574544 – sys-process/htop-2.0.0 when run as root throws SIGABRT in setCommand (command=command@entry=0x7fffffffd1f0 "in:imuxsock", len=len@entry=11, process=0x6bbe00, process=0x6bbe00) at linux/LinuxProcessList.c:452

Bug 574544 - sys-process/htop-2.0.0 when run as root throws SIGABRT in setCommand (command=command@entry=0x7fffffffd1f0 "in:imuxsock", len=len@entry=11, process=0x6bbe00, process=0x6bbe00) at linux/LinuxProcessList.c:452

Summary: sys-process/htop-2.0.0 when run as root throws SIGABRT in setCommand (command...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Christian Ruppert (idl0r)

URL:	https://github.com/hishamhm/htop/issu...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-02-12 08:33 UTC by Marcin Mirosław
Modified:	2016-02-17 05:42 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Fix buffer reuse. (htop-2.0.0.patch,680 bytes, patch) 2016-02-16 05:28 UTC, Erik Zeek	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcin Mirosław 2016-02-12 08:33:32 UTC

When I run htop as user there is no problem. When I try to run htop as root I'm getting SIGABRT. 

Here is bt:
(gdb) bt
#0  0x00007ffff77744d7 in raise () from /lib64/libc.so.6
#1  0x00007ffff777591a in abort () from /lib64/libc.so.6
#2  0x00007ffff77b3448 in ?? () from /lib64/libc.so.6
#3  0x00007ffff77b8d36 in ?? () from /lib64/libc.so.6
#4  0x00007ffff77b953e in ?? () from /lib64/libc.so.6
#5  0x00000000004179a6 in setCommand (command=command@entry=0x7fffffffd1f0 "in:imuxsock", len=len@entry=11, process=0x6bbe00, process=0x6bbe00) at linux/LinuxProcessList.c:452
#6  0x000000000041913b in LinuxProcessList_recurseProcTree (this=this@entry=0x429020, dirname=dirname@entry=0x7fffffffdad0 "/proc/3220/task", parent=parent@entry=0x6bbc60, period=period@entry=9.5, tv=...) at linux/LinuxProcessList.c:608
#7  0x0000000000417c92 in LinuxProcessList_recurseProcTree (this=this@entry=0x429020, dirname=dirname@entry=0x41c0ef "/proc", parent=parent@entry=0x0, period=period@entry=9.5, tv=...) at linux/LinuxProcessList.c:538
#8  0x000000000041999c in ProcessList_goThroughEntries (super=super@entry=0x429020) at linux/LinuxProcessList.c:774
#9  0x000000000040f5d1 in ProcessList_scan (this=this@entry=0x429020) at ProcessList.c:317
#10 0x00000000004070e1 in main (argc=<optimized out>, argv=<optimized out>) at htop.c:228
(gdb) bt full
#0  0x00007ffff77744d7 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007ffff777591a in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00007ffff77b3448 in ?? () from /lib64/libc.so.6
No symbol table info available.
#3  0x00007ffff77b8d36 in ?? () from /lib64/libc.so.6
No symbol table info available.
#4  0x00007ffff77b953e in ?? () from /lib64/libc.so.6
No symbol table info available.
#5  0x00000000004179a6 in setCommand (command=command@entry=0x7fffffffd1f0 "in:imuxsock", len=len@entry=11, process=0x6bbe00, process=0x6bbe00) at linux/LinuxProcessList.c:452
No locals.
#6  0x000000000041913b in LinuxProcessList_recurseProcTree (this=this@entry=0x429020, dirname=dirname@entry=0x7fffffffdad0 "/proc/3220/task", parent=parent@entry=0x6bbc60, period=period@entry=9.5, tv=...) at linux/LinuxProcessList.c:608
        proc = 0x6bbe00
        command = "in:imuxsock\000\377\177\000\000\000\000\000\000\377\177\000\000\000\000\000\000\377\177\000\000\240\322\377\377\377\177", '\000' <repeats 14 times>, "\377\177\000\000\000\000\000\000\000\000\000\000\004\000\000\000\377\177\000\000\n\000\000\000\002\000\000\000\277\277A\000\000\000\000\000\000\000\000\000\002\000\000\000\360\322\377\377\377\177\000\000\000\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\005"
        commLen = 11
        lp = 0x6bbe00
        percent_cpu = <optimized out>
        name = <optimized out>
        preExisting = true
        subdirname = "/proc/3220/task/3221/task\000\377\377\377\177\000\000\272\277A\000\000\000\000\000\230\330\377\377\377\177\000\000\000\000\000\000\000\000\000\000'\204x\367\377\177\000\000\000\200\316\366\377\177\000\000\070\232\316\366\377\177\000\000x\322\377\377\377\177\000\000h\322\377\377\377\177\000\000\210\322\377\377\377\177\000\000x\322\377\377\377\177\000\000\000\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000\220"
        pl = 0x429020
        dir = 0x6e70c0
        entry = <optimized out>
        settings = 0x429a60
        curTime = 1455265889
        now = 1455265889250
        cpus = 4
        hideKernelThreads = false
        hideUserlandThreads = false
#7  0x0000000000417c92 in LinuxProcessList_recurseProcTree (this=this@entry=0x429020, dirname=dirname@entry=0x41c0ef "/proc", parent=parent@entry=0x0, period=period@entry=9.5, tv=...) at linux/LinuxProcessList.c:538
        proc = 0x6bbc60
        command = "zil_clean\000e\000up_", '\000' <repeats 25 times>, "\300\334\377\377\377\177\000\000@\205\255\367\377\177\000\000\000\000\000\000\000\000\000\000u\205\255\367\377\177\000\000\000\000\000\000\003\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\003\000\000\000\224\323A\000\000\000\000\000\360\331\377\377\377\177", '\000' <repeats 18 times>, "\220"
        commLen = <optimized out>
        lp = 0x6bbc60
        percent_cpu = <optimized out>
        name = 0x69f01b "3220"
        preExisting = true
        subdirname = "/proc/3220/task\000M\323A\000\000\000\000\000sdy\367\377\177\000\000M\323A\000\000\000\000\000sdy\367\377\177\000\000\002\323A\000\000\000\000\000sdy\367\377\177\000\000\260\200B\000\000\000\000\000{\335\377\377\377\177\000\000\001\000\000\000\000\000\000\000\213\335\377\377\000\000\000\000\001", '\000' <repeats 23 times>, "bG\212\367\377\177\000\000"
        pl = 0x429020
        dir = 0x69d890
        entry = <optimized out>
        settings = 0x429a60
        curTime = 1455265889
        now = 1455265889250
        cpus = 4
        hideKernelThreads = false
        hideUserlandThreads = false
#8  0x000000000041999c in ProcessList_goThroughEntries (super=super@entry=0x429020) at linux/LinuxProcessList.c:774
        this = 0x429020
        period = 9.5
        tv = {tv_sec = 1455265889, tv_usec = 250401}
#9  0x000000000040f5d1 in ProcessList_scan (this=this@entry=0x429020) at ProcessList.c:317
No locals.
#10 0x00000000004070e1 in main (argc=<optimized out>, argv=<optimized out>) at htop.c:228
        lc_ctype = <optimized out>
        flags = {pidWhiteList = 0x0, userId = <optimized out>, sortKey = <optimized out>, delay = <optimized out>, useColors = true}
        ut = 0x428f30
        pl = 0x429020
        settings = 0x429a60
        header = 0x42abf0
        panel = 0x6997a0
        state = {settings = 0x429a60, ut = 0x428f30, pl = 0x429020, panel = 0x6997a0, header = 0x42abf0}
        scr = 0x69d7b0
(gdb)

Reproducible: Always




# emerge --info
Portage 2.2.27 (python 3.4.3-final-0, default/linux/amd64/13.0/desktop/kde, gcc-4.9.3, glibc-2.22-r1, 4.4.1-gentoo x86_64)
=================================================================
System uname: Linux-4.4.1-gentoo-x86_64-Intel-R-_Core-TM-2_Quad_CPU_Q6600_@_2.40GHz-with-gentoo-2.2
Timestamp of repository gentoo: Fri, 12 Feb 2016 07:00:01 +0000
sh bash 4.3_p42-r2
ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1
ccache version 3.2.4 [enabled]
app-shells/bash:          4.3_p42-r2::gentoo
dev-java/java-config:     2.2.0::gentoo
dev-lang/perl:            5.22.1::gentoo
dev-lang/python:          2.7.11-r2::gentoo, 3.4.3-r7::gentoo
dev-util/ccache:          3.2.4::gentoo
dev-util/cmake:           3.4.3::gentoo
dev-util/pkgconfig:       0.29::gentoo
sys-apps/baselayout:      2.2::gentoo
sys-apps/openrc:          0.20.4::gentoo
sys-apps/sandbox:         2.10-r1::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69-r1::gentoo
sys-devel/automake:       1.11.6-r2::gentoo, 1.13.4::gentoo, 1.14.1::gentoo, 1.15-r1::gentoo
sys-devel/binutils:       2.25.1-r1::gentoo
sys-devel/gcc:            4.9.3::gentoo, 5.3.0::gentoo
sys-devel/gcc-config:     1.8-r1::gentoo
sys-devel/libtool:        2.4.6-r1::gentoo
sys-devel/make:           4.1-r1::gentoo
sys-kernel/linux-headers: 4.4::gentoo (virtual/os-headers)
sys-libs/glibc:           2.22-r1::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: rsync
    sync-uri: rsync://192.168.138.254/gentoo-portage
    priority: -1000
    sync-rsync-extra-opts: -O

ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=native -pipe -fpeel-loops              -fuse-linker-plugin -fuse-ld=gold -fvar-tracking-assignments -gdwarf-4"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.5/ext-active/ /etc/php/apache2-php5.6/ext-active/ /etc/php/cgi-php5.5/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cli-php5.5/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -pipe -fpeel-loops              -fuse-linker-plugin -fuse-ld=gold -fvar-tracking-assignments -gdwarf-4"
DISTDIR="/usr/portage/distfiles"
FCFLAGS="-O2 -march=native -pipe -fpeel-loops              -fuse-linker-plugin -fuse-ld=gold -fvar-tracking-assignments -gdwarf-4"
FEATURES="assume-digests binpkg-logs ccache cgroup collision-protect compressdebug config-protect-if-modified distlocks downgrade-backup ebuild-locks fixlafiles news parallel-fetch parallel-install preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -march=native -pipe -fpeel-loops              -fuse-linker-plugin -fuse-ld=gold -fvar-tracking-assignments -gdwarf-4"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="-O"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac acl acpi aio alsa amd64 apm async bash-completion bittorrent branding bzip2 cairo caps cdda cdr chroot cli consolekit crypt cups cxx dbus declarative dmx dri dvd dvdr emboss encode exif fam firefox ftp gif glamor glibc-omitfp gpl gpm graphite gstreamer iconv idn iproute2 ipv6 ithreads jit jpeg kde kipi laptop lcms libnotify lightning logrotate mad mmap mmx mmxext mng modules mp3 mp4 mpeg multilib ncurses network-cron nls nptl nsplugin nspluginwrapper objc ogg opengl openmp openssl optimization optimized-qmake pam pango pcre pdf phonon plasma png policykit ppds python3 qt3support qt4 readline samba sdl seccomp semantic-desktop session sharedmem smp spell sse sse2 ssl startup-notification svg threads threadsafe tiff tools truetype udev udisks unicode unwind upower urandom usb vim vim-pager vim-syntax vorbis wxwidgets x264 xattr xcb xcomposite xinerama xml xscreensaver xv xvid zip zlib" ABI_X86="32 64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cgid dav dbd deflate dir env expires ext_filter filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id usertrack vhost_alias" APACHE2_MPMS="worker" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 ssse3" DRACUT_MODULES="caps lvm mdraid" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="pl en es es_ES" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" USERLAND="GNU" VIDEO_CARDS="nvidia fbdev nouveau" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, USE_PYTHON

Comment 1 Jeroen Roovers (RETIRED) gentoo-dev

2016-02-12 09:11:10 UTC

Works for me. What is special about process 3220 or specifically its task list?

Why does libc abort? Is the crash caused by a double free?

Comment 2 Marcin Mirosław 2016-02-12 09:31:31 UTC

(In reply to Jeroen Roovers from comment #1)
> Works for me. What is special about process 3220 or specifically its task
> list?

pid 3220 belongs to rsyslog:
root      3220  0.0  0.0 317632  1196 ?        Ssl  lut10   0:00 /usr/sbin/rsyslogd -f /etc/rsyslog.conf -i /run/rsyslogd.pid

When I stop rsyslog then htop still crashes. Now at process "gmain".
 
> Why does libc abort? 

I don't know, how can I debug it?

> Is the crash caused by a double free?

I can't see such message, so rather no.

Could it be related to kernel version/configuration? Like: CONFIG_PROC_CHILDREN ?
I'll try to check it.

Comment 3 Marcin Mirosław 2016-02-12 09:45:30 UTC

No, CONFIG_PROC_CHILDREN doesn't matter. On kernel 4.2.6 htop also has troubles. I tried gcc-5.3.0, clang-9999, no change.

Comment 4 Marcin Mirosław 2016-02-12 09:55:29 UTC

On other host (hardened, amd64) I have the same problem.

Comment 5 Marcin Mirosław 2016-02-12 10:50:05 UTC

Ok, try check two options in setup:
"Show custom thread names" and next "Update process names on every refresh".

Comment 6 Marcin Mirosław 2016-02-13 09:58:29 UTC

Fix: https://github.com/hishamhm/htop/commit/0e3cf6975f96291fa203332aad9e44086ff8f2f2

Comment 7 Erik Zeek 2016-02-16 05:28:54 UTC

Created attachment 425614 [details, diff]
Fix buffer reuse.

Comment 8 Erik Zeek 2016-02-16 05:31:31 UTC

(In reply to Erik Zeek from comment #7)
> Created attachment 425614 [details, diff] [details, diff]
> Fix buffer reuse.

Oops forgot to actually write the message.

The commit at 0e3cf6975 didn't fix the crash for me. I used git bisect to trace it to 0b70439316. The patch I've attached is that commit.

Comment 9 Jeroen Roovers (RETIRED) gentoo-dev

2016-02-16 15:17:22 UTC

commit dfb0fda447041b8658d13919e348a04f56cf1073
Author: Jason A. Donenfeld <zx2c4@gentoo.org>
Date:   Tue Feb 16 15:36:41 2016 +0100

    sys-process/htop: do not crash on startup

    Certain htoprc files trigger a crash at startup. Upstream's instruction
    is to include this commit until a new version is released.

Comment 10 Jeroen Roovers (RETIRED) gentoo-dev

2016-02-16 15:18:41 UTC

Jason forgot to do a revision bump...

Comment 11 Jason A. Donenfeld gentoo-dev

2016-02-16 22:33:47 UTC

I did do a revision bump, actually, resulting in the -r1:

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dfb0fda447041b8658d13919e348a04f56cf1073

Comment 12 Jeroen Roovers (RETIRED) gentoo-dev

2016-02-17 05:42:20 UTC

(In reply to Jason A. Donenfeld from comment #11)
> I did do a revision bump, actually, resulting in the -r1:
> 
> https://gitweb.gentoo.org/repo/gentoo.git/commit/
> ?id=dfb0fda447041b8658d13919e348a04f56cf1073

I must have misread git output.