[Bug 1242746] Re: SIGSEGV when file2str reads zero bytes
John-Mark Bell
1242746 at bugs.launchpad.net
Wed Oct 30 13:37:45 UTC 2013
I've tested this on Precise by running the attached script.
With the old package version (1:3.2.8-11ubuntu6.1) this caused top to crash after about 90 minutes.
With the new package version (1:3.2.8-11ubuntu6.3), it's been running without incident for the last 24 hours.
Note, that as we're dealing with a race between top reading the contents
of proc and processes being spawned/destroyed, it's tricky to reproduce
in a controlled manner, so I went for the brute-force approach.
Nothing else appears untoward with the new version.
** Attachment added: "Testscript for this issue"
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1242746/+attachment/3895695/+files/1242746-test.sh
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1242746
Title:
SIGSEGV when file2str reads zero bytes
Status in “procps” package in Ubuntu:
Fix Released
Status in “procps” source package in Precise:
Fix Committed
Status in “procps” source package in Quantal:
Fix Committed
Status in “procps” source package in Raring:
Fix Committed
Status in “procps” source package in Saucy:
Fix Committed
Bug description:
[Impact]
* various procps utilities crashing with a SIGSEGV if the file2str function in
proc/readproc.c when it reads zero bytes
* This is a regression introduced with (LP: #1150413)
* The upload checks for zero length reads and now returns -1 instead of 0, like it used
to.
[Test Case]
* This does not happen often enough to create a real testcase, but some users have
reported that repeatedly running top has occassionally exhibited this problem.
[Regression Potential]
* Minimal, as this reverts file2str to original behavior in the case of zero length
reads.
[Other Info]
* This patch is backported from upstream
_________________________________________________________________________________________
The changes made in the following commit, which backported a number of changes to the procps package in precise, result in various procps utilities crashing with a SIGSEGV if the file2str function in proc/readproc.c reads zero bytes.
http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/procps
/precise-updates/revision/61
This corresponds to the following procps package version:
1:3.2.8-11ubuntu6.1
Prior to this changeset, file2str would return -1 if the read failed;
now it does not, which is not expected by other parts of the procps
codebase, hence the crash.
Upstream have fixed this issue in the following commit:
https://www.gitorious.org/procps/procps/commit/526bc5dfa924177e68be0123bd67e3370955f924
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1242746/+subscriptions
More information about the foundations-bugs
mailing list