[Toybox] ps crashes

enh enh at google.com
Thu Mar 9 10:31:49 PST 2017

Previous message (by thread): [Toybox] [PATCHES] cleanup passes on cut.
Next message (by thread): [Toybox] ps crashes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

i could have sworn i mentioned this already, but i can't find any
proof that i did.

i haven't seen this crash personally, but automated testing has seen
it a few times now:


pid: 25863, tid: 25863, name: ps  >>> ps <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x11
x0   0000000000000001  x1   000000557cc90468  x2   0000007fd2a2b1c8
x3   0000000000000100
x4   000000557cc9dd2c  x5   000000557ccbc7e0  x6   000000007361742f
x7   000000006b736174
x8   0000000000000001  x9   0000000000000001  x10  0000007193efca80
x11  0000000000000002
x12  0000000000000005  x13  0000007194400994  x14  0000007194400638
x15  0000000000000000
x16  000000719441e208  x17  00000071943751c0  x18  0000000000000000
x19  0000007193e350c0
x20  0000000000005820  x21  000000557ccbc7d0  x22  000000557ccb97a8
x23  0000000000000412
x24  0000000000000040  x25  0000007193e35010  x26  0000000000000000
x27  0000000000000000
x28  0000000000000000  x29  0000007fd2a2b2e0  x30  000000557cc90394
sp   0000007fd2a2b2b0  pc   000000557cc903bc  pstate 0000000060000000

Stack Trace:
  RELADDR           FUNCTION                     FILE:LINE
  00000000000353bc  get_threads+164
external/toybox/toys/posix/ps.c:905 (discriminator 1)
  000000000000dabc  dirtree_handle_callback+36
external/toybox/lib/dirtree.c:112
  000000000000dbc8  dirtree_recurse+128
external/toybox/lib/dirtree.c:156
  000000000000db14  dirtree_handle_callback+124
external/toybox/lib/dirtree.c:115
  00000000000347a0  ps_main+952
external/toybox/toys/posix/ps.c:1235
  0000000000013814  toy_exec+92
external/toybox/main.c:166 (discriminator 1)
  00000000000133d8  toybox_main+48
external/toybox/main.c:179 (discriminator 1)
  00000000000138dc  main+124                     external/toybox/main.c:237



given the 0x11, i'm assuming this is actually 0x10 (aka 16 aka
sizeof(void*)/2 aka struct dirtree::child) off DIRTREE_ABORTVAL.

but i still don't see how we end up with DIRTREE_ABORTVAL here, so i'm
not sure what the right fix is.

any ideas? (i'm assuming it's fallout from DIRTREE_SHUTUP, but haven't
worked out how so yet.)

-- 
Elliott Hughes - http://who/enh - http://jessies.org/~enh/
Android native code/tools questions? Mail me/drop by/add me as a reviewer.

Previous message (by thread): [Toybox] [PATCHES] cleanup passes on cut.
Next message (by thread): [Toybox] ps crashes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Toybox mailing list