ls -l segfault

Jan Evert van Grootheest Jan-Evert.van.Grootheest at Vialis.nl
Wed Mar 14 11:01:38 UTC 2007


Hi all,
 
I'm having the same problem as discussed in thread http://busybox.net/lists/busybox/2007-February/026158.html.
Unfortunately, that thread ends inconclusive.
 
It's exactly as described there:
- large directories (like /bin) fail with ls -l and smaller ones (/etc) succeed
- it only fails when executed as 'ls -l /bin' and does not fail as 'busybox ls -l /bin'
- 'ls -l /bin' and 'cd /bin; ls -l' both fail
- other ls options do not cause failure (tested each option as single option)
 
Environment is linux 2.6.16.43  + Ingos -rt patch. Gcc 4.1.2, glibc 2.3.6. And busybox 1.4.1 with the 5 patches.
 
So I made a debug busybox.
(noticed that CONFIG_DEBUG_PESSIMIZE does not make a difference; the compiler command line is the same with and without)
And made a coredump:
(gdb) bt full
#0  showfiles (dn=0x80c2fe8, nfiles=254) at coreutils/ls.c:559
        i = 160
        ncols = 1
        nrows = 254
        row = 160
        nc = 0
        column = 0
        nexttab = 0
        column_width = 0
#1  0x08058f1d in showdirs (dn=0x80c2160, ndirs=1, first=1) at coreutils/ls.c:461
        i = 0
        nfiles = 135016424
        subdnp = (struct dnode **) 0x80c2fe8
        dndirs = <value optimized out>
        dnd = <value optimized out>
#2  0x0805933b in ls_main (argc=3, argv=0x80be66c) at coreutils/ls.c:941
        dnd = (struct dnode **) 0x80c2160
        dnf = (struct dnode **) 0x0
        dnp = <value optimized out>
        dn = <value optimized out>
        cur = <value optimized out>
        opt = <value optimized out>
        nfiles = 1
        dnfiles = 0
        dndirs = 1
        oi = <value optimized out>
        ac = <value optimized out>
        i = <value optimized out>
        av = (char **) 0x80be674
        tabstops_str = 0x0
        terminal_width_str = 0x0
        color_opt = 0x80be66c "<f\v\bLf\v\b\\f\v\b"
        dotdir = {0x80b41fe "."}
#3  0x08092d1b in tryexec (cmd=0xfe <Address 0xfe out of bounds>, argv=0x80c2fe8, envp=0x1) at shell/ash.c:3761
        a = <value optimized out>
        argc = <value optimized out>
#4  0x08092dcb in shellexec (argv=0xfe,
    path=0x80c2fe8 "12 15:19 \033[1;32mpppoe-discovery\033[0m\n-rwxr-xr-x    1 root     root         9912 Mar 12 15:19 \033[1;32mpppstats\033[0m\nlrwxrwxrwx    1 root     root", ' ' <repeats 12 times>, "7 Mar 14 08:49 \033[1;36mprintf\033[0m -> \033[1;32mbusy"..., idx=1) at shell/ash.c:3712
        cmdname = <value optimized out>
        e = <value optimized out>
        envp = (char **) 0x80be67c
        exerrno = <value optimized out>
#5  0x080c4fe5 in ?? ()
No symbol table info available.
#6  0x080c4f08 in ?? ()
No symbol table info available.
#7  0x080be66c in stackbase ()
No symbol table info available.
#8  0x00000000 in ?? ()
No symbol table info available.

It seems that show_files is at line 430 and list_single is inlined.
I also tried with valgrind. No problems reported. And it does not segfault, either.
 
I also made a binary that is compiled with -O0 (no optimization). It failed myteriously thus:
(gdb) bt full
#0  0x0805891a in openvt_main (argc=804208, argv=0xb7f95ae0) at console-tools/openvt.c:35
        fd = 0
        vtname = "\b\001\000\000\000ÿ\000\000\000¡\000\000"
#1  0x00000000 in ?? ()
This binary also works succesfully with valgrind. And without -l.
 
Where to continue from here?
Anybody with more knowledge of the internals of busybox with suggestions to try?
 
Thanks,
Jan Evert
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.busybox.net/pipermail/busybox/attachments/20070314/2c04bf06/attachment-0001.htm 


More information about the busybox mailing list