ls -l segfault
Jan Evert van Grootheest
Jan-Evert.van.Grootheest at Vialis.nl
Wed Mar 14 12:26:28 UTC 2007
Hi again,
-----Oorspronkelijk bericht-----
Van: busybox-bounces at busybox.net [mailto:busybox-bounces at busybox.net] Namens Jan Evert van Grootheest
Verzonden: woensdag 14 maart 2007 12:02
Aan: busybox at busybox.net
Onderwerp: ls -l segfault
Hi all,
I'm having the same problem as discussed in thread http://busybox.net/lists/busybox/2007-February/026158.html.
Unfortunately, that thread ends inconclusive.
It's exactly as described there:
- large directories (like /bin) fail with ls -l and smaller ones (/etc) succeed
- it only fails when executed as 'ls -l /bin' and does not fail as 'busybox ls -l /bin'
- 'ls -l /bin' and 'cd /bin; ls -l' both fail
- other ls options do not cause failure (tested each option as single option)
Environment is linux 2.6.16.43 + Ingos -rt patch. Gcc 4.1.2, glibc 2.3.6. And busybox 1.4.1 with the 5 patches.
So I made a debug busybox.
(noticed that CONFIG_DEBUG_PESSIMIZE does not make a difference; the compiler command line is the same with and without)
And made a coredump:
(gdb) bt full
#0 showfiles (dn=0x80c2fe8, nfiles=254) at coreutils/ls.c:559
i = 160
ncols = 1
nrows = 254
row = 160
nc = 0
column = 0
nexttab = 0
column_width = 0
Examining the memory behind *dn reveals the directory listing.
So I guess there are two overlapping memory regions. Somehow.
-- Jan Evert
#1 0x08058f1d in showdirs (dn=0x80c2160, ndirs=1, first=1) at coreutils/ls.c:461
i = 0
nfiles = 135016424
subdnp = (struct dnode **) 0x80c2fe8
dndirs = <value optimized out>
dnd = <value optimized out>
#2 0x0805933b in ls_main (argc=3, argv=0x80be66c) at coreutils/ls.c:941
dnd = (struct dnode **) 0x80c2160
dnf = (struct dnode **) 0x0
dnp = <value optimized out>
dn = <value optimized out>
cur = <value optimized out>
opt = <value optimized out>
nfiles = 1
dnfiles = 0
dndirs = 1
oi = <value optimized out>
ac = <value optimized out>
i = <value optimized out>
av = (char **) 0x80be674
tabstops_str = 0x0
terminal_width_str = 0x0
color_opt = 0x80be66c "<f\v\bLf\v\b\\f\v\b"
dotdir = {0x80b41fe "."}
#3 0x08092d1b in tryexec (cmd=0xfe <Address 0xfe out of bounds>, argv=0x80c2fe8, envp=0x1) at shell/ash.c:3761
a = <value optimized out>
argc = <value optimized out>
#4 0x08092dcb in shellexec (argv=0xfe,
path=0x80c2fe8 "12 15:19 \033[1;32mpppoe-discovery\033[0m\n-rwxr-xr-x 1 root root 9912 Mar 12 15:19 \033[1;32mpppstats\033[0m\nlrwxrwxrwx 1 root root", ' ' <repeats 12 times>, "7 Mar 14 08:49 \033[1;36mprintf\033[0m -> \033[1;32mbusy"..., idx=1) at shell/ash.c:3712
cmdname = <value optimized out>
e = <value optimized out>
envp = (char **) 0x80be67c
exerrno = <value optimized out>
#5 0x080c4fe5 in ?? ()
No symbol table info available.
#6 0x080c4f08 in ?? ()
No symbol table info available.
#7 0x080be66c in stackbase ()
No symbol table info available.
#8 0x00000000 in ?? ()
No symbol table info available.
It seems that show_files is at line 430 and list_single is inlined.
I also tried with valgrind. No problems reported. And it does not segfault, either.
I also made a binary that is compiled with -O0 (no optimization). It failed myteriously thus:
(gdb) bt full
#0 0x0805891a in openvt_main (argc=804208, argv=0xb7f95ae0) at console-tools/openvt.c:35
fd = 0
vtname = "\b\001\000\000\000ÿ\000\000\000¡\000\000"
#1 0x00000000 in ?? ()
This binary also works succesfully with valgrind. And without -l.
Where to continue from here?
Anybody with more knowledge of the internals of busybox with suggestions to try?
Thanks,
Jan Evert
The information contained in this communication is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others authorised to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. Vialis is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.busybox.net/pipermail/busybox/attachments/20070314/98572875/attachment-0001.htm
More information about the busybox
mailing list