How can I solve this error.
root@:~# ps ax
PID TTY STAT TIME COMMAND
1 ? Ss 0:01 init [2]
37 ? S< 0:00 [cpuset]
38 ? S< 0:00 [khelper]
39 ? S 0:00 [kdevtmpfs]
40 ? S< 0:00 [netns]
41 ? S 0:00 [sync_supers]
42 ? S 0:00 [bdi-default]
43 ? S< 0:00 [kintegrityd]
44 ? S< 0:00 [kblockd]
45 ? S 0:00 [khungtaskd]
46 ? S 0:00 [kswapd0]
47 ? SN 0:00 [ksmd]
48 ? SN 0:00 [khugepaged]
49 ? S 0:00 [fsnotify_mark]
50 ? S< 0:00 [crypto]
116 ? S< 0:00 [ata_sff]
129 ? S< 0:00 [mpt_poll_0]
131 ? S< 0:00 [mpt/0]
145 ? S 0:00 [scsi_eh_2]
150 ? S 0:00 [kworker/u:3]
194 ? S 0:00 [kjournald]
339 ? S< 0:00 [kpsmoused]
796 ? Ss 0:00 /sbin/portmap
986 ? Sl 0:00 /usr/sbin/rsyslogd -c4
1091 ? S 0:00 /usr/sbin/vmtoolsd
1123 ? Ss 0:00 /usr/sbin/apache2 -k start
1152 ? Ss 0:00 /usr/sbin/atd
Signal 11 (SEGV) caught by ps (procps version 3.2.8).
Please send bug reports to <feedback@lists.sf.net> or <albert@users.sf.net>
root@:~#
root@:~# sysctl -a | grep grsec
kernel.grsecurity.linking_restrictions = 1
kernel.grsecurity.enforce_symlinksifowner = 1
kernel.grsecurity.symlinkown_gid = 33
kernel.grsecurity.exec_logging = 1
kernel.grsecurity.signal_logging = 1
kernel.grsecurity.forkfail_logging = 1
kernel.grsecurity.timechange_logging = 1
kernel.grsecurity.chroot_execlog = 1
kernel.grsecurity.audit_chdir = 1
kernel.grsecurity.audit_mount = 1
kernel.grsecurity.resource_logging = 1
kernel.grsecurity.audit_ptrace = 1
kernel.grsecurity.grsec_lock = 0
kernel.osrelease = 3.2.38-grsec
root@:~# cat /etc/debian_version
6.0.6
root@:~# cat /etc/group | grep www-data:x
www-data:x:33:
Signal 11 (SEGV) caught by ps (procps version 3.2.8).
7 posts
• Page 1 of 1
Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by bugmenot » Thu Feb 21, 2013 12:18 pm
- bugmenot
- Posts: 14
- Joined: Sat Jun 27, 2009 12:42 am
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by spender » Thu Feb 21, 2013 2:53 pm
Can you strace ps ax ?
Has procps been updated recently? What's the last patch that didn't exhibit this problem?
-Brad
Has procps been updated recently? What's the last patch that didn't exhibit this problem?
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by bugmenot » Fri Feb 22, 2013 3:12 am
root@:~# dpkg -l | grep procps
ii procps 1:3.2.8-9squeeze1 /proc file system utilities
The last two patch exhibit that problem. I sad that the patch caused that problem before but unfortunately it is still repeating with that one.
grsecurity-2.9.1-3.2.39-201302202032.patch
I didnt try that one, ıf you say so, i can try that.
ii procps 1:3.2.8-9squeeze1 /proc file system utilities
The last two patch exhibit that problem. I sad that the patch caused that problem before but unfortunately it is still repeating with that one.
grsecurity-2.9.1-3.2.39-201302202032.patch
I didnt try that one, ıf you say so, i can try that.
- bugmenot
- Posts: 14
- Joined: Sat Jun 27, 2009 12:42 am
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by spender » Fri Feb 22, 2013 8:14 am
Can you provide the strace?
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by bugmenot » Fri Feb 22, 2013 8:53 am
- bugmenot
- Posts: 14
- Joined: Sat Jun 27, 2009 12:42 am
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by spender » Mon Feb 25, 2013 10:29 pm
This is actually an upstream problem. 3.2.29 backported a change that allowed /proc/pid/status to show all supplementary groups, not just a max of 32. Procps wants to read a line and extract out each supplementary group, but there's a bug in its implementation where it instead basically assumes that a full line will occur within a single 1024 byte read(). Since it doesn't, it keeps looping, eventually performs an integer overflow on its size argument to realloc, and crashes after the resulting overflowed-size buffer is allocated.
So you'll only see this if a particular task is running with a rather large number of supplementary groups. I'm waiting to see how upstream responds to this problem, but it doesn't look like they've figured out the above yet.
-Brad
So you'll only see this if a particular task is running with a rather large number of supplementary groups. I'm waiting to see how upstream responds to this problem, but it doesn't look like they've figured out the above yet.
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: Signal 11 (SEGV) caught by ps (procps version 3.2.8).
by spender » Mon Feb 25, 2013 10:33 pm
If you'd like to revert to the previous kernel behavior, just apply one of the following patches on top of the already-patched kernel:
For 3.8:
For 3.2:
For 3.8:
- Code: Select all
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 077235f..439544f 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -212,7 +212,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
group_info = cred->group_info;
task_unlock(p);
- for (g = 0; g < group_info->ngroups; g++)
+ for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++)
seq_printf(m, "%d ",
from_kgid_munged(user_ns, GROUP_AT(group_info, g)));
put_cred(cred);
For 3.2:
- Code: Select all
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 3a1dafd..439b5a1 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -204,7 +204,7 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
group_info = cred->group_info;
task_unlock(p);
- for (g = 0; g < group_info->ngroups; g++)
+ for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++)
seq_printf(m, "%d ", GROUP_AT(group_info, g));
put_cred(cred);
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
7 posts
• Page 1 of 1