Subject: lib/11467: ps dumps core by kvm_proc.c's bug.
To: None <gnats-bugs@gnats.netbsd.org>
From: SAITOH Masanobu <masanobu@mk7m.iij.ad.jp>
List: netbsd-bugs
Date: 11/11/2000 13:44:18 
>Number:         11467
>Category:       lib
>Synopsis:       ps dumps core by kvm_proc.c's bug.
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Nov 11 13:44:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     SAITOH Masanobu
>Release:        latest -current and 1.5_BETA2
>Organization:
----------------------------------------------------------
		SAITOH Masanobu (masanobu@iij.ad.jp)
>Environment:
System: NetBSD mk7m 1.5H NetBSD 1.5H (GENERIC-$Revision: 1.306 $) #21: Thu Oct 26 11:00:46 JST 2000 masanobu@mk7m:/var/sources/current/src/sys/arch/i386/compile/MK7M i386


>Description:

 How to make core:

 # ln -s J /etc/malloc.conf
 # w
mk7m(masanobu){214}% w
 5:45AM  up 13 days, 18:39, 3 users, load averages: 0.11, 0.25, 0.20
USER    TTY FROM              LOGIN@  IDLE WHAT
masanobu p0 h053n005.iij.ad. 26Oct00 14:46 tip cons115200 
masanobu p1 h053n005.iij.ad. Mon03PM  7:13 -tcsh 
masanobu p2 h053n005.iij.ad. Wed09AM     0 w 
<------------------------------------------------------->
                            (tail of the longest command line is columns 67)

  [RESIZE the columns of the xterm shorter than 67]

  # w
   5:41AM  up 13 days, 18:35, 3 users, load average.21, 0.29, 0.19
  USER    TTY FROM              LOGIN@  IDLE WHAT
  Segmentation fault - core dumped

>How-To-Repeat:
	see above
>Fix:
  Following patch fixes the problem. I don't know whether this is
correct fix or not.

Index: kvm_proc.c
===================================================================
RCS file: /cvsroot/basesrc/lib/libkvm/kvm_proc.c,v
retrieving revision 1.42
diff -c -r1.42 kvm_proc.c
*** kvm_proc.c	2000/10/05 03:21:01	1.42
--- kvm_proc.c	2000/11/08 20:44:03
***************
*** 1065,1071 ****
  	mib[1] = KERN_PROC_ARGS;
  	mib[2] = pid;
  	mib[3] = type;
! 	bufs = kd->arglen;
  	if (sysctl(mib, 4, kd->argspc, &bufs, NULL, NULL) == -1)
  		return NULL;
  
--- 1065,1071 ----
  	mib[1] = KERN_PROC_ARGS;
  	mib[2] = pid;
  	mib[3] = type;
! 	bufs = kd->arglen - 1; /* space for null termination */
  	if (sysctl(mib, 4, kd->argspc, &bufs, NULL, NULL) == -1)
  		return NULL;
  


>Release-Note:
>Audit-Trail:
>Unformatted: