kern/38881: execve(2) panic: lock error, with path argument > PATH_MAX

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/38881: execve(2) panic: lock error, with path argument > PATH_MAX
From: njoly%pasteur.fr@localhost
Date: Fri, 6 Jun 2008 19:45:01 +0000 (UTC)

>Number:         38881
>Category:       kern
>Synopsis:       execve(2) panic: lock error, with path argument > PATH_MAX
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jun 06 19:45:00 +0000 2008
>Originator:     Nicolas Joly
>Release:        NetBSD 4.99.64
>Organization:
Biological Software and Databanks.
Institut Pasteur, Paris.
>Environment:
System: NetBSD lanfeust.sis.pasteur.fr 4.99.64 NetBSD 4.99.64 (LANFEUST) #0: 
Fri Jun 6 20:14:12 CEST 2008 
njoly%lanfeust.sis.pasteur.fr@localhost:/local/src/NetBSD/obj.amd64/sys/arch/amd64/compile/LANFEUST
 amd64
Architecture: x86_64
Machine: amd64
>Description:
I just got a lock error panic, with execve(2) when the path argument exceed
the maximum allowed value of PATH_MAX.

njoly@lanfeust [emul/netbsd]> cat execve.c 
#include <err.h>
#include <errno.h>
#include <limits.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

int main() {
  char *cmd[] = { "", NULL };
  char *buf;
  int res;
  size_t len;

  len = PATH_MAX + 1;
  buf = malloc(len+1);
  if (buf == NULL)
    err(1, "malloc failed");

  memset(buf, 'a', len);
  *(buf+len+1) = '\0';
  cmd[0] = buf;
  res = execve(*cmd, cmd, NULL);
  if (res == -1)
    err(1, "execve failed");

  free(buf);

  return 0; }
njoly@lanfeust [emul/netbsd]> make execve
cc -O2   -o execve execve.c 
njoly@lanfeust [emul/netbsd]> ./execve 
[PANIC]

panic: lock error
fatal breakpoint trap in supervisor mode
trap type 1 code 0 rip ffffffff804f9f45 cs 8 rflags 246 cr2  7f7ffda01020 cpl 0
rsp ffff80004a6f4720
Stopped in pid 809.1 (execve) at        netbsd:breakpoint+0x5:  leave
db{0}> bt
breakpoint() at netbsd:breakpoint+0x5
panic() at netbsd:panic+0x260
lockdebug_abort() at netbsd:lockdebug_abort+0x42
rw_vector_exit() at netbsd:rw_vector_exit+0xa7
execve1() at netbsd:execve1+0xeb
syscall() at netbsd:syscall+0x9a

This is a GENERIC+DIAGNOSTIC kernel, with a few extra devices.
>How-To-Repeat:
compile and run the above testcase.
>Fix:
n/a

Prev by Date: Re: kern/38874: btsco(4) does not send or receive audio on -current
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: kern/38874: btsco(4) does not send or receive audio on -current
Next by Thread: Re: kern/38881 (execve(2) panic: lock error, with path argument > PATH_MAX)
Indexes:

Home | Main Index | Thread Index | Old Index