NetBSD Problem Report #52699

From www@NetBSD.org  Sun Nov  5 07:51:25 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 48C577A1D4
	for <gnats-bugs@gnats.NetBSD.org>; Sun,  5 Nov 2017 07:51:25 +0000 (UTC)
Message-Id: <20171105075124.08B377A222@mollari.NetBSD.org>
Date: Sun,  5 Nov 2017 07:51:24 +0000 (UTC)
From: bapabooiee@gmail.com
Reply-To: bapabooiee@gmail.com
To: gnats-bugs@NetBSD.org
Subject: on RPi, mount_psshfs crashes when under heavy load
X-Send-Pr-Version: www-1.0

>Number:         52699
>Category:       bin
>Synopsis:       on RPi, mount_psshfs crashes when under heavy load
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 05 07:55:00 +0000 2017
>Originator:     Dean Matzkov
>Release:        pkgsrc-2017Q3
>Organization:
>Environment:
NetBSD localhost 7.1 NetBSD 7.1 (GENERIC.201703111743Z) amd64
>Description:
When /usr/sbin/mount_sshfs is under heavy load for a while, it seems to crash. I've been able to reproduce this twice on my Raspberry Pi 1, model B (the ooooold, slow, single-core one with 512 MB of RAM) while foolishy using a pkgsrc tree mounted via SSHFS/SFTP.

The RPi OS image I used is from here, `dd'-ed straight to my SD card:
https://ftp.netbsd.org/pub/NetBSD/NetBSD-7.1/evbarm-earmv6hf/binary/gzimg/

Here's some GDB output (cmd: gdb /usr/sbin/mount_psshfs mount_psshfs.core):

-----SNIP-----
[New process 1]
Core was generated by `mount_psshfs'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x401d17d8 in memcpy () from /usr/lib/libc.so.12
(gdb) bt
#0  0x401d17d8 in memcpy () from /usr/lib/libc.so.12
#1  0x400689c4 in puffs_framebuf_putdata () from /usr/lib/libpuffs.so.2
#2  0x000147a0 in psbuf_put_data ()
#3  0x000136bc in psshfs_node_read ()
#4  0x40067038 in ?? () from /usr/lib/libpuffs.so.2
#5  0x400675b4 in puffs.ml_dispatch () from /usr/lib/libpuffs.so.2
#6  0x40069bb0 in puffs.framev_input () from /usr/lib/libpuffs.so.2
#7  0x4006bb34 in puffs.theloop () from /usr/lib/libpuffs.so.2
#8  0x40146610 in inet_network () from /usr/lib/libc.so.12
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
-----/SNIP-----

And here is the aforementioned mount_psshfs.core file from my device:
https://drive.google.com/file/d/19R_jvBXy_Hr6CMA-3IU5erPrgizsGmj1/view?usp=sharing

Note that this might very well be a bug (or perhaps a feature?) that has nothing to do with running on a Raspberry Pi 1, model B (and thus, why this is filed under `bin' and not port-*).
>How-To-Repeat:
On server:

$ git clone --depth 1 https://github.com/netbsd/pkgsrc -b pkgsrc-2017Q3 pkgsrc_export

On client (in this case, the Raspberry Pi device):

# /usr/sbin/mount_psshfs USER@SERVER:pkgsrc_export /home/USER/pkgsrc
$ cd ~/pkgsrc/editors/vim
$ make

Wait for a few minutes, and eventually, KABOOM. Followed by, possibly, a core dump called /root/mount_psshfs.core.
>Fix:
None, sadly. (Where are the debug sets for the RPi?)

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.