[BusyBox 0000606]: mount -a crashes

bugs at busybox.net bugs at busybox.net
Mon Dec 19 11:56:09 UTC 2005


A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=606 
====================================================================== 
Reported By:                iggarpe
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   606
Category:                   Other
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             12-19-2005 03:23 PST
Last Modified:              12-19-2005 03:56 PST
====================================================================== 
Summary:                    mount -a crashes
Description: 
mount -a causes a crash, at least when used with the attached fstab.

Tested under Fedora Core 4 with latest glibc updates.

The crash is reported by glibc as follows:

*** glibc detected *** ./busybox: double free or corruption (top):
0x09116170 ***
======= Backtrace: =========
/lib/libc.so.6[0x97f124]
/lib/libc.so.6(__libc_free+0x77)[0x97f65f]
/lib/libc.so.6(fclose+0x148)[0x970c40]
./busybox[0x80adaf1]
./busybox[0x804ddfe]
======= Memory map: ========
001e2000-001e7000 r-xp 00000000 08:02 4611405    /lib/libcrypt-2.3.5.so
001e7000-001e8000 r-xp 00004000 08:02 4611405    /lib/libcrypt-2.3.5.so
001e8000-001e9000 rwxp 00005000 08:02 4611405    /lib/libcrypt-2.3.5.so
001e9000-00210000 rwxp 001e9000 00:00 0
0076c000-00775000 r-xp 00000000 08:02 4612099   
/lib/libgcc_s-4.0.2-20051126.so.1
00775000-00776000 rwxp 00009000 08:02 4612099   
/lib/libgcc_s-4.0.2-20051126.so.1
00801000-00802000 r-xp 00801000 00:00 0          [vdso]
008fe000-00918000 r-xp 00000000 08:02 4611314    /lib/ld-2.3.5.so
00918000-00919000 r-xp 00019000 08:02 4611314    /lib/ld-2.3.5.so
00919000-0091a000 rwxp 0001a000 08:02 4611314    /lib/ld-2.3.5.so
0091c000-00a3f000 r-xp 00000000 08:02 4611317    /lib/libc-2.3.5.so
00a3f000-00a41000 r-xp 00123000 08:02 4611317    /lib/libc-2.3.5.so
00a41000-00a43000 rwxp 00125000 08:02 4611317    /lib/libc-2.3.5.so
00a43000-00a45000 rwxp 00a43000 00:00 0
00a47000-00a6a000 r-xp 00000000 08:02 4611407    /lib/libm-2.3.5.so
00a6a000-00a6b000 r-xp 00022000 08:02 4611407    /lib/libm-2.3.5.so
00a6b000-00a6c000 rwxp 00023000 08:02 4611407    /lib/libm-2.3.5.so
08048000-08108000 r-xp 00000000 08:04 15681076  
/home/iggarpe/newroot/temp/busybox/busybox
08108000-0810b000 rw-p 000c0000 08:04 15681076  
/home/iggarpe/newroot/temp/busybox/busybox
0810b000-081ea000 rw-p 0810b000 00:00 0
09116000-09137000 rw-p 09116000 00:00 0          [heap]
b7e00000-b7e21000 rw-p b7e00000 00:00 0
b7e21000-b7f00000 ---p b7e21000 00:00 0
b7fbc000-b7fbe000 rw-p b7fbc000 00:00 0
b7fd4000-b7fd5000 rw-p b7fd4000 00:00 0
bf8bf000-bf8d5000 rw-p bf8bf000 00:00 0          [stack]
Aborted


====================================================================== 

---------------------------------------------------------------------- 
 iggarpe - 12-19-05 03:56  
---------------------------------------------------------------------- 
CHASED: it is very likely that this bug is not always reproducible since
its effects depend on the stack contents.

In general, goto's are a no-no, but in this particular case, goto usage
sucks big time. When the filesystem type is know, there is a "goto
mount_it_now". This label is INSIDE A LOOP, so, when the goto is executed,
the initialization code (i=0) of the loop is not executed, and i has an
undefined value. Then, ff the mount system call fails, the loop continues,
and since i is not initialized, files[i] points to god knows where, and
BOOM!. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
12-19-05 03:23  iggarpe        New Issue                                    
12-19-05 03:23  iggarpe        Status                   new => assigned     
12-19-05 03:23  iggarpe        Assigned To               => BusyBox         
12-19-05 03:23  iggarpe        File Added: fstab                            
12-19-05 03:56  iggarpe        Note Added: 0000799                          
======================================================================




More information about the busybox-cvs mailing list