Duplicacy CLI crashes with "fatal error: found bad pointer in Go heap"

swivelsenior · 3 February 2021 14:37

Please describe what you are doing to trigger the bug:

I am trying to run the following command (the working directory is the repository path):

sudo duplicacy backup -dry-run -threads 2 -limit-rate 500

Please describe what you expect to happen (but doesn’t):

I expect the command to complete without errors.

Please describe what actually happens (the wrong behaviour):

After some time, duplicacy crashes with the following stack trace:

runtime: pointer 0x198620aa to unused region of span span.base()=0xe3ac000 span.limit=0xe3adf80 span.state=1
runtime: found in object at *(0x1392eaa0+0x24)
object=0x1392eaa0 s.base()=0x1392e000 s.limit=0x1392ffe0 s.spanclass=12 s.elemsize=80 s.state=mSpanInUse
 *(object+0) = 0x24c62e20
 *(object+4) = 0x6a206a2f
 *(object+8) = 0x7afd672f
 *(object+12) = 0x5f53a1bc
 *(object+16) = 0xc077ec89
 *(object+20) = 0xed105d0e
 *(object+24) = 0xf154fa8c
 *(object+28) = 0x6b0ad8b4
 *(object+32) = 0x321c72f3
 *(object+36) = 0x198620aa <==
 *(object+40) = 0x66ded928
 *(object+44) = 0x24fd22d0
 *(object+48) = 0xb3f4ad4f
 *(object+52) = 0xa89b9728
 *(object+56) = 0xe874de32
 *(object+60) = 0x2824f0dc
 *(object+64) = 0xa3eb8371
 *(object+68) = 0x6dbf8ab3
 *(object+72) = 0x9aaca2b9
 *(object+76) = 0x8be4618a
fatal error: found bad pointer in Go heap (incorrect use of unsafe or cgo?)

runtime stack:
runtime.throw(0xa2b406, 0x3e)
        /usr/local/go/src/runtime/panic.go:617 +0x5c fp=0x344bf0c sp=0x344bef8 pc=0x3ff98
runtime.findObject(0x198620aa, 0x1392eaa0, 0x24, 0x0, 0x0, 0x0)
        /usr/local/go/src/runtime/mbitmap.go:397 +0x34c fp=0x344bf30 sp=0x344bf0c pc=0x24068
runtime.scanobject(0x1392eaa0, 0x3430960)
        /usr/local/go/src/runtime/mgcmark.go:1174 +0x238 fp=0x344bf84 sp=0x344bf30 pc=0x319c4
runtime.gcDrain(0x3430960, 0xb)
        /usr/local/go/src/runtime/mgcmark.go:932 +0x2a8 fp=0x344bfcc sp=0x344bf84 pc=0x30fe4
runtime.gcBgMarkWorker.func2()
        /usr/local/go/src/runtime/mgc.go:1924 +0x17c fp=0x344bfe8 sp=0x344bfcc pc=0x6d678
runtime.systemstack(0x343e960)
        /usr/local/go/src/runtime/asm_arm.s:354 +0x84 fp=0x344bfec sp=0x344bfe8 pc=0x6ff28
runtime.mstart()
        /usr/local/go/src/runtime/proc.go:1153 fp=0x344bfec sp=0x344bfec pc=0x44668

goroutine 17 [GC worker (idle)]:
runtime.systemstack_switch()
        /usr/local/go/src/runtime/asm_arm.s:298 +0x4 fp=0x3436798 sp=0x3436794 pc=0x6fe98
runtime.gcBgMarkWorker(0x3430000)
        /usr/local/go/src/runtime/mgc.go:1890 +0x1a8 fp=0x34367e4 sp=0x3436798 pc=0x2cc3c
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x34367e4 sp=0x34367e4 pc=0x71bd0
created by runtime.gcBgMarkStartWorkers
        /usr/local/go/src/runtime/mgc.go:1784 +0x68

goroutine 1 [runnable]:
runtime.gcTrigger.test(0x1, 0x0, 0x0, 0x0, 0x7734e601)
        /usr/local/go/src/runtime/mgc.go:1163 +0x1bc fp=0x39d9c84 sp=0x39d9c84 pc=0x2aff8
runtime.mallocgc(0x2000, 0x964128, 0x157ca001, 0x65)
        /usr/local/go/src/runtime/malloc.go:1031 +0x3c8 fp=0x39d9cec sp=0x39d9c84 pc=0x1b3ec
runtime.makeslice(0x964128, 0x0, 0x400, 0x157ca070)
        /usr/local/go/src/runtime/slice.go:49 +0x70 fp=0x39d9d00 sp=0x39d9cec pc=0x57a7c
github.com/gilbertchen/duplicacy/src.ListEntries(0x3686370, 0xc, 0x18ac1380, 0x58, 0x346a8d0, 0x340aec0, 0x4, 0x4, 0x0, 0x0, ...)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/src/duplicacy_entry.go:453 +0x100 fp=0x39d9e18 sp=0x39d9d00 pc=0x7d5d70
github.com/gilbertchen/duplicacy/src.CreateSnapshotFromDirectory(0x3686367, 0x5, 0x3686370, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffff00, 0x0, ...)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/src/duplicacy_snapshot.go:92 +0x36c fp=0x39da310 sp=0x39d9e18 pc=0x7f7dbc
github.com/gilbertchen/duplicacy/src.(*BackupManager).Backup(0x34722d0, 0x3686370, 0xc, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/src/duplicacy_backupmanager.go:219 +0x3ec fp=0x39da798 sp=0x39da310 pc=0x7b2a8c
main.backupRepository(0x346b830)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/duplicacy/duplicacy_main.go:784 +0x4a0 fp=0x39da900 sp=0x39da798 pc=0x830e1c
github.com/gilbertchen/duplicacy/vendor/github.com/gilbertchen/cli.Command.Run(0x9f1033, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa22878, 0x30, 0x0, ...)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/vendor/github.com/gilbertchen/cli/command.go:160 +0x5c4 fp=0x39daa20 sp=0x39da900 pc=0x3424d8
github.com/gilbertchen/duplicacy/vendor/github.com/gilbertchen/cli.(*App).Run(0x3426fa0, 0x3424140, 0x7, 0x8, 0x0, 0x0)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/vendor/github.com/gilbertchen/cli/app.go:179 +0x4cc fp=0x39dac90 sp=0x39daa20 pc=0x340148
main.main()
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/duplicacy/duplicacy_main.go:2201 +0x4878 fp=0x39dbfc4 sp=0x39dac90 pc=0x83a16c
runtime.main()
        /usr/local/go/src/runtime/proc.go:200 +0x204 fp=0x39dbfe4 sp=0x39dbfc4 pc=0x41bc0
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x39dbfe4 sp=0x39dbfe4 pc=0x71bd0

goroutine 2 [force gc (idle), 2 minutes]:
runtime.gopark(0xa387e8, 0x12faab0, 0x1410, 0x1)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343afd8 sp=0x343afc4 pc=0x42058
runtime.goparkunlock(...)
        /usr/local/go/src/runtime/proc.go:307
runtime.forcegchelper()
        /usr/local/go/src/runtime/proc.go:250 +0xb4 fp=0x343afec sp=0x343afd8 pc=0x41ec8
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343afec sp=0x343afec pc=0x71bd0
created by runtime.init.4
        /usr/local/go/src/runtime/proc.go:239 +0x24

goroutine 3 [GC sweep wait, 2 minutes]:
runtime.gopark(0xa387e8, 0x12fb070, 0x140c, 0x1)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343b7d0 sp=0x343b7bc pc=0x42058
runtime.goparkunlock(...)
        /usr/local/go/src/runtime/proc.go:307
runtime.bgsweep(0x3450000)
        /usr/local/go/src/runtime/mgcsweep.go:89 +0x150 fp=0x343b7e4 sp=0x343b7d0 pc=0x33004
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343b7e4 sp=0x343b7e4 pc=0x71bd0
created by runtime.gcenable
        /usr/local/go/src/runtime/mgc.go:208 +0x40

goroutine 4 [finalizer wait, 21 minutes]:
runtime.gopark(0xa387e8, 0x130b3cc, 0xbe140f, 0x1)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343a7a0 sp=0x343a78c pc=0x42058
runtime.goparkunlock(...)
        /usr/local/go/src/runtime/proc.go:307
runtime.runfinq()
        /usr/local/go/src/runtime/mfinal.go:175 +0x9c fp=0x343a7ec sp=0x343a7a0 pc=0x27a70
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343a7ec sp=0x343a7ec pc=0x71bd0
created by runtime.createfing
        /usr/local/go/src/runtime/mfinal.go:156 +0x44

goroutine 5 [syscall, 21 minutes]:
runtime.notetsleepg(0x130b9c0, 0xffffffff, 0xffffffff, 0x1)
        /usr/local/go/src/runtime/lock_futex.go:227 +0x24 fp=0x343bfc8 sp=0x343bfb0 pc=0x1a1cc
os/signal.signal_recv(0x0)
        /usr/local/go/src/runtime/sigqueue.go:139 +0x130 fp=0x343bfe0 sp=0x343bfc8 pc=0x57874
os/signal.loop()
        /usr/local/go/src/os/signal/signal_unix.go:23 +0x14 fp=0x343bfec sp=0x343bfe0 pc=0x2d7d94
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343bfec sp=0x343bfec pc=0x71bd0
created by os/signal.init.0
        /usr/local/go/src/os/signal/signal_unix.go:29 +0x30

goroutine 7 [syscall]:
runtime.notetsleepg(0x12fdcc4, 0x4e7b1467, 0x2, 0x0)
        /usr/local/go/src/runtime/lock_futex.go:227 +0x24 fp=0x343c790 sp=0x343c778 pc=0x1a1cc
runtime.timerproc(0x12fdcb0)
        /usr/local/go/src/runtime/time.go:311 +0x440 fp=0x343c7e4 sp=0x343c790 pc=0x61ad8
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343c7e4 sp=0x343c7e4 pc=0x71bd0
created by runtime.(*timersBucket).addtimerLocked
        /usr/local/go/src/runtime/time.go:169 +0x174

goroutine 8 [select]:
runtime.gopark(0xa38808, 0x0, 0x1809, 0x1)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343cebc sp=0x343cea8 pc=0x42058
runtime.selectgo(0x343cf9c, 0x343cf74, 0x3, 0x2000cae4, 0x12a)
        /usr/local/go/src/runtime/select.go:313 +0xc80 fp=0x343cf58 sp=0x343cebc pc=0x52918
github.com/gilbertchen/duplicacy/vendor/go.opencensus.io/stats/view.(*worker).start(0x359ee80)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/vendor/go.opencensus.io/stats/view/worker.go:154 +0xb0 fp=0x343cfe4 sp=0x343cf58 pc=0x4a3184
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343cfe4 sp=0x343cfe4 pc=0x71bd0
created by github.com/gilbertchen/duplicacy/vendor/go.opencensus.io/stats/view.init.0
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/vendor/go.opencensus.io/stats/view/worker.go:32 +0x48

goroutine 9 [select, 21 minutes, locked to thread]:
runtime.gopark(0xa38808, 0x0, 0x1809, 0x1)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343d6f0 sp=0x343d6dc pc=0x42058
runtime.selectgo(0x343d7bc, 0x343d7b4, 0x2, 0x8, 0x1)
        /usr/local/go/src/runtime/select.go:313 +0xc80 fp=0x343d78c sp=0x343d6f0 pc=0x52918
runtime.ensureSigM.func1()
        /usr/local/go/src/runtime/signal_unix.go:547 +0x1c4 fp=0x343d7ec sp=0x343d78c pc=0x6f558
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343d7ec sp=0x343d7ec pc=0x71bd0
created by runtime.ensureSigM
        /usr/local/go/src/runtime/signal_unix.go:530 +0xc4

goroutine 10 [chan receive, 21 minutes]:
runtime.gopark(0xa387e8, 0x36739f0, 0x170d, 0x3)
        /usr/local/go/src/runtime/proc.go:301 +0x100 fp=0x343df70 sp=0x343df5c pc=0x42058
runtime.goparkunlock(...)
        /usr/local/go/src/runtime/proc.go:307
runtime.chanrecv(0x36739c0, 0x343dfdc, 0x1, 0x0)
        /usr/local/go/src/runtime/chan.go:524 +0x304 fp=0x343dfb8 sp=0x343df70 pc=0x15770
runtime.chanrecv2(0x36739c0, 0x343dfdc, 0x0)
        /usr/local/go/src/runtime/chan.go:411 +0x20 fp=0x343dfcc sp=0x343dfb8 pc=0x15460
main.main.func1(0x36739c0)
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/duplicacy/duplicacy_main.go:2195 +0x64 fp=0x343dfe4 sp=0x343dfcc pc=0x83adf0
runtime.goexit()
        /usr/local/go/src/runtime/asm_arm.s:868 +0x4 fp=0x343dfe4 sp=0x343dfe4 pc=0x71bd0
created by main.main
        /Users/chgang/zincbox/go/src/github.com/gilbertchen/duplicacy/duplicacy/duplicacy_main.go:2194 +0x4848

Here’s the preferences file of the repository in use (some values have been replaced with the string foo):

[
    {
        "name": "default",
        "id": "foo",
        "repository": "/mnt/storage",
        "storage": "b2://foo",
        "encrypted": true,
        "no_backup": false,
        "no_restore": false,
        "no_save_password": false,
        "nobackup_file": "",
        "keys": {
            "b2_id": "foo",
            "b2_key": "foo",
            "password": "foo"
        },
        "filters": "",
        "exclude_by_attribute": false
    }

And here’s the filters file:

-lost+found/
-transmission/
-share/music/
-share/movies/

The crash occurs on a Raspberry Pi 1 Model B with the following environment:

$ uname -mrsv
Linux 5.4.83+ #1379 Mon Dec 14 13:06:05 GMT 2020 armv6l
$ cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
[...]

Also, the crash happens systematically every time I execute the aforementioned command.

gchen · 3 February 2021 21:20

Can you try on a smaller repository to see if this issue can be reproduced? Also, is this the latest CLI?

swivelsenior · 3 February 2021 22:05

Yes, it’s the latest CLI. I’ll try with a smaller repository once I have some time.