ls -l segfault

Wed Mar 14 12:26:28 UTC 2007

Hi again,

	-----Oorspronkelijk bericht-----
	Van: busybox-bounces at busybox.net [mailto:busybox-bounces at busybox.net] Namens Jan Evert van Grootheest
	Verzonden: woensdag 14 maart 2007 12:02
	Aan: busybox at busybox.net
	Onderwerp: ls -l segfault

	Hi all,

	I'm having the same problem as discussed in thread http://busybox.net/lists/busybox/2007-February/026158.html.
	Unfortunately, that thread ends inconclusive.

	It's exactly as described there:
	- large directories (like /bin) fail with ls -l and smaller ones (/etc) succeed
	- it only fails when executed as 'ls -l /bin' and does not fail as 'busybox ls -l /bin'
	- 'ls -l /bin' and 'cd /bin; ls -l' both fail
	- other ls options do not cause failure (tested each option as single option)

	Environment is linux 2.6.16.43  + Ingos -rt patch. Gcc 4.1.2, glibc 2.3.6. And busybox 1.4.1 with the 5 patches.

	So I made a debug busybox.
	(noticed that CONFIG_DEBUG_PESSIMIZE does not make a difference; the compiler command line is the same with and without)
	And made a coredump:
	(gdb) bt full
	#0  showfiles (dn=0x80c2fe8, nfiles=254) at coreutils/ls.c:559
	        i = 160
	        ncols = 1
	        nrows = 254
	        row = 160
	        nc = 0
	        column = 0
	        nexttab = 0
	        column_width = 0 

Examining the memory behind *dn reveals the directory listing.
So I guess there are two overlapping memory regions. Somehow.

-- Jan Evert

	#1  0x08058f1d in showdirs (dn=0x80c2160, ndirs=1, first=1) at coreutils/ls.c:461
	        i = 0
	        nfiles = 135016424
	        subdnp = (struct dnode **) 0x80c2fe8
	        dndirs = <value optimized out>
	        dnd = <value optimized out>
	#2  0x0805933b in ls_main (argc=3, argv=0x80be66c) at coreutils/ls.c:941
	        dnd = (struct dnode **) 0x80c2160
	        dnf = (struct dnode **) 0x0
	        dnp = <value optimized out>
	        dn = <value optimized out>
	        cur = <value optimized out>
	        opt = <value optimized out>
	        nfiles = 1
	        dnfiles = 0
	        dndirs = 1
	        oi = <value optimized out>
	        ac = <value optimized out>
	        i = <value optimized out>
	        av = (char **) 0x80be674
	        tabstops_str = 0x0
	        terminal_width_str = 0x0
	        color_opt = 0x80be66c "<f\v\bLf\v\b\\f\v\b"
	        dotdir = {0x80b41fe "."}
	#3  0x08092d1b in tryexec (cmd=0xfe <Address 0xfe out of bounds>, argv=0x80c2fe8, envp=0x1) at shell/ash.c:3761
	        a = <value optimized out>
	        argc = <value optimized out>
	#4  0x08092dcb in shellexec (argv=0xfe,
	    path=0x80c2fe8 "12 15:19 \033[1;32mpppoe-discovery\033[0m\n-rwxr-xr-x    1 root     root         9912 Mar 12 15:19 \033[1;32mpppstats\033[0m\nlrwxrwxrwx    1 root     root", ' ' <repeats 12 times>, "7 Mar 14 08:49 \033[1;36mprintf\033[0m -> \033[1;32mbusy"..., idx=1) at shell/ash.c:3712
	        cmdname = <value optimized out>
	        e = <value optimized out>
	        envp = (char **) 0x80be67c
	        exerrno = <value optimized out>
	#5  0x080c4fe5 in ?? ()
	No symbol table info available.
	#6  0x080c4f08 in ?? ()
	No symbol table info available.
	#7  0x080be66c in stackbase ()
	No symbol table info available.
	#8  0x00000000 in ?? ()
	No symbol table info available.

	It seems that show_files is at line 430 and list_single is inlined.

	I also tried with valgrind. No problems reported. And it does not segfault, either.

	I also made a binary that is compiled with -O0 (no optimization). It failed myteriously thus:
	(gdb) bt full
	#0  0x0805891a in openvt_main (argc=804208, argv=0xb7f95ae0) at console-tools/openvt.c:35
	        fd = 0
	        vtname = "\b\001\000\000\000ÿ\000\000\000¡\000\000"
	#1  0x00000000 in ?? ()
	This binary also works succesfully with valgrind. And without -l.

	Where to continue from here?
	Anybody with more knowledge of the internals of busybox with suggestions to try?

	Thanks,
	Jan Evert 

The information contained in this communication is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others authorised to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. Vialis is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.busybox.net/pipermail/busybox/attachments/20070314/98572875/attachment-0001.htm 