[Bug 243759] SIGBUS from "rpcinfo -m"

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Fri Jan 31 13:49:54 UTC 2020 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243759

            Bug ID: 243759
           Summary: SIGBUS from "rpcinfo -m"
           Product: Base System
           Version: 11.3-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs at FreeBSD.org
          Reporter: martin at lispworks.com

Running rpcinfo -m gets a SIGBUS with the following backtrace:

#0  xdr_rpcbs_rmtcalllist (xdrs=0x800e25418, objp=0xa486010001000000) at
/usr/src/lib/libc/rpc/rpcb_st_xdr.c:151
#1  0x0000000800902d3f in xdr_pointer (xdrs=0x800e25418, objpp=0x800fb91ec,
obj_size=<value optimized out>, xdr_obj=0x800871160 <xdr_rpcbs_rmtcalllist>) at
/usr/src/lib/libc/xdr/xdr_reference.c:97
#2  0x0000000800871260 in xdr_rpcbs_rmtcalllist (xdrs=0x800e25418, objp=<value
optimized out>) from /lib/libc.so.7
#3  0x0000000800902d3f in xdr_pointer (xdrs=0x800e25418, objpp=0x7fffffffe9c8,
obj_size=<value optimized out>, xdr_obj=0x800871160 <xdr_rpcbs_rmtcalllist>) at
/usr/src/lib/libc/xdr/xdr_reference.c:97
#4  0x0000000800871444 in xdr_rpcb_stat (xdrs=0x800e25418, objp=<value
optimized out>) at /usr/src/lib/libc/rpc/rpcb_st_xdr.c:220
#5  0x000000080090d04b in xdr_vector (xdrs=0x800e25418, basep=0x7fffffffe980
"\022\001", nelem=3, elemsize=80, xdr_elem=0x8008713c0 <xdr_rpcb_stat>) at
/usr/src/lib/libc/xdr/xdr_array.c:154
#6  0x000000080087147a in xdr_rpcb_stat_byvers (xdrs=<value optimized out>,
objp=<value optimized out>) at /usr/src/lib/libc/rpc/rpcb_st_xdr.c:256
#7  0x0000000800909d89 in clnt_vc_call (cl=0x800e2a000, proc=12,
xdr_args=0x401654 <xdr_void at plt>, args_ptr=0x0, xdr_results=0x401934
<xdr_rpcb_stat_byvers at plt>, results_ptr=0x7fffffffe980, timeout={tv_sec = 60,
tv_usec = 0}) at /usr/src/lib/libc/rpc/clnt_vc.c:432
#8  0x00000000004022c4 in main (argc=<value optimized out>,
argv=0x7fffffffeaf8) at /usr/src/usr.bin/rpcinfo/rpcinfo.c:1025
#9  0x0000000000401a2d in _start ()
#10 0x0000000800629000 in ?? ()
#11 0x0000000000000000 in ?? ()

I think the problem might be caused by base r173763, where the variable pnext
in xdr_rpcbs_rmtcalllist is uninitialized in 2 of the 3 calls to xdr_pointer. 
Probably ``pnext = &objp->next;'' should be moved outside the if statements.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list