[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
** Changed in: ksh (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
Fix Released
Status in ksh source package in Trusty:
Fix Released
Status in ksh source package in Xenial:
Fix Released
Status in ksh source package in Yakkety:
Fix Released
Status in ksh source package in Zesty:
Fix Released
Status in ksh source package in Artful:
Fix Released
Status in ksh package in Debian:
Fix Released
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once
in a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* Regression risk : low/none expected, the package has been
highly/intensively tested by a user who run over 18M ksh scripts a day
on each of their clusters.
+
* Secondly, I doubt ksh has much traction nowadays, so if a regression
occurs... It will most likely be limited to a small amount of users IMHO.
For instance, the bug has been reported 3 years ago for Red Hat, and we,
Ubuntu, only heard about this same situation for the first time a few weeks ago.
+
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
* A test package including the RH fix has been intensively tested and
verified (pre-SRU) by an affected user with positive feedbacks using a
reproducer that segfault without the RH patch.
+
* Test package (pre-SRU) feedbacks :
https://bugs.launchpad.net/ubuntu/xenial/+source/ksh/+bug/1697501/comments/7
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
* Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1697501/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
This bug was fixed in the package ksh - 93u+20120801-2ubuntu0.16.10.1
---
ksh (93u+20120801-2ubuntu0.16.10.1) yakkety; urgency=medium
* d/p/locking.patch: Fix job locking mechanism to prevent
ksh to segfaults in job_chksave after receiving SIGCHLD. (LP: #1697501)
-- Eric Desrochers Tue, 04 Jul 2017
15:08:52 -0400
** Changed in: ksh (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
Fix Released
Status in ksh source package in Trusty:
Fix Released
Status in ksh source package in Xenial:
Fix Released
Status in ksh source package in Yakkety:
Fix Released
Status in ksh source package in Zesty:
Fix Released
Status in ksh source package in Artful:
Fix Released
Status in ksh package in Debian:
New
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once
in a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* Regression risk : low/none expected, the package has been
highly/intensively tested by a user who run over 18M ksh scripts a day
on each of their clusters.
+
* Secondly, I doubt ksh has much traction nowadays, so if a regression
occurs... It will most likely be limited to a small amount of users IMHO.
For instance, the bug has been reported 3 years ago for Red Hat, and we,
Ubuntu, only heard about this same situation for the first time a few weeks ago.
+
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
* A test package including the RH fix has been intensively tested and
verified (pre-SRU) by an affected user with positive feedbacks using a
reproducer that segfault without the RH patch.
+
* Test package (pre-SRU) feedbacks :
https://bugs.launchpad.net/ubuntu/xenial/+source/ksh/+bug/1697501/comments/7
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
* Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+s
[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
This bug was fixed in the package ksh - 93u+20120801-2ubuntu1
---
ksh (93u+20120801-2ubuntu1) zesty; urgency=medium
* d/p/locking.patch: Fix job locking mechanism to prevent
ksh to segfaults in job_chksave after receiving SIGCHLD. (LP: #1697501)
-- Eric Desrochers Tue, 04 Jul 2017
15:08:52 -0400
** Changed in: ksh (Ubuntu Zesty)
Status: Fix Committed => Fix Released
** Changed in: ksh (Ubuntu Yakkety)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
Fix Released
Status in ksh source package in Trusty:
Fix Released
Status in ksh source package in Xenial:
Fix Released
Status in ksh source package in Yakkety:
Fix Released
Status in ksh source package in Zesty:
Fix Released
Status in ksh source package in Artful:
Fix Released
Status in ksh package in Debian:
New
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once
in a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* Regression risk : low/none expected, the package has been
highly/intensively tested by a user who run over 18M ksh scripts a day
on each of their clusters.
+
* Secondly, I doubt ksh has much traction nowadays, so if a regression
occurs... It will most likely be limited to a small amount of users IMHO.
For instance, the bug has been reported 3 years ago for Red Hat, and we,
Ubuntu, only heard about this same situation for the first time a few weeks ago.
+
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
* A test package including the RH fix has been intensively tested and
verified (pre-SRU) by an affected user with positive feedbacks using a
reproducer that segfault without the RH patch.
+
* Test package (pre-SRU) feedbacks :
https://bugs.launchpad.net/ubuntu/xenial/+source/ksh/+bug/1697501/comments/7
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
* Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
To manage notificat
[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
This bug was fixed in the package ksh - 93u+20120801-1ubuntu0.14.04.1
---
ksh (93u+20120801-1ubuntu0.14.04.1) trusty; urgency=medium
* d/p/locking.patch: Fix job locking mechanism to prevent
ksh to segfaults in job_chksave after receiving SIGCHLD. (LP: #1697501)
-- Eric Desrochers Fri, 23 Jun 2017
16:01:04 -0400
** Changed in: ksh (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
Fix Released
Status in ksh source package in Trusty:
Fix Released
Status in ksh source package in Xenial:
Fix Committed
Status in ksh source package in Yakkety:
Fix Committed
Status in ksh source package in Zesty:
Fix Committed
Status in ksh source package in Artful:
Fix Released
Status in ksh package in Debian:
New
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once
in a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* Regression risk : low/none expected, the package has been
highly/intensively tested by a user who run over 18M ksh scripts a day
on each of their clusters.
+
* Secondly, I doubt ksh has much traction nowadays, so if a regression
occurs... It will most likely be limited to a small amount of users IMHO.
For instance, the bug has been reported 3 years ago for Red Hat, and we,
Ubuntu, only heard about this same situation for the first time a few weeks ago.
+
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
* A test package including the RH fix has been intensively tested and
verified (pre-SRU) by an affected user with positive feedbacks using a
reproducer that segfault without the RH patch.
+
* Test package (pre-SRU) feedbacks :
https://bugs.launchpad.net/ubuntu/xenial/+source/ksh/+bug/1697501/comments/7
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
* Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/
[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
This bug was fixed in the package ksh - 93u+20120801-3.1ubuntu1
---
ksh (93u+20120801-3.1ubuntu1) artful; urgency=medium
* d/p/locking.patch: Fix job locking mechanism to prevent
ksh to segfaults in job_chksave after receiving SIGCHLD. (LP: #1697501)
-- Eric Desrochers Tue, 04 Jul 2017
12:42:47 -0400
** Changed in: ksh (Ubuntu Artful)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
Fix Released
Status in ksh source package in Trusty:
In Progress
Status in ksh source package in Xenial:
In Progress
Status in ksh source package in Yakkety:
In Progress
Status in ksh source package in Zesty:
In Progress
Status in ksh source package in Artful:
Fix Released
Status in ksh package in Debian:
New
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once
in a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* Regression risk : low/none expected, the package has been
highly/intensively tested by a user who run over 18M ksh scripts a day
on each of their clusters.
+
* Secondly, I doubt ksh has much traction nowadays, so if a regression
occurs... It will most likely be limited to a small amount of users IMHO.
For instance, the bug has been reported 3 years ago for Red Hat, and we,
Ubuntu, only heard about this same situation for the first time a few weeks ago.
+
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
* A test package including the RH fix has been intensively tested and
verified (pre-SRU) by an affected user with positive feedbacks using a
reproducer that segfault without the RH patch.
+
* Test package (pre-SRU) feedbacks :
https://bugs.launchpad.net/ubuntu/xenial/+source/ksh/+bug/1697501/comments/7
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
* Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1697
[Group.of.nepali.translators] [Bug 1697501] Re: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
I have also reported a bug / submitted the patch to Debian upstream via
:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
- Eric
** Bug watch added: Debian Bug tracker #867181
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
** Also affects: ksh (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867181
Importance: Unknown
Status: Unknown
** Description changed:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
problem using an in-house ksh script that only works inside his
infrastructure as follow : "ksh " and then once in
a while ksh will segfault as follow :
(gdb) bt
#0 job_chksave (pid=pid@entry=19003) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
#1 0x004282ab in job_reap (sig=17) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428
#2
...
[Regression Potential]
* This update implements a fix to ensure the compiler does not drop
parts of the ksh mechanism for the crash to no longer occurs.
* The fix has been written by RH and has been proven to work for them
for the last 3 years.
Note that the RH fix has never been merged upstream (ksh is a
unmaintained project) and/or possibly never been proposed to upstream
(to be verified).
+
+ * A test package including the RH fix has been tested and verified
+ (pre-SRU) by an affected user with positive feedbacks using his
+ reproducer.
+
+ * Feedbacks :
+ "I've confirmed that our users have not had a single occurrence of core dump
on ksh with the patched package. They have run the script sequence over 3000
times since we updated with no issues."
+
[Other Info]
* ksh project is unmaintained nowadays [https://github.com/att/ast],
thus no new development is made upstream nor in debian upstream.
* Details about the RH bug :
--
- https://bugzilla.redhat.com/show_bug.cgi?id=1123467
- https://bugzilla.redhat.com/show_bug.cgi?id=1112306
- https://access.redhat.com/solutions/1253243
- http://rhn.redhat.com/errata/RHBA-2014-1015.html
# ksh.spec
Fri Jul 25 2014 Michal Hlavinka - 20120801-10.8
- job locking mechanism did not survive compiler optimization (#1123467)
# patch
- ksh-20120801-locking.patch
--
[Original Description]
# gdb
[New LWP 3882]
Core was generated by `/bin/ksh .ksh'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 job_chksave (pid=pid@entry=19385) at
/build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948
1948 if(jp->pid==pid)
(gdb) p *jp
Cannot access memory at address 0xb
(gdb) p *jp->pid
Cannot access memory at address 0x13
(gdb) p pid
$2 = 19385
(gdb) p *jpold
$1 = {next = 0xb, pid = -604008960, exitval = 11124}
The struct is corrupted at some point looking at the next,pid and
exitval struct members values which isn't valid data.
# assembly code
=> 0x00427159 <+41>: cmp %edi,0x8(%rdx)
(gdb) p $edi ## pid variable
$1 = 19385
(gdb) p *($rdx + 8) ## jp->pid struct
Cannot access memory at address 0x13
--
ksh is segfaulting because it can't access struct "jp" ($rdx) thus
cannot de-reference the struct member "jp>pid" ($rdx + 8) at line :
src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid
($edi) variable.
I have looked at the github project "att/ast" upstream repo and some
patches here and there, and nothing seems to apply.
Note that the project seems unmaintained nowadays.
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697501
Title:
ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17)
Status in ksh package in Ubuntu:
In Progress
Status in ksh source package in Trusty:
In Progress
Status in ksh source package in Xenial:
In Progress
Status in ksh source package in Yakkety:
In Progress
Status in ksh source package in Zesty:
In Progress
Status in ksh source package in Artful:
In Progress
Status in ksh package in Debian:
Unknown
Bug description:
[Impact]
* The compiler optimization dropped parts from the ksh job
locking mechanism from the binary code. As a consequence, ksh could terminate
unexpectedly with a segmentation fault after it received the SIGCHLD signal.
[Test Case]
Unfortunately, there is no clear and easy way to reproduce the
segfault.
* But the original reporter of this bug can randomly reproduce the
probl
