You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Rasmus Lerdorf <ra...@lerdorf.on.ca> on 1998/06/25 00:15:20 UTC

Solaris bus error?

I am getting the following bus error.  Looks like something is stepping
all over r->connection.  It could be me, but if someone sees something
they recognize here, it would save me a few hours in the debugger.

#0  0x765dc in ap_bgetopt (fb=0x2020316b, optname=1, optval=0x1621d0) at
buff.c:407
#1  0x8ea58 in ap_rprintf (r=0x162180, fmt=0xd91d0 "%4dk") at
http_protocol.c:1894
#2  0x9c050 in ap_send_size (size=1270, r=0x162180) at util_script.c:544
#3  0x33114 in output_directories (ar=0x1791c8, n=661, d=0x137ae0,
r=0x162180, autoindex_opts=1, keyid=78 'N', direction=65 'A')
    at mod_autoindex.c:920
#4  0x338d8 in index_directory (r=0x162180, autoindex_conf=0x137ae0) at
mod_autoindex.c:1123
#5  0x33aa8 in handle_autoindex (r=0x162180) at mod_autoindex.c:1164
#6  0x79a54 in ap_invoke_handler (r=0x162180) at http_config.c:503
#7  0x927dc in process_request_internal (r=0x162180) at
http_request.c:1174
#8  0x92830 in ap_process_request (r=0x162180) at http_request.c:1191
#9  0x87e58 in child_main (child_num_arg=25) at http_main.c:3623
#10 0x88184 in make_child (s=0x136ca8, slot=25, now=898711661) at
http_main.c:3743
#11 0x8867c in perform_idle_server_maintenance () at http_main.c:3898
#12 0x88d98 in standalone_main (argc=3, argv=0xeffffe74) at
http_main.c:4125
#13 0x894d4 in main (argc=3, argv=0xeffffe74) at http_main.c:4294
(gdb) up
#1  0x8ea58 in ap_rprintf (r=0x162180, fmt=0xd91d0 "%4dk") at
http_protocol.c:1894
1894        SET_BYTES_SENT(r);
(gdb) p r
$1 = (request_rec *) 0x162180
(gdb) p *r
$2 = {pool = 0x162158, connection = 0x161140, server = 0x155c90, next =
0x0, prev = 0x0, main = 0x0, 
  the_request = 0x162890 "GET /manual/ HTTP/1.1", assbackwards = 0,
proxyreq = 0, header_only = 0, protocol = 0x1628e0 "HTTP/1.1", 
  proto_num = 1001, hostname = 0x162a50 "www.php3.org", request_time =
898715503, status_line = 0xd7470 "200 OK", status = 200, 
  method = 0x1628a8 "GET", method_number = 0, allowed = 1, sent_bodyct =
1, bytes_sent = 81877, mtime = 0, chunked = 1, 
  byterange = 0, boundary = 0x0, range = 0x0, clength = 0, remaining = 0,
read_length = 0, read_body = 0, read_chunked = 0, 
  headers_in = 0x162300, headers_out = 0x162650, err_headers_out =
0x1626c8, subprocess_env = 0x1624a8, notes = 0x162708, 
  content_type = 0xbbdb8 "text/html", handler = 0x0, content_encoding =
0x0, content_language = 0x0, content_languages = 0x0, 
  no_cache = 0, no_local_copy = 0, unparsed_uri = 0x1628c0 "/manual/", uri
= 0x1628d0 "/manual/", 
  filename = 0x162c38 "/u/www/servers/lerdorf/php3/manual/", path_info =
0x162ac0 "/", args = 0x0, finfo = {st_dev = 42729473, 
    st_pad1 = {0, 0, 0}, st_ino = 2670357, st_mode = 16877, st_nlink = 3,
st_uid = 0, st_gid = 1, st_rdev = 0, st_pad2 = {0, 0}, 
    st_size = 36864, st_pad3 = 0, st_atim = {tv_sec = 898714902, tv_nsec =
640000000}, st_mtim = {tv_sec = 898678906, 
      tv_nsec = 730001000}, st_ctim = {tv_sec = 898678906, tv_nsec =
730001000}, st_blksize = 8192, st_blocks = 72, 
    st_fstype = "nfs", '\000' <repeats 12 times>, st_pad4 = {0, 0, 0, 0,
0, 0, 0, 0}}, parsed_uri = {scheme = 0x0, hostinfo = 0x0, 
    user = 0x0, password = 0x0, hostname = 0x0, port_str = 0x0, path =
0x1628d0 "/manual/", query = 0x0, fragment = 0x0, 
    hostent = 0x0, port = 0, is_initialized = 1, dns_looked_up = 0,
dns_resolved = 0}, per_dir_config = 0x162af0, 
  request_config = 0x162748, htaccess = 0x0}
(gdb) p r->connection
$3 = (conn_rec *) 0x161140
(gdb) p *r->connection
$4 = {pool = 0x2020336b, server = 0x20202033, base_server = 0x6b203234,
vhost_lookup_data = 0x336b2020, child_num = 540109600, 
  client = 0x2020316b, local_addr = {sin_family = 2, sin_port = 80,
sin_addr = {S_un = {S_un_b = {s_b1 = 207 'Ï', s_b2 = 164 '¤', 
          s_b3 = 55 '7', s_b4 = 5 '\005'}, S_un_w = {s_w1 = 53156, s_w2 =
14085}, S_addr = 3483645701}}, 
    sin_zero = "\000\000\000\000\000\000\000"}, remote_addr = {sin_family
= 2, sin_port = 62544, sin_addr = {S_un = {S_un_b = {
          s_b1 = 208 'Ð', s_b2 = 235 'ë', s_b3 = 140 '\214', s_b4 = 4
'\004'}, S_un_w = {s_w1 = 53483, s_w2 = 35844}, 
        S_addr = 3505097732}}, sin_zero = "\000\000\000\000\000\000\000"},
remote_ip = 0x161198 "208.235.140.4", 
  remote_host = 0x0, remote_logname = 0x0, user = 0x0, ap_auth_type = 0x0,
aborted = 0, keepalive = 1, keptalive = 0, 
  double_reverse = 0, keepalives = 1}
(gdb) p *r->connection->client
Cannot access memory at address 0x2020316b.

Re: Solaris bus error?

Posted by Rasmus Lerdorf <ra...@lerdorf.on.ca>.

Yes, this is 1.3.0.  Looking at it further, it is the same problem I saw a
while ago but never actually tracked down.  r->connection is getting
overwritten with ascii: "  2k   2k   1k   2k   3k"

ie.

(gdb) x/20 r->connection
0x161140 <_end+173276>: 0x2020326b      0x20202032      0x6b202020
0x316b2020
0x161150 <_end+173292>: 0x20326b20      0x2020336b      0x00020050
0xcfa43705
0x161160 <_end+173308>: 0x00000000      0x00000000      0x0002d310
0x81bbc801
0x161170 <_end+173324>: 0x00000000      0x00000000      0x00161198
0x00000000
0x161180 <_end+173340>: 0x00000000      0x00000000      0x00000000
0x20000000

It only seems to happen to certain virtual hosts as well.  

> Maybe there's an overwriting bug hiding in ap_bprintf... 
> 
> This is with 1.3.0 right? 
> 
> On Wed, 24 Jun 1998, Rasmus Lerdorf wrote:
> 
> > I am getting the following bus error.  Looks like something is stepping
> > all over r->connection.  It could be me, but if someone sees something
> > they recognize here, it would save me a few hours in the debugger.

Re: Solaris bus error?

Posted by Dean Gaudet <dg...@arctic.org>.

Maybe there's an overwriting bug hiding in ap_bprintf... 

This is with 1.3.0 right? 

Dean

On Wed, 24 Jun 1998, Rasmus Lerdorf wrote:

> I am getting the following bus error.  Looks like something is stepping
> all over r->connection.  It could be me, but if someone sees something
> they recognize here, it would save me a few hours in the debugger.

Re: Solaris bus error?

Posted by Dean Gaudet <dg...@arctic.org>.

On Wed, 24 Jun 1998, Rasmus Lerdorf wrote:

> I am getting the following bus error.  Looks like something is stepping
> all over r->connection.  It could be me, but if someone sees something
> they recognize here, it would save me a few hours in the debugger.

If you can reproduce this, could you try this patch and see if it solves
it?  This patch shouldn't be necessary... if it is, then ap_bputc is
broken as well... and I don't see why. 

Dean

Index: main/buff.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/main/buff.c,v
retrieving revision 1.77
diff -u -r1.77 buff.c
--- buff.c	1998/06/04 19:58:57	1.77
+++ buff.c	1998/06/25 19:46:01
@@ -1507,7 +1507,7 @@
 		     b->vbuff.curpos - (char *)&fb->outbase[fb->outcnt]);
 #endif /*CHARSET_EBCDIC*/
     fb->outcnt += b->vbuff.curpos - (char *)&fb->outbase[fb->outcnt];
-    if (fb->outcnt == fb->bufsiz) {
+    if (fb->outcnt >= fb->bufsiz) {
 	if (ap_bflush(fb)) {
 	    return -1;
 	}