kern/188443: [smbfs] Segfault with tail(1) when mmap(2) called
Garrett Cooper
yaneurabeya at gmail.com
Thu Apr 10 21:40:00 UTC 2014
>Number: 188443
>Category: kern
>Synopsis: [smbfs] Segfault with tail(1) when mmap(2) called
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 10 21:40:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Garrett Cooper
>Release: 11.0-CURRENT
>Organization:
n/a
>Environment:
FreeBSD fbsd-vm.zonarsystems.net 11.0-CURRENT FreeBSD 11.0-CURRENT #2 5dc0f18(atf): Tue Apr 8 18:39:49 PDT 2014 root at fbsd-vm.zonarsystems.net:/usr/obj/usr/src/sys/GENERIC i386
>Description:
When I try to tail a file it fails with a segfault when run against an smbfs share. It doesn't do that when I run it against UFS.
# ls -l /mnt/git/pjdfstest/typescript
-rwxr-xr-x 1 root wheel 103464 Apr 10 12:23 /mnt/git/pjdfstest/typescript
# truss tail -n 10 /mnt/git/pjdfstest/typescript
mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 671498240 (0x28064000)
issetugid(0x28063500,0xbfbfefc2,0x20,0x0,0x0,0x0) = 0 (0x0)
lstat("/etc",{ mode=drwxr-xr-x ,inode=240768,size=2560,blksize=32768 }) = 0 (0x0)
lstat("/etc/libmap.conf",{ mode=-rw-r--r-- ,inode=241195,size=47,blksize=32768 }) = 0 (0x0)
open("/etc/libmap.conf",O_CLOEXEC,027757761354) = 3 (0x3)
fstat(3,{ mode=-rw-r--r-- ,inode=241195,size=47,blksize=32768 }) = 0 (0x0)
mmap(0x0,47,PROT_READ,MAP_PRIVATE,3,0x0) = 671531008 (0x2806c000)
close(3) = 0 (0x0)
lstat("/usr",{ mode=drwxr-xr-x ,inode=1845888,size=512,blksize=32768 }) = 0 (0x0)
lstat("/usr/local",{ mode=drwxr-xr-x ,inode=1845909,size=512,blksize=32768 }) = 0 (0x0)
lstat("/usr/local/etc",{ mode=drwxr-xr-x ,inode=1935380,size=512,blksize=32768 }) = 0 (0x0)
lstat("/usr/local/etc/libmap.d",0xbfbfc9e0) ERR#2 'No such file or directory'
munmap(0x2806c000,47) = 0 (0x0)
open("/var/run/ld-elf.so.hints",O_CLOEXEC,00) = 3 (0x3)
read(3,"Ehnt\^A\0\0\0\M^@\0\0\0-\0\0\0\0"...,128) = 128 (0x80)
lseek(3,0x80,SEEK_SET) = 128 (0x80)
read(3,"/lib:/usr/lib:/usr/lib/compat:/u"...,45) = 45 (0x2d)
close(3) = 0 (0x0)
access("/lib/libc.so.7",0) = 0 (0x0)
open("/lib/libc.so.7",O_CLOEXEC,00) = 3 (0x3)
fstat(3,{ mode=-r--r--r-- ,inode=81600,size=1266916,blksize=32768 }) = 0 (0x0)
mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 671531008 (0x2806c000)
mmap(0x0,1347584,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) = 671535104 (0x2806d000)
mmap(0x2806d000,1241088,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE|MAP_PREFAULT_READ,3,0x0) = 671535104 (0x2806d000)
mmap(0x2819c000,24576,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0x12f000) = 672776192 (0x2819c000)
mmap(0x281a2000,81920,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 672800768 (0x281a2000)
munmap(0x2806c000,4096) = 0 (0x0)
close(3) = 0 (0x0)
munmap(0x2806b000,4096) = 0 (0x0)
mmap(0x0,69632,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 672882688 (0x281b6000)
sysarch(0xa,0xbfbfe334,0x28067500,0x280632b4,0xbfbfe358,0x2804d7f3) = 0 (0x0)
sigprocmask(SIG_BLOCK,SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2,0x0) = 0 (0x0)
sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0)
readlink("/etc/malloc.conf",0xbfbfdacf,1024) ERR#2 'No such file or directory'
issetugid(0x0,0xbfbfdacf,0x400,0x0,0x0,0x6d62696c) = 0 (0x0)
mmap(0x0,4194304,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 672952320 (0x281c7000)
munmap(0x281c7000,4194304) = 0 (0x0)
mmap(0x0,8384512,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 672952320 (0x281c7000)
munmap(0x281c7000,2330624) = 0 (0x0)
munmap(0x28800000,1859584) = 0 (0x0)
sigprocmask(SIG_BLOCK,SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2,0x0) = 0 (0x0)
sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0)
sigprocmask(SIG_BLOCK,SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2,0x0) = 0 (0x0)
sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0)
open("/mnt/git/pjdfstest/typescript",O_RDONLY,0666) = 3 (0x3)
fstat(3,{ mode=-rwxr-xr-x ,inode=2105247163,size=103464,blksize=4356 }) = 0 (0x0)
mmap(0x0,103464,PROT_READ,MAP_SHARED,3,0x0) = 672952320 (0x281c7000)
SIGNAL 11 (SIGSEGV)
process exit, rval = 0
# cp /mnt/git/pjdfstest/typescript /tmp/
# tail -10 /tmp/typescript
-------------------
/mnt/git/pjdfstest/tests/open/19.t (Wstat: 9984 Tests: 1 Failed: 0)
Non-zero exit status: 39
Parse errors: Bad plan. You planned 3 tests but ran 1.
Files=220, Tests=12214, 1008 wallclock secs ( 4.00 usr 2.86 sys + 30.90 cusr 253.62 csys = 291.38 CPU)
Result: FAIL
[root at fbsd-vm /tmp/foobar]# vim ^C
[root at fbsd-vm /tmp/foobar]# exit
Script done on Thu Apr 10 13:58:45 2014
>How-To-Repeat:
cd /path/to/smbfs/share
fetch -o typescript http://pastebin.com/download.php?i=Sr4YAmss
tail typescript
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list