misc/138131: [patch] pstat -t coredumps when reading from kernel crashdump

Mon Aug 24 11:40:02 UTC 2009

>Number:         138131
>Category:       misc
>Synopsis:       [patch] pstat -t coredumps when reading from kernel crashdump
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Aug 24 11:40:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Mikolaj Golub
>Release:        7.2-STABLE but all versions are affected
>Organization:
>Environment:
FreeBSD zhuzha.ua1 7.2-STABLE FreeBSD 7.2-STABLE #2: Fri Jul  3 08:58:49 EEST 2009     root at zhuzha.ua1:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
"pstat -t -M <vmcore>" crashes with segmentation fault.

#0  0x0804912f in ttymode_kvm () at /usr/src/usr.sbin/pstat/pstat.c:249
249                     tp = TAILQ_NEXT(tp, t_list);
(gdb) list
244                     XT_COPY(ilowat);
245                     XT_COPY(ohiwat);
246                     XT_COPY(olowat);
247     #undef XT_COPY
248                     ttyprt(&xt);
249                     tp = TAILQ_NEXT(tp, t_list);
250             }
251     }
252
253     static void
(gdb) bt
#0  0x0804912f in ttymode_kvm () at /usr/src/usr.sbin/pstat/pstat.c:249
#1  0x08049274 in ttymode () at /usr/src/usr.sbin/pstat/pstat.c:282
#2  0x08048f56 in main (argc=0, argv=0xbfbfeda0) at /usr/src/usr.sbin/pstat/pstat.c:196

>How-To-Repeat:
pstat -t -M /dev/mem 

>Fix:
Attached patch fixes the problem.

Patch attached with submission follows:

--- usr.sbin/pstat/pstat.c.orig	2009-08-24 14:15:10.000000000 +0300
+++ usr.sbin/pstat/pstat.c	2009-08-24 14:16:10.000000000 +0300
@@ -246,7 +246,7 @@ ttymode_kvm(void)
 		XT_COPY(olowat);
 #undef XT_COPY
 		ttyprt(&xt);
-		tp = TAILQ_NEXT(tp, t_list);
+		tp = TAILQ_NEXT(&tty, t_list);
 	}
 }
 


>Release-Note:
>Audit-Trail:
>Unformatted:
