[#4055] top (busybox) crashs

Submitted By: Yi Li

Open Date

2008-04-23 06:04:16 Close Date

2008-05-16 04:50:46

Priority:

Medium Assignee:

Yi Li

Status:

Closed Fixed In Release:

N/A

Found In Release:

N/A Release:

trunk

Category:

N/A Board:

EZKIT Lite

Processor:

BF548 Silicon Revision:

Is this bug repeatable?:

Yes Resolution:

Not reproducible

Uboot version or rev.:

Toolchain version or rev.:

trunk

App binary format:

N/A

Summary: top (busybox) crashs

Details:

uclinux-dist: Revision: 6611

linux: Revision: 4649

root:/> top

NULL pointer access (probably)

Deferred Exception context

CURRENT PROCESS:

COMM=top PID=277

TEXT = 0x00300000-0x0034bd14 DATA = 0x00930d14-0x0093435c

BSS = 0x0093435c-0x00960000 USER-STACK = 0x0097fed0

return address: [0x00000480]; contents of:

0x00000460: 9101 5401 9300 0010 0000 0000 0000 0000

0x00000470: 9101 5801 9300 0010 0000 0000 0000 0000

0x00000480: [0000] 0000 0000 0000 00a4 0000 0000 0000

0x00000490: 0000 0000 0000 0000 0000 0000 0000 0000

SEQUENCER STATUS: Not tainted

SEQSTAT: 00062027 IPEND: 0030 SYSCFG: 0006

HWERRCAUSE: 0x18

EXCAUSE : 0x27

RETE: <0x00000000> /* Maybe null pointer? */

RETN: <0x00f16000> /* unknown address */

RETX: <0x00000480> /* Maybe fixed code section */

RETS: <0x00337948> [ /bin/busybox + 0x37948 ]

PC : <0x00337950> [ /bin/busybox + 0x37950 ]

DCPLB_FAULT_ADDR: <0x00000000> /* Maybe null pointer? */

ICPLB_FAULT_ADDR: <0x00337950> [ /bin/busybox + 0x37950 ]

PROCESSOR STATE:

R0 : 00000000 R1 : 00000028 R2 : 28200038 R3 : 00000029

R4 : 0097fd34 R5 : 00003633 R6 : 00931f18 R7 : 00000044

P0 : 00000006 P1 : 00a1ff18 P2 : 0097f8d8 P3 : 00931f18

P4 : 00980e18 P5 : 00000000 FP : 0097f8d4 SP : 00f15f24

LB0: 00a1f619 LT0: 00a1f618 LC0: 00000000

LB1: 00a1d47f LT1: 00a1d47e LC1: 00000000

B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00a362f4

B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00a36320

B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000

B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000

A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000

USP : 0097f8a0 ASTAT: 02003025

Hardware Trace:

0 Target : <0x00004610> { _trap_c + 0x0 }

Source : <0xffa0064e> { _exception_to_level5 + 0x9e }

1 Target : <0xffa005b0> { _exception_to_level5 + 0x0 }

Source : <0xffa0050e> { _ex_trap_c + 0x72 }

2 Target : <0xffa0049c> { _ex_trap_c + 0x0 }

Source : <0xffa006d8> { _trap + 0x28 }

3 Target : <0xffa006b0> { _trap + 0x0 }

Source : <0x0033794e> [ /bin/busybox + 0x3794e ]

4 Target : <0x00337948> [ /bin/busybox + 0x37948 ]

Source : <0x00a1ff48> [ /lib/libuClibc-0.9.29.so + 0x1ff48 ]

5 Target : <0x00a1ff3c> [ /lib/libuClibc-0.9.29.so + 0x1ff3c ]

Source : <0x00a1f944> [ /lib/libuClibc-0.9.29.so + 0x1f944 ]

6 Target : <0x00a1f93c> [ /lib/libuClibc-0.9.29.so + 0x1f93c ]

Source : <0x00a1f9a4> [ /lib/libuClibc-0.9.29.so + 0x1f9a4 ]

7 Target : <0x00a1f982> [ /lib/libuClibc-0.9.29.so + 0x1f982 ]

Source : <0x00a1f972> [ /lib/libuClibc-0.9.29.so + 0x1f972 ]

8 Target : <0x00a1f946> [ /lib/libuClibc-0.9.29.so + 0x1f946 ]

Source : <0x00a1f916> [ /lib/libuClibc-0.9.29.so + 0x1f916 ]

9 Target : <0x00a1f908> [ /lib/libuClibc-0.9.29.so + 0x1f908 ]

Source : <0x00a1ff38> [ /lib/libuClibc-0.9.29.so + 0x1ff38 ]

10 Target : <0x00a1ff32> [ /lib/libuClibc-0.9.29.so + 0x1ff32 ]

Source : <0x00a1ff2a> [ /lib/libuClibc-0.9.29.so + 0x1ff2a ]

11 Target : <0x00a1ff18> [ /lib/libuClibc-0.9.29.so + 0x1ff18 ]

Source : <0x003080ae> [ /bin/busybox + 0x80ae ]

12 Target : <0x003080a6> [ /bin/busybox + 0x80a6 ]

Source : <0x00337944> [ /bin/busybox + 0x37944 ]

13 Target : <0x00337936> [ /bin/busybox + 0x37936 ]

Source : <0x0033781a> [ /bin/busybox + 0x3781a ]

14 Target : <0x00337804> [ /bin/busybox + 0x37804 ]

Source : <0x00a0c490> [ /lib/libuClibc-0.9.29.so + 0xc490 ]

15 Target : <0x00a0c47e> [ /lib/libuClibc-0.9.29.so + 0xc47e ]

Source : <0xffa00ba2> { __common_int_entry + 0xca }

Stack from 00f15f04:

00000006 ffa00652 ffa00ba4 00000044 0000ffff 0097fd2c 0097f8d4 00a0c47e

00000480 00000030 00062027 00000000 00f16000 00000480 00337950 00337948

00000000 02003025 00a1d47f 00a1f619 00a1d47e 00a1f618 00000000 00000000

00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000 00000000 00a36320 00a362f4 0097f8a0 0097f8d4 00000000 00980e18

Call Trace:

[<00003633>] _do_signal+0x9e3/0xcb4

SIGSEGV

Bellow patch can make top work, but I am not sure why it is commented out.

Index: busybox-1.10.1/libbb/procps.c

===================================================================

--- busybox-1.10.1/libbb/procps.c (revision 6611)

+++ busybox-1.10.1/libbb/procps.c (working copy)

@@ -226,8 +226,8 @@

if (n < 0)

break;

cp = strrchr(buf, ')'); /* split into "PID (cmd" and "<rest>" */

- /*if (!cp || cp[1] != ' ')

- break;*/

+ if (!cp || cp[1] != ' ')

+ break;

cp[0] = '\0';

if (sizeof(sp->comm) < 16)

BUG_comm_size();

Follow-ups

--- Yi Li 2008-04-23 06:47:38

The fix is not correct. "top" will not crash, however, the output of

"top" is not correct.

--- Yi Li 2008-04-24 03:36:15

Tried to build uclinux-dist trunk using 08r1-rc8 toolchain, still get failure

(after running top for a while):

NULL pointer access (probably) 0% 0% -/bin/sh

Deferred Exception context

CURRENT PROCESS:

COMM=top PID=282

TEXT = 0x00800000-0x0084bd3c DATA = 0x00e68d3c-0x00e6c394

BSS = 0x00e6c394-0x00e80000 USER-STACK = 0x00e9fed0

return address: [0x00837978]; contents of:

0x00837950: 321e 327e 6da7 3045 304f e3ff ff51 0c80

0x00837960: 189d 321e 6149 3047 e127 0044 e3fe 83ba

0x00837970: 3228 321e 6000 6141 [9b28] 3044 51f8 3047

0x00837980: e3fe 8293 321e 3008 6409 3007 6082 e300

SEQUENCER STATUS: Not tainted

SEQSTAT: 00060027 IPEND: 0030 SYSCFG: 0006

HWERRCAUSE: 0x18

EXCAUSE : 0x27

RETE: <0x00000000> /* Maybe null pointer? */

RETN: <0x00e64000> [ /lib/ld-uClibc-0.9.29.so + 0x6000 ]

RETX: <0x00000480> /* Maybe fixed code section */

RETS: <0x00837970> [ /bin/busybox + 0x37970 ]

PC : <0x00837978> [ /bin/busybox + 0x37978 ]

DCPLB_FAULT_ADDR: <0x00000000> /* Maybe null pointer? */

ICPLB_FAULT_ADDR: <0x00837978> [ /bin/busybox + 0x37978 ]

PROCESSOR STATE:

R0 : 00000000 R1 : 00000028 R2 : 20003732 R3 : 00000029

R4 : 00e9fd35 R5 : 00003633 R6 : 00e69f50 R7 : 00000044

P0 : 00000006 P1 : 002a2284 P2 : 00e9f8d8 P3 : 00e69f50

P4 : 00e190d8 P5 : 00000000 FP : 00e9f8d4 SP : 00e63f24

LB0: 002a1985 LT0: 002a1984 LC0: 00000000

LB1: 0029e077 LT1: 0029e076 LC1: 00000000

B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 002b9ba0

B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 002b9bcc

B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000

B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000

A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000

USP : 00e9f8a0 ASTAT: 02003025

Hardware Trace:

0 Target : <0x00004600> { _trap_c + 0x0 }

Source : <0xffa0064e> { _exception_to_level5 + 0x9e }

1 Target : <0xffa005b0> { _exception_to_level5 + 0x0 }

Source : <0xffa0050e> { _ex_trap_c + 0x72 }

2 Target : <0xffa0049c> { _ex_trap_c + 0x0 }

Source : <0xffa006d8> { _trap + 0x28 }

3 Target : <0xffa006b0> { _trap + 0x0 }

Source : <0x00837976> [ /bin/busybox + 0x37976 ]

4 Target : <0x00837970> [ /bin/busybox + 0x37970 ]

Source : <0x002a22b4> [ /lib/libuClibc-0.9.29.so + 0x222b4 ]

5 Target : <0x002a22a8> [ /lib/libuClibc-0.9.29.so + 0x222a8 ]

Source : <0x002a1cb0> [ /lib/libuClibc-0.9.29.so + 0x21cb0 ]

6 Target : <0x002a1ca8> [ /lib/libuClibc-0.9.29.so + 0x21ca8 ]

Source : <0x002a1d24> [ /lib/libuClibc-0.9.29.so + 0x21d24 ]

7 Target : <0x002a1cee> [ /lib/libuClibc-0.9.29.so + 0x21cee ]

Source : <0x002a1cde> [ /lib/libuClibc-0.9.29.so + 0x21cde ]

8 Target : <0x002a1cb2> [ /lib/libuClibc-0.9.29.so + 0x21cb2 ]

Source : <0x002a1c82> [ /lib/libuClibc-0.9.29.so + 0x21c82 ]

9 Target : <0x002a1c74> [ /lib/libuClibc-0.9.29.so + 0x21c74 ]

Source : <0x002a22a4> [ /lib/libuClibc-0.9.29.so + 0x222a4 ]

10 Target : <0x002a229e> [ /lib/libuClibc-0.9.29.so + 0x2229e ]

Source : <0x002a2296> [ /lib/libuClibc-0.9.29.so + 0x22296 ]

11 Target : <0x002a2284> [ /lib/libuClibc-0.9.29.so + 0x22284 ]

Source : <0x008080e8> [ /bin/busybox + 0x80e8 ]

12 Target : <0x008080e0> [ /bin/busybox + 0x80e0 ]

Source : <0x0083796c> [ /bin/busybox + 0x3796c ]

13 Target : <0x0083795e> [ /bin/busybox + 0x3795e ]

Source : <0x00837842> [ /bin/busybox + 0x37842 ]

14 Target : <0x0083782c> [ /bin/busybox + 0x3782c ]

Source : <0x0028d1b0> [ /lib/libuClibc-0.9.29.so + 0xd1b0 ]

15 Target : <0x0028d19e> [ /lib/libuClibc-0.9.29.so + 0xd19e ]

Source : <0xffa00ba2> { __common_int_entry + 0xca }

Stack from 00e63f04:

00000006 ffa00652 ffa00ba4 00000044 0000ffff 00e9fd2c 00e9f8d4 0028d19e

00000480 00000030 00060027 00000000 00e64000 00000480 00837978 00837970

00000000 02003025 0029e077 002a1985 0029e076 002a1984 00000000 00000000

00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000 00000000 002b9bcc 002b9ba0 00e9f8a0 00e9f8d4 00000000 00e190d8

Call Trace:

[<00003633>] _do_signal+0x9e3/0xcb4

SIGSEGV

--- Mike Frysinger 2008-04-24 03:46:11

what are you doing exactly ? just running `top` and letting it sit there ?

ive been using `top -d 1` the last couple days and havent seen any problems

--- Yi Li 2008-04-24 22:51:08

Yes. I just run "top" for a while or run "ps -ef" will lead

to this crash.

This bug does not happen always. But it happens frequently on one of the

BF548-EZkit (v1.3) boards.

I will assign the bug to me since it only happens to me.

--- Mike Frysinger 2008-04-25 00:19:50

can you only make it happen on the BF548-EZKits ? i've been using top a lot

lately, but only on the BF537-STAMP (2008R1 and trunk) ...

--- Yi Li 2008-04-25 05:01:29

It can only happen on one BF548-EZKIT 1.3 board. I tested with another

BF548-EZKIT-1.3 and BF548-EZKIT-1.1 board, both work well. So I tend to think

this may related with HW issue.

Files

Changes

Commits

Dependencies

Duplicates

Associations