Here is a gdb backtrace. I could easy reproduce the crash by stating top in a xterm or Eterm and sizing the window from down to top as small as possible. I use E17 here, but I don't think that's a reason. And aware, it's not possible to reproduce it while debugging top with gdb. I created the following from the generated core file: (gdb) core core (no debugging symbols found) Core was generated by `top'. Program terminated with signal 6, Aborted. warning: Can't read pathname for load map: Eingabe-/Ausgabefehler. Reading symbols from /lib/libproc-3.2.5.so...(no debugging symbols found)...done. Loaded symbols for /lib/libproc-3.2.5.so Reading symbols from /lib/libncurses.so.5...(no debugging symbols found)...done. Loaded symbols for /lib/libncurses.so.5 Reading symbols from /lib/libc.so.6... (no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/libgpm.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libgpm.so.1 Reading symbols from /lib/ld-linux.so.2... (no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /lib/libnss_compat.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_compat.so.2 Reading symbols from /lib/libnsl.so.1... (no debugging symbols found)...done. Loaded symbols for /lib/libnsl.so.1 Reading symbols from /lib/libnss_nis.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libnss_nis.so.2 Reading symbols from /lib/libnss_files.so.2... (no debugging symbols found)...done. Loaded symbols for /lib/libnss_files.so.2 #0 0xb7df95f1 in kill () from /lib/libc.so.6 (gdb) bt #0 0xb7df95f1 in kill () from /lib/libc.so.6 #1 0xb7df91c5 in raise () from /lib/libc.so.6 #2 0xb7dfa9f0 in abort () from /lib/libc.so.6 #3 0xb7e2b1b9 in __fsetlocking () from /lib/libc.so.6 #4 0xb7e34c39 in mallopt () from /lib/libc.so.6 #5 0xb7e3407d in mallopt () from /lib/libc.so.6 #6 0xb7e32792 in realloc () from /lib/libc.so.6 #7 0x0804b291 in ?? () #8 0x08058c98 in ?? () #9 0x00000091 in ?? () #10 0xbfe6f9e8 in ?? () #11 0x0804def4 in ?? () #12 0x08058c98 in ?? () #13 0x00000091 in ?? () #14 0xbfe6f614 in ?? () #15 0xb7ee1ff4 in ?? () from /lib/libc.so.6 #16 0xbfe6f638 in ?? () #17 0xb7e22a14 in fflush () from /lib/libc.so.6 #18 0xb7de556d in __libc_start_main () from /lib/libc.so.6 #19 0x08049821 in ?? () Here is my emerge info: Portage 2.0.54 (default-linux/x86/2005.0, gcc-3.3.6, glibc-2.3.5-r2, 2.6.13-gentoo-r3-1 i686) ================================================================= System uname: 2.6.13-gentoo-r3-1 i686 AMD Duron(tm) Gentoo Base System version 1.6.14 ccache version 2.3 [enabled] dev-lang/python: 2.3.5-r2, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/texmf/web2c /etc/env.d" CXXFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache distcc distlocks sandbox sfperms strict" GENTOO_MIRRORS="ftp://ftp.easynet.nl/mirror/gentoo/ http://ftp.easynet.nl/mirror/gentoo/ http://gentoo.inode.at/ ftp://gentoo.inode.at/source/" LANG="de_DE@euro" LC_ALL="de_DE@euro" LINGUAS="de" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 3dnow X aalib acpi alsa apm athena audiofile avi berkdb bitmap-fonts bonobo bzip2 cairo cdr crypt cups curl dga dmx dnd dri dv dvd dvdr eds emboss encode esd exif expat f77 faad fam fbcon ffmpeg firefox foomaticdb fortran freetype gd gdbm ggi gif glut gmp gnome gnomedb gphoto2 gpm gstreamer gtk gtk2 gtkhtml guile hal idn imagemagick imlib ipv6 isdnlog java joystick jpeg jpeg2k lcms libcaca libg++ libsamplerate libwww lua mad maildir mbox mikmod mmx mng mozilla moznoirc moznomail mozp3p mozsvg mp3 mpeg mule nas ncurses neXt nls nvidia objc ogg oggvorbis openal opengl oss pam pcre pdflib perl plotutils png povray pppd python qt quicktime readline ruby sasl scanner sdk sdl slang spell sqlite sse ssl stencil-buffer svg tcltk tcpd tetex tiff truetype truetype-fonts type1-fonts udev unicode usb vorbis wmf xface xine xinerama xml xml2 xmms xprint xrandr xv xvid zlib linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LDFLAGS, MAKEOPTS
I can still produce this top. 1. Start top 2. Resize your terminal to 5 rows or less. 3. Segfault. Seeing about tracing now.
Useful backtrace, with procps-3.2.7* #0 0x0000003e57431535 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x0000003e574329e0 in *__GI_abort () at abort.c:88 #2 0x0000003e5746b0cb in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:170 #3 0x0000003e574702fd in malloc_printerr (action=<value optimized out>, str=<value optimized out>, ptr=<value optimized out>) at malloc.c:5949 #4 0x0000003e57472656 in _int_malloc (av=<value optimized out>, bytes=<value optimized out>) at malloc.c:4207 #5 0x0000003e574743b0 in *__GI___libc_malloc (bytes=<value optimized out>) at malloc.c:3551 #6 0x0000003e57433457 in *__GI_qsort_r (b=<value optimized out>, n=<value optimized out>, s=<value optimized out>, cmp=<value optimized out>, arg=<value optimized out>) at msort.c:219 #7 0x000000000040479c in window_show (ppt=0x24439a0, q=0x6106e0, lscr=0x7ffff671919c) at top.c:3207 #8 0x0000000000406dfa in frame_make () at top.c:3305 #9 0x00000000004099f2 in main (dont_care_argc=<value optimized out>, argv=0x7ffff6719b38) at top.c:3361
Sort function that is triggering the crash maybe: $2 = (const QFP_t) 0x40272f <sort_P_CPU>
Nope, all sorts of sort functions can trigger it. This bug needs to be elevated to upstream I think. In more details about the trigger condition: 1. Start top 2. Resize the number of rows in your terminal, so that your number of rows smaller than the number of non-blank summary rows BEFORE the table header. eg: 8 rows of data = terminal rows=7 causes crash 5 rows of data = terminal rows=4 causes crash
i had reproduced it at the time and looked through the source a bit, but i find the procps tree to be horrible to dig through. i dont recall if i reported it upstream however ...
Created attachment 177464 [details, diff] procps-3.2.7-top-resize.patch The attached debian patch fixes this (just checked with 3.2.7 on a local overlay)
Appears to have been fixed in >=sys-process/procps-3.3.2_p2.