ls -l segfault + [PATCH]

Denis Vlasenko vda.linux at googlemail.com
Mon Mar 19 20:50:14 UTC 2007


On Monday 19 March 2007 08:26, Jan Evert van Grootheest wrote:
> > >I propose the following:
> > >1) try latest svn
> > >2) add debug printouts to ls.c [using write, not printf!
> > >   printf can make such 'volatile' bugs disappear]:
> > > write(2, "HERE\n", 5);
> > >   by adding them here and there, rerunning ls, you
> > > will fairly quickly narrow it down.
> > >3) show results to the list
> > 
> > I have the same problem here and I narrowed it down to some 
> > point: It seems that the buffer bb_common_bufsiz1 will be 
> > overwritten if there are many files to be listed with <ls -l>.
> > 
> > Here it failes in list_single(struct dnode *dn)
> > when dn is wrong (looks like some previous ls printout is at 
> > dn, so it 
> > crashes)
> > When I increase BUFSIZ there is no crash.
> > 
> > My preferred change is to use line buffered stdout handling 
> > instead of block 
> > buffered:
> > bb/coreutils/ls.c line 795:
> > -     setvbuf(stdout, bb_common_bufsiz1, _IOFBF, BUFSIZ);
> > +    setvbuf(stdout, bb_common_bufsiz1, _IOLBF, BUFSIZ);

Just for paraniod reasons add to ls.c:

printf("%d = %d\n", BUFSIZ+1, sizeof(bb_common_bufsiz1));

Is it printing same numbers?

> > I don't know why this doesn't happen with ls or ls -la.
> > It seems strace changes the way stdout is handled so it 
> > doesn't crash there 
> > (and it does not crash in gdb :-()
> 
> Hmm, it crashes for me also with ls -la /bin...
> And it doesn't crash in strace (or gdb) here too.
> 
> I was also thinking about linebuffering. But that's
> because I have a serial console, so getting the
> output flowing sooner, rather than later, is good.
> Denis, any comments there?

You may delete setvbuf call, but it will only paper over
the problem. I guess "ls -l" will work, but "ls -l | cat"
will segfault.

Thus far it seems to be a bug in glibc (maybe only on ppc,
or only glibc 2.3.6, or only glibc 2.3.6-on-ppc).

Need more info (which versions of glibc and arches are affected).
--
vda



More information about the busybox mailing list