[BusyBox 0001183]: Tar -t in busybox-1.4.1 segfaults

bugs at busybox.net bugs at busybox.net
Sat Feb 3 14:56:05 UTC 2007


A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1183 
====================================================================== 
Reported By:                espakman
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1183
Category:                   Other
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             01-29-2007 04:00 PST
Last Modified:              02-03-2007 06:56 PST
====================================================================== 
Summary:                    Tar -t in busybox-1.4.1 segfaults
Description: 
# tar -t
Segmentation fault

====================================================================== 

---------------------------------------------------------------------- 
 vda - 01-29-07 17:00  
---------------------------------------------------------------------- 
Works for me:

# cat busybox-1.4.1.tar | ./busybox tar t | head -10
busybox-1.4.1/
busybox-1.4.1/loginutils/
busybox-1.4.1/loginutils/su.c
busybox-1.4.1/loginutils/Kbuild
busybox-1.4.1/loginutils/adduser.c
busybox-1.4.1/loginutils/login.c
busybox-1.4.1/loginutils/passwd.c
busybox-1.4.1/loginutils/getty.c
busybox-1.4.1/loginutils/deluser.c
busybox-1.4.1/loginutils/vlock.c

Your .config, libc, gcc version? Strace output of "busybox tar t"? 

---------------------------------------------------------------------- 
 espakman - 01-30-07 11:30  
---------------------------------------------------------------------- 
My config is attached.

Libc: uClibc-0.9.28
gcc: gcc-3.3.3

Strace:

# strace ./busybox tar -t
execve("./busybox", ["./busybox", "tar", "-t"], [/* 26 vars */]) = 0
old_mmap(NULL, 20, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x40005000
open("/root/Bering/src/bering-uclibc/buildtool/staging/lib/libcrypt.so.0",
O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40006000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\224\4\0"...,
4096) = 4096
old_mmap(NULL, 81920, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x40007000
old_mmap(0x40007000, 7798, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3,
0) = 0x40007000
old_mmap(0x40009000, 184, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x2000) = 0x40009000
old_mmap(0x4000a000, 67036, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4000a000
close(3)                                = 0
munmap(0x40006000, 4096)                = 0
open("/root/Bering/src/bering-uclibc/buildtool/staging/lib/libc.so.0",
O_RDONLY) = 3
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40006000
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\316"...,
4096) = 4096
old_mmap(NULL, 266240, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x4001b000
old_mmap(0x4001b000, 239528, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED,
3, 0) = 0x4001b000
old_mmap(0x40056000, 3616, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
0x3b000) = 0x40056000
old_mmap(0x40057000, 19192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40057000
close(3)                                = 0
munmap(0x40006000, 4096)                = 0
ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo
...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo
...}) = 0
getuid()                                = 0
getgid()                                = 0
setgid(0)                               = 0
setuid(0)                               = 0
brk(0)                                  = 0x808dea0
brk(0x808eea0)                          = 0x808eea0
brk(0x808f000)                          = 0x808f000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++ 

---------------------------------------------------------------------- 
 espakman - 02-03-07 03:12  
---------------------------------------------------------------------- 
A small update, the segfault still exists with today's snapshot. 

---------------------------------------------------------------------- 
 vda - 02-03-07 06:34  
---------------------------------------------------------------------- 
With uclibc this enters infinite loop in exit():

int main() {
        gethostbyname("127.0.0.1");
        exit(1);
}

This does the same, with or without second fclose:

int main() {
        FILE* fp;
        char buf[4*1024];
        fp = fopen("/etc/resolv.conf", "r");
        fclose(fp);
        fp = fopen("/etc/hosts", "r");
//      fclose(fp);
        exit(1);
}

If even this can't work, all bets are off.
uclibc mailing list and maintainer were informed. Twice. 

---------------------------------------------------------------------- 
 espakman - 02-03-07 06:56  
---------------------------------------------------------------------- 
Bad.... but I don't see a call to networking code in tar.c. I will patch
uClibc with the code you propose anyway and report back.

The strange thing is that tar -t with busybox-1.2.1 and uClibc-0.9.28 did
work correct... 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
01-29-07 04:00  espakman       New Issue                                    
01-29-07 04:00  espakman       Status                   new => assigned     
01-29-07 04:00  espakman       Assigned To               => BusyBox         
01-29-07 17:00  vda            Note Added: 0002070                          
01-30-07 11:30  espakman       Note Added: 0002076                          
01-30-07 11:30  espakman       File Added: bbconfig                         
02-03-07 03:12  espakman       Note Added: 0002087                          
02-03-07 06:34  vda            Note Added: 0002089                          
02-03-07 06:56  espakman       Note Added: 0002090                          
======================================================================




More information about the busybox-cvs mailing list