Subject: lib/12439: strvis(3) overrun with /bin/ps
To: None <gnats-bugs@gnats.netbsd.org>
From: None <itojun@itojun.org>
List: netbsd-bugs
Date: 03/21/2001 03:00:06
>Number: 12439
>Category: lib
>Synopsis: strvis(3) overrun with /bin/ps
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: lib-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Mar 20 11:08:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Jun-ichiro itojun Hagino
>Release: 1.5S
>Organization:
itojun.org
>Environment:
System: NetBSD starfruit.itojun.org 1.5S NetBSD 1.5S (STARFRUIT) #420: Fri Mar 16 21:00:53 JST 2001 itojun@starfruit.itojun.org:/usr/home/itojun/NetBSD/src/sys/arch/i386/compile/STARFRUIT i386
Architecture: i386
Machine: i386
>Description:
i frequently see "ps auxw" dies with segmentation fault or some other
memory access violations. the behavior depends on what kind of
processes we have.
one of the reasons for the segmentation fault seems to be
strvis(3) overrun.
>How-To-Repeat:
(gdb) run auxw
Starting program: /usr/home/itojun/NetBSD/src/bin/ps/obj.i386/ps auxw
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 4281 4.0 0.7 1780 2640 p4 S 2:49AM 0:00.05 gdb obj.i386/ps
root 19695 1.3 3.5 7404 13908 ?? R Mon10PM 15:48.07 /usr/X11R6/bin/X :0 (XF86_SVGA)
itojun 4284 0.0 0.2 120 628 p1 S+ 2:49AM 0:00.01 cc -O2 -Werror -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpoin
Program received signal SIGSEGV, Segmentation fault.
0x805137d in _strsvis ()
(gdb) bt
#0 0x805137d in _strsvis ()
#1 0x80519cf in _strvis ()
#2 0x80484ab in fmt_puts (
s=0x80cd00c "cc -O2 -Werror -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith -Wno-uninitialized -Wno-main -I. -I../.", '\033-?\016P\033(B' <repeats 81 times>..., leftp=0xbfbfc9c0) at /home/itojun/NetBSD/src/bin/ps/fmt.c:35
#3 0x80492bb in command (ki=0x809b720, ve=0x80990e0, mode=0)
at /home/itojun/NetBSD/src/bin/ps/print.c:309
#4 0x804b662 in main (argc=0, argv=0xbfbfd6e0)
at /home/itojun/NetBSD/src/bin/ps/ps.c:432
#5 0x80481a5 in ___start ()
(gdb) frame 2
#2 0x80484ab in fmt_puts (
s=0x80cd00c "cc -O2 -Werror -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith -Wno-uninitialized -Wno-main -I. -I../.", '\033-?\016P\033(B' <repeats 81 times>..., leftp=0xbfbfc9c0) at /home/itojun/NetBSD/src/bin/ps/fmt.c:35
35 strvis(v, s, VIS_TAB | VIS_NL | VIS_CSTYLE);
(gdb) print v
$2 = 0x80cf000 "cc -O2 -Werror -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith -Wno-uninitialized -Wno-main -I. -I../.\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134M-P\134\134"...
(gdb) print s
$3 = 0x80cd00c "cc -O2 -Werror -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith -Wno-uninitialized -Wno-main -I. -I../.", '\033-?\016P\033(B' <repeats 81 times>...
>Fix:
have strnvis/strlvis, and use it?
>Release-Note:
>Audit-Trail:
>Unformatted: