Package: procps Version: 1:3.2.8-8 Severity: normal I was reading the blog post about systemd and tried the ps command listed there. It gave me a SIGSEGV as can be seen below. The minimum command-line needed to reproduce the crash seems to be 'ps f -o cgroup'.
p...@chianamo:~$ ps xaf -eo pid,user,args,cgroup Signal 11 (SEGV) caught by ps (procps version 3.2.8). Please send bug reports to <feedb...@lists.sf.net> or <alb...@users.sf.net> p...@chianamo:~$ gdb --args ps xaf -eo pid,user,args,cgroup GNU gdb (GDB) 7.0.1-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /bin/ps...done. (gdb) r Starting program: /bin/ps xaf -eo pid,user,args,cgroup Program received signal SIGSEGV, Segmentation fault. 0x00000000deadbeaf in ?? () (gdb) bt full #0 0x00000000deadbeaf in ?? () No symbol table info available. #1 0x00007ffff7bc5bf2 in readproctab2 (want_proc=0x4020aa <want_this_proc_pcpu>, want_task=0xdeadbeaf, PT=0x639130) at proc/readproc.c:1080 t = 0x6414e0 tmp = 0x641210 ptab = 0x646680 n_proc_alloc = 30 n_proc = 1 ttab = 0x648d30 n_task_alloc = 1 n_task = 0 data = 0x641210 n_alloc = 30 n_used = 1 pd = 0x4020aa #2 0x0000000000402df3 in fancy_spew () at ps/display.c:555 pd = 0x0 ptp = 0x639130 n = 0 i = 4096 #3 0x0000000000403084 in main (argc=4, argv=0x7fffffffdf98) at ps/display.c:619 No locals. (gdb) quit A debugging session is active. Inferior 1 [process 4039] will be killed. Quit anyway? (y or n) y p...@chianamo:~$ strace -f ps xaf -eo pid,user,args,cgroup execve("/bin/ps", ["ps", "xaf", "-eo", "pid,user,args,cgroup"], [/* 67 vars */]) = 0 brk(0) = 0x1e62000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b738f000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b738d000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=127425, ...}) = 0 mmap(NULL, 127425, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f79b736d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libproc-3.2.8.so", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320A\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=160864, ...}) = 0 mmap(NULL, 2247992, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f79b6f4f000 mprotect(0x7f79b6f60000, 2097152, PROT_NONE) = 0 mmap(0x7f79b7160000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11000) = 0x7f79b7160000 mmap(0x7f79b7161000, 77112, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f79b7161000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\353\1\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1379752, ...}) = 0 mmap(NULL, 3487784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f79b6bfb000 mprotect(0x7f79b6d45000, 2097152, PROT_NONE) = 0 mmap(0x7f79b6f45000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14a000) = 0x7f79b6f45000 mmap(0x7f79b6f4a000, 18472, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f79b6f4a000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b736c000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b736b000 arch_prctl(ARCH_SET_FS, 0x7f79b736b6f0) = 0 mprotect(0x7f79b6f45000, 16384, PROT_READ) = 0 mprotect(0x7f79b7390000, 4096, PROT_READ) = 0 munmap(0x7f79b736d000, 127425) = 0 brk(0) = 0x1e62000 brk(0x1e83000) = 0x1e83000 open("/proc/version", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b738c000 read(3, "Linux version 2.6.32-3-amd64 (De"..., 1024) = 139 close(3) = 0 munmap(0x7f79b738c000, 4096) = 0 open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3 read(3, "cpu 202954 757 82877 1729810 13"..., 8192) = 1201 close(3) = 0 open("/usr/lib/locale/locale-archive", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=4743680, ...}) = 0 mmap(NULL, 4743680, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f79b6774000 close(3) = 0 rt_sigaction(SIGSYS, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGPWR, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGIO, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGVTALRM, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGXFSZ, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGXCPU, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGURG, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGTTIN, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGCONT, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGCHLD, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGSTKFLT, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGTERM, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGALRM, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGUSR2, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGUSR1, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGFPE, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGBUS, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGABRT, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGTRAP, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGILL, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 rt_sigaction(SIGHUP, {0x401c64, ~[RTMIN RT_1], SA_RESTORER, 0x7f79b6c2cfc0}, NULL, 8) = 0 open("/proc/self/stat", O_RDONLY) = 3 read(3, "4064 (ps) R 4063 4063 3149 34820"..., 1023) = 217 close(3) = 0 ioctl(1, TIOCGWINSZ, {ws_row=45, ws_col=180, ws_xpixel=0, ws_ypixel=0}) = 0 ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0 geteuid() = 1000 open("/proc/uptime", O_RDONLY) = 3 lseek(3, 0, SEEK_SET) = 0 read(3, "10532.50 17298.10\n", 2047) = 18 open("/proc/sys/kernel/pid_max", O_RDONLY) = 4 read(4, "32768\n", 24) = 6 close(4) = 0 mmap(NULL, 139264, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b7349000 mprotect(0x7f79b736a000, 4096, PROT_NONE) = 0 open("/proc/meminfo", O_RDONLY) = 4 lseek(4, 0, SEEK_SET) = 0 read(4, "MemTotal: 1533996 kB\nMemF"..., 2047) = 1142 stat("/proc/self/task", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 open("/proc", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 5 fcntl(5, F_GETFD) = 0x1 (flags FD_CLOEXEC) getdents(5, /* 247 entries */, 32768) = 6320 stat("/proc/1", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 open("/proc/1/stat", O_RDONLY) = 6 read(6, "1 (init) S 0 1 1 0 -1 4202752 18"..., 1023) = 202 close(6) = 0 open("/proc/1/status", O_RDONLY) = 6 read(6, "Name:\tinit\nState:\tS (sleeping)\nT"..., 1023) = 727 close(6) = 0 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 6 connect(6, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(6) = 0 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 6 connect(6, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(6) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0644, st_size=513, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f79b738c000 read(6, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 513 read(6, "", 4096) = 0 close(6) = 0 munmap(0x7f79b738c000, 4096) = 0 open("/etc/ld.so.cache", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0644, st_size=127425, ...}) = 0 mmap(NULL, 127425, PROT_READ, MAP_PRIVATE, 6, 0) = 0x7f79b736d000 close(6) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libnss_compat.so.2", O_RDONLY) = 6 read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\23\0\0\0\0\0\0"..., 832) = 832 fstat(6, {st_mode=S_IFREG|0644, st_size=31616, ...}) = 0 mmap(NULL, 2127088, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f79b656c000 mprotect(0x7f79b6573000, 2093056, PROT_NONE) = 0 mmap(0x7f79b6772000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 6, 0x6000) = 0x7f79b6772000 close(6) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libnsl.so.1", O_RDONLY) = 6 read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\...@\0\0\0\0\0\0"..., 832) = 832 fstat(6, {st_mode=S_IFREG|0644, st_size=89064, ...}) = 0 mmap(NULL, 2194128, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f79b6354000 mprotect(0x7f79b6369000, 2093056, PROT_NONE) = 0 mmap(0x7f79b6568000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 6, 0x14000) = 0x7f79b6568000 mmap(0x7f79b656a000, 6864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f79b656a000 close(6) = 0 mprotect(0x7f79b6568000, 4096, PROT_READ) = 0 mprotect(0x7f79b6772000, 4096, PROT_READ) = 0 munmap(0x7f79b736d000, 127425) = 0 open("/etc/ld.so.cache", O_RDONLY) = 6 fstat(6, {st_mode=S_IFREG|0644, st_size=127425, ...}) = 0 mmap(NULL, 127425, PROT_READ, MAP_PRIVATE, 6, 0) = 0x7f79b736d000 close(6) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libnss_nis.so.2", O_RDONLY) = 6 read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \0\0\0\0\0\0"..., 832) = 832 fstat(6, {st_mode=S_IFREG|0644, st_size=43552, ...}) = 0 mmap(NULL, 2139320, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f79b6149000 mprotect(0x7f79b6153000, 2093056, PROT_NONE) = 0 mmap(0x7f79b6352000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 6, 0x9000) = 0x7f79b6352000 close(6) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libnss_files.so.2", O_RDONLY) = 6 read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p!\0\0\0\0\0\0"..., 832) = 832 fstat(6, {st_mode=S_IFREG|0644, st_size=47616, ...}) = 0 mmap(NULL, 2143624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f79b5f3d000 mprotect(0x7f79b5f48000, 2093056, PROT_NONE) = 0 mmap(0x7f79b6147000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 6, 0xa000) = 0x7f79b6147000 close(6) = 0 mprotect(0x7f79b6147000, 4096, PROT_READ) = 0 mprotect(0x7f79b6352000, 4096, PROT_READ) = 0 munmap(0x7f79b736d000, 127425) = 0 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 6 fcntl(6, F_GETFD) = 0x1 (flags FD_CLOEXEC) lseek(6, 0, SEEK_CUR) = 0 fstat(6, {st_mode=S_IFREG|0644, st_size=2419, ...}) = 0 mmap(NULL, 2419, PROT_READ, MAP_SHARED, 6, 0) = 0x7f79b738c000 lseek(6, 2419, SEEK_SET) = 2419 munmap(0x7f79b738c000, 2419) = 0 close(6) = 0 open("/proc/1/cmdline", O_RDONLY) = 6 read(6, "init [2]\0\0\0", 2047) = 11 close(6) = 0 open("/proc/1/cgroup", O_RDONLY) = 6 read(6, "", 2047) = 0 close(6) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- write(2, "\n\nSignal 11 (SEGV) caught by ps "..., 132 Signal 11 (SEGV) caught by ps (procps version 3.2.8). Please send bug reports to <feedb...@lists.sf.net> or <alb...@users.sf.net> ) = 132 exit_group(139) = ? p...@chianamo:~$ cat /proc/1/cgroup p...@chianamo:~$ cat /proc/1/status Name: init State: S (sleeping) Tgid: 1 Pid: 1 PPid: 0 TracerPid: 0 Uid: 0 0 0 0 Gid: 0 0 0 0 FDSize: 64 Groups: VmPeak: 10336 kB VmSize: 10332 kB VmLck: 0 kB VmHWM: 784 kB VmRSS: 752 kB VmData: 184 kB VmStk: 84 kB VmExe: 36 kB VmLib: 1792 kB VmPTE: 44 kB Threads: 1 SigQ: 1/11894 SigPnd: 0000000000000000 ShdPnd: 0000000000000000 SigBlk: 0000000000000000 SigIgn: fffffffe57f0d8fc SigCgt: 00000000280b2603 CapInh: 0000000000000000 CapPrm: ffffffffffffffff CapEff: fffffffffffffeff CapBnd: ffffffffffffffff Cpus_allowed: 3 Cpus_allowed_list: 0-1 Mems_allowed: 00000000,00000001 Mems_allowed_list: 0 voluntary_ctxt_switches: 2407 nonvoluntary_ctxt_switches: 98 Stack usage: 8 kB p...@chianamo:~$ cat /proc/1/cmdline init [2]p...@chianamo:~$ -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (700, 'testing'), (600, 'unstable'), (550, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-3-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages procps depends on: ii initscripts 2.87dsf-10 scripts for initializing and shutt ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libncurses5 5.7+20100313-2 shared libraries for terminal hand ii libncursesw5 5.7+20100313-2 shared libraries for terminal hand ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip Versions of packages procps recommends: ii psmisc 22.11-1 utilities that use the proc file s -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
