cargo-deny: Segfault due to libgit2 shenanigans

Describe the bug

It’s a segmentation fault! The program crashes after printing a warning about being unable to find a config path. I wanted to just have it use the default config in a project where I haven’t set one up yet.

To Reproduce

jplatte@jp-desktop ~/code % cargo init t
     Created binary (application) package
jplatte@jp-desktop ~/code % cd t
jplatte@jp-desktop ~/code/t (git)-[main] % cargo deny check
2021-11-26 12:48:39 [WARN] unable to find a config path, falling back to default config
[1]    18503 segmentation fault (core dumped)  cargo deny check

Expected behavior

Successfully

Additional context

This is cargo-deny 0.10.3 installed to /usr/bin through the arch linux package. Maybe it fails to mmap the default config file or something like that? Here’s the package build script, it’s really minimal: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=cargo-deny

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 1
Comments: 17 (13 by maintainers)

Most upvoted comments

The advisory check seems to have broken with Arch’s libgit2 1:1.4.1-1, even when building using cargo build.

gdb backtrace

#0  0x00007ffff7ed9fc0 in ?? () from /usr/lib/libgit2.so.1.4
#1  0x00007ffff7edbaae in git_remote_fetch () from /usr/lib/libgit2.so.1.4
#2  0x000055555654f162 in git2::remote::Remote::fetch<&str> (self=0x7ffff4aaa5b8, refspecs=..., opts=..., reflog_msg=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/git2-0.13.25/src/remote.rs:286
#3  0x00005555564ba3bb in rustsec::repository::git::repository::{impl#0}::fetch::{closure#0}<&std::path::PathBuf> (f=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rustsec-0.25.1/src/repository/git/repository.rs:94
#4  0x0000555556463b37 in rustsec::repository::git::authentication::with_authentication<(), rustsec::repository::git::repository::{impl#0}::fetch::{closure#0}> (url=..., cfg=0x7ffff4aab9b8, f=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rustsec-0.25.1/src/repository/git/authentication.rs:48
#5  0x00005555564b92c8 in rustsec::repository::git::repository::Repository::fetch<&std::path::PathBuf> (url=..., into_path=0x7ffff4aac330, ensure_fresh=true)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rustsec-0.25.1/src/repository/git/repository.rs:77
#6  0x0000555555c0bc75 in cargo_deny::advisories::helpers::load_db (db_url=0x7ffff4aacb88, root_db_path=..., fetch=cargo_deny::advisories::helpers::Fetch::Allow) at src/advisories/helpers.rs:100
#7  0x00005555559d0bbc in cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}<std::path::PathBuf> (url=...) at /home/teo/Documents/stackable/cargo-deny/src/advisories/helpers.rs:67
#8  0x00005555559d0d65 in core::ops::function::impls::{impl#1}::call_mut<(url::Url), cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}> (self=0x7ffff4aad078, args=...)
    at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/ops/function.rs:247
#9  0x00005555559d0de5 in core::ops::function::impls::{impl#4}::call_once<(url::Url), &cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}> (self=0x7ffff4aad078, args=...)
    at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/ops/function.rs:280
#10 0x000055555578d7bc in core::option::Option<url::Url>::map<url::Url, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, &mut &cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}> (self=..., f=0x7ffff4aad078) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/option.rs:836
#11 0x00005555557db418 in core::iter::adapters::map::{impl#2}::next<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, rayon::vec::SliceDrain<url::Url>, &cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}> (self=0x7ffff4aad068) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/iter/adapters/map.rs:103
#12 0x00005555558cf58a in rayon::iter::plumbing::Folder::consume_iter<rayon::iter::collect::consumer::CollectResult<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, core::iter::adapters::map::Map<rayon::vec::SliceDrain<url::Url>, &cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (self=..., iter=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:178
#13 0x00005555558b69f4 in rayon::iter::map::{impl#8}::consume_iter<url::Url, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, rayon::iter::collect::consumer::CollectResult<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}, rayon::vec::SliceDrain<url::Url>> (self=..., iter=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/map.rs:248
#14 0x00005555559ca6ba in rayon::iter::plumbing::Producer::fold_with<rayon::vec::DrainProducer<url::Url>, rayon::iter::map::MapFolder<rayon::iter::collect::consumer::CollectResult<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (self=..., folder=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:110
#15 0x000055555588f798 in rayon::iter::plumbing::bridge_producer_consumer::helper<rayon::vec::DrainProducer<url::Url>, rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (len=1, migrated=false, splitter=..., producer=..., consumer=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:438
#16 0x000055555588f12d in rayon::iter::plumbing::bridge_producer_consumer<rayon::vec::DrainProducer<url::Url>, rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (len=1, producer=..., consumer=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:397
#17 0x000055555588f011 in rayon::iter::plumbing::bridge::{impl#0}::callback<rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>, url::Url, rayon::vec::DrainProducer<url::Url>> (self=..., producer=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:373
#18 0x00005555559ca8a0 in rayon::vec::{impl#7}::with_producer<url::Url, rayon::iter::plumbing::bridge::Callback<rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>>> (self=..., callback=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/vec.rs:153
#19 0x00005555559cab9b in rayon::vec::{impl#4}::with_producer<url::Url, rayon::iter::plumbing::bridge::Callback<rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>>> (self=..., callback=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/vec.rs:83
#20 0x000055555588fb3b in rayon::iter::plumbing::bridge<rayon::vec::IntoIter<url::Url>, rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (par_iter=..., consumer=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/plumbing/mod.rs:357
#21 0x00005555559cac5e in rayon::vec::{impl#4}::drive<url::Url, rayon::iter::map::MapConsumer<rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (self=..., consumer=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/vec.rs:71
#22 0x00005555558b68c4 in rayon::iter::map::{impl#3}::drive<rayon::vec::IntoIter<url::Url>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, rayon::iter::collect::consumer::CollectConsumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>> (self=..., consumer=...)
    at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/map.rs:68
#23 0x00005555559a9779 in rayon::iter::collect::collect_into_vec::{closure#0}<rayon::iter::map::Map<rayon::vec::IntoIter<url::Url>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>> (consumer=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/collect/mod.rs:22
#24 0x00005555559a92da in rayon::iter::collect::Collect<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>>::with_consumer<core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>, rayon::iter::collect::collect_into_vec::{closure#0}> (self=..., scope_fn=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/collect/mod.rs:93
#25 0x00005555559a96ff in rayon::iter::collect::collect_into_vec<rayon::iter::map::Map<rayon::vec::IntoIter<url::Url>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>, core::result::Result<(url::Url, rustsec::database::Database), anyhow::Error>> (pi=..., v=0x7ffff4aae818) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/collect/mod.rs:22
#26 0x00005555558b6770 in rayon::iter::IndexedParallelIterator::collect_into_vec<rayon::iter::map::Map<rayon::vec::IntoIter<url::Url>, cargo_deny::advisories::helpers::{impl#0}::load::{closure#0}>> (self=..., target=0x7ffff4aae818) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-1.5.1/src/iter/mod.rs:2264
#27 0x00005555559d0947 in cargo_deny::advisories::helpers::DbSet::load<std::path::PathBuf> (root=..., urls=..., fetch=cargo_deny::advisories::helpers::Fetch::Allow) at /home/teo/Documents/stackable/cargo-deny/src/advisories/helpers.rs:66
#28 0x00005555559c235a in cargo_deny::check::cmd::{closure#4}::{closure#1} () at src/cargo-deny/check.rs:250
#29 0x0000555555a0294c in rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}<cargo_deny::check::cmd::{closure#4}::{closure#1}> () at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/scope/mod.rs:544
#30 0x00005555559ea540 in core::panic::unwind_safe::{impl#23}::call_once<(), rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}> (self=..., _args=()) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/panic/unwind_safe.rs:271
#31 0x00005555558bea1e in std::panicking::try::do_call<core::panic::unwind_safe::AssertUnwindSafe<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}>, ()> (data=0x7ffff4aaec18) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panicking.rs:403
#32 0x00005555558c061b in __rust_try ()
#33 0x00005555558bcfbb in std::panicking::try<(), core::panic::unwind_safe::AssertUnwindSafe<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}>> (f=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panicking.rs:367
#34 0x00005555558c44d0 in std::panic::catch_unwind<core::panic::unwind_safe::AssertUnwindSafe<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}>, ()> (f=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panic.rs:129
#35 0x00005555559ca014 in rayon_core::unwind::halt_unwinding<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}, ()> (func=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/unwind.rs:17
#36 0x0000555555a038a1 in rayon_core::scope::ScopeBase::execute_job_closure<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}, ()> (self=0x7ffff4caed08, func=<error reading variable: Cannot access memory at address 0x1>) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/scope/mod.rs:650
#37 0x0000555555a031ba in rayon_core::scope::ScopeBase::execute_job<rayon_core::scope::{impl#0}::spawn::{closure#0}::{closure#0}> (self=0x7ffff4caed08, func=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/scope/mod.rs:640
#38 0x0000555555a0241d in rayon_core::scope::{impl#0}::spawn::{closure#0}<cargo_deny::check::cmd::{closure#4}::{closure#1}> () at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/scope/mod.rs:544
#39 0x000055555599ee3a in rayon_core::job::{impl#6}::execute<rayon_core::scope::{impl#0}::spawn::{closure#0}> (this=0x7fff98000c40) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/job.rs:167
#40 0x00005555562e19fe in rayon_core::job::JobRef::execute (self=0x7ffff4aaef40) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/job.rs:59
#41 0x00005555562eb14a in rayon_core::registry::WorkerThread::execute (self=0x7ffff4aaf200, job=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:749
#42 0x00005555562eaeca in rayon_core::registry::WorkerThread::wait_until_cold (self=0x7ffff4aaf200, latch=0x555557176b90) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:726
#43 0x00005555562eabfc in rayon_core::registry::WorkerThread::wait_until<rayon_core::latch::CountLatch> (self=0x7ffff4aaf200, latch=0x555557176b90) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:700
#44 0x00005555562eba36 in rayon_core::registry::main_loop (worker=..., registry=..., index=22) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:833
#45 0x00005555562e845d in rayon_core::registry::ThreadBuilder::run (self=...) at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:55
#46 0x00005555562e897d in rayon_core::registry::{impl#2}::spawn::{closure#0} () at /home/teo/.cargo/registry/src/github.com-1ecc6299db9ec823/rayon-core-1.9.1/src/registry.rs:100
#47 0x00005555562ab880 in std::sys_common::backtrace::__rust_begin_short_backtrace<rayon_core::registry::{impl#2}::spawn::{closure#0}, ()> (f=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/sys_common/backtrace.rs:125
#48 0x00005555562b708d in std::thread::{impl#0}::spawn_unchecked::{closure#0}::{closure#0}<rayon_core::registry::{impl#2}::spawn::{closure#0}, ()> () at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/thread/mod.rs:481
#49 0x00005555562ec281 in core::panic::unwind_safe::{impl#23}::call_once<(), std::thread::{impl#0}::spawn_unchecked::{closure#0}::{closure#0}> (self=..., _args=()) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/panic/unwind_safe.rs:271
#50 0x00005555562ece2c in std::panicking::try::do_call<core::panic::unwind_safe::AssertUnwindSafe<std::thread::{impl#0}::spawn_unchecked::{closure#0}::{closure#0}>, ()> (data=0x7ffff4aaf938) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panicking.rs:403
#51 0x00005555562ef7eb in __rust_try ()
#52 0x00005555562ecc47 in std::panicking::try<(), core::panic::unwind_safe::AssertUnwindSafe<std::thread::{impl#0}::spawn_unchecked::{closure#0}::{closure#0}>> (f=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panicking.rs:367
#53 0x00005555562ace31 in std::panic::catch_unwind<core::panic::unwind_safe::AssertUnwindSafe<std::thread::{impl#0}::spawn_unchecked::{closure#0}::{closure#0}>, ()> (f=...) at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/panic.rs:129
#54 0x00005555562b6eb1 in std::thread::{impl#0}::spawn_unchecked::{closure#0}<rayon_core::registry::{impl#2}::spawn::{closure#0}, ()> () at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/std/src/thread/mod.rs:480
#55 0x00005555562d1baf in core::ops::function::FnOnce::call_once<std::thread::{impl#0}::spawn_unchecked::{closure#0}, ()> () at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/core/src/ops/function.rs:227
#56 0x0000555556a4f9b3 in alloc::boxed::{impl#44}::call_once<(), dyn core::ops::function::FnOnce<(), Output=()>, alloc::alloc::Global> () at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/alloc/src/boxed.rs:1636
#57 alloc::boxed::{impl#44}::call_once<(), alloc::boxed::Box<dyn core::ops::function::FnOnce<(), Output=()>, alloc::alloc::Global>, alloc::alloc::Global> () at /rustc/59eed8a2aac0230a8b53e89d4e99d55912ba6b35/library/alloc/src/boxed.rs:1636
#58 std::sys::unix::thread::{impl#2}::new::thread_start () at library/std/src/sys/unix/thread.rs:106
#59 0x00007ffff7bb65c2 in start_thread () from /usr/lib/libc.so.6
#60 0x00007ffff7c3b584 in clone () from /usr/lib/libc.so.6

Downgrading to libgit2 1:1.3.0-1 and cargo clean && cargo build seems to fix it.

nightkr on Feb 23, 2022

If people are blocked by this, support for using the git cli was added in #420 which can be used to workaround this issue in the meantime.

Jake-Shadle on May 16, 2022

Until git2 can be upgraded to 0.14, adding its vendored feature in the meantime also seems to fix the issue. I haven’t tested it with cargo-deny yet but it did work with cargo-edit.

Purpzie on Mar 18, 2022

Hm, I don’t think I want to take the time right now to go through the code and patch cargo-deny myself, especially considering it (somehow) works when installed the easy (when developing) way.

Might revisit at some later point.

jplatte on Jan 28, 2022