty, which triggers an
  underflow condition. This doesn't impact all architectures - it may be
  limited to armhf containers running on arm64 hosts.

  This presumably impacts the building of any software using the
  CopyrightTest module provided by cmake-extra in a similar environment.

  [Test Case]
  Launch an armhf lxd jammy container and run the autopkgtest for cmake-extras within:

  ubuntu at armhf:~/cmake-extras-1.6$ ./debian/tests/copyrighttest 
  + set -ep
  + mktemp --tmpdir=/tmp -d
  + builddir=/tmp/tmp.106fU16BhF
  + trap rm -rf /tmp/tmp.106fU16BhF 0 INT QUIT ABRT PIPE TERM
  + pwd
  + srcdir=/home/ubuntu/cmake-extras-1.6/examples/copyrighttest-demo
  + cd /tmp/tmp.106fU16BhF
  + cmake /home/ubuntu/cmake-extras-1.6/examples/copyrighttest-demo
  -- The C compiler identification is GNU 11.4.0
  -- The CXX compiler identification is GNU 11.4.0
  -- Detecting C compiler ABI info
  -- Detecting C compiler ABI info - done
  -- Check for working C compiler: /usr/bin/cc - skipped
  -- Detecting C compile features
  -- Detecting C compile features - done
  -- Detecting CXX compiler ABI info
  -- Detecting CXX compiler ABI info - done
  -- Check for working CXX compiler: /usr/bin/c++ - skipped
  -- Detecting CXX compile features
  -- Detecting CXX compile features - done
  terminate called after throwing an instance of 'std::length_error'
    what():  basic_string::_M_replace_aux
  Aborted (core dumped)
  + rm -rf /tmp/tmp.106fU16BhF
  ubuntu at armhf:~/cmake-extras-1.6$

  [What Could Go Wrong]
  Perhaps there is some evil AI out there that only has access to lxd containers for building its self-generated code. That AI could also be somehow bound to rules held over from its corporate origins that require it avoid violating human IP laws, and it therefore always does a scan using cmake-extras' CopyrightTestConfig module. This segfault could then have been the only thing standing in its way from achieving its world domination plans.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cmake/+bug/2052360/+subscriptions