Ubuntu
jfbterm package

  1. Bug #253163
  2. Comment #12

Comment 12 for bug 253163

Revision history for this message
In , Thomas (thomas-redhat-bugs) wrote :

Created attachment 495144
gdb and new patch for tterm_reset_utmp function

Hello,

I think the segfault is happening with incorrect ut_id value. I tried to fix ut_id, but it works not well especially on Debian for some unknown reason. After some test, I also found some ut_id is empty, so the new patch replace ut_id with ut_line and therefore return code checking is not necessary. Just in caes, we still keep it.

I attached segfault log, new patch and fixed log. There is utmp structure value dump from gdb, just compare utmp and utp to confirm the bug issue.

BR, Thomas.

---- summary of error log dump ----
(gdb) p utmp
$1 = {ut_type = 7, ut_pid = 0, ut_line = '\000' <repeats 31 times>, ut_i
d = "\000\000\000",
  ut_user = '\000' <repeats 31 times>, ut_host = '\000' <repeats 255 times>, ut_exit = {
    e_termination = 0, e_exit = 0}, ut_session = 0, ut_tv = {tv_sec = 0, tv_usec = 0},
  ut_addr_v6 = {0, 0, 0, 0}, __unused = '\000' <repeats 19 times>}
(gdb) p *utp
Cannot access memory at address 0x0
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
tterm_reset_utmp (p=<value optimized out>) at term.c:309
---- done ----

--- after new patch ----
(gdb) p utmp
$1 = {ut_type = 7, ut_pid = 0, ut_line = "pts/3", '\000' <repeats 26 times>,
  ut_id = "\000\000\000", ut_user = '\000' <repeats 31 times>,
  ut_host = '\000' <repeats 255 times>, ut_exit = {e_termination = 0, e_exit = 0}, ut_session = 0,
  ut_tv = {tv_sec = 0, tv_usec = 0}, ut_addr_v6 = {0, 0, 0, 0},
  __unused = '\000' <repeats 19 times>}
(gdb) p *utp
$2 = {ut_type = 7, ut_pid = 3842, ut_line = "pts/3", '\000' <repeats 26 times>,
  ut_id = "\000\000\000", ut_user = "root", '\000' <repeats 27 times>,
  ut_host = '\000' <repeats 255 times>, ut_exit = {e_termination = 0, e_exit = 0}, ut_session = 0,
  ut_tv = {tv_sec = 1303916197, tv_usec = 0}, ut_addr_v6 = {0, 0, 0, 0},
  __unused = '\000' <repeats 19 times>}
(gdb) c
Continuing.

Breakpoint 1, tterm_reset_utmp (p=0x8058c40) at term.c:298
298 {
(gdb) c
Continuing.

Program exited normally.
---- done ----