innfeed segfaults on NULL buffer in getBanner() - mine too..

Kai Gallasch gallasch at free.de
Tue Jun 19 08:57:37 UTC 2007


Hi.

I have some problem with innfeed crashing a fews seconds after starting
up. For several weeks we are now trying to get our inn-2.4.3_2 running
inside a FreeBSD 6.2 jail on our opteron server.

This crashing of innfeed seems to be related to an issue discussed on
the inn-workers mailinglist in Feb. 2007.

http://lists.litech.org/pipermail/inn-workers/2007q1/013637.html

Our server:

FreeBSD 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sun Nov 26 01:11:19
CET 2006     houdini at geldkraft.free.de:/usr/obj/usr/src/sys/SMP  amd64

innfeed keeps segfaulting every few seconds with signal 11 and
dumps core.

We did a gdb session on innfeed and we observed the same with
getBanner() as the previous reporter.

Does anyone else on the list have knowledge of other installations that
show similar problems with innfeed? Problems with a segfaulting innfeed
and inn-2.4.3_2 possibly running FreeBSD?

I already notified the FreeBSD Ports maintainer of the inn port about
the issue, but have until now got no feedback from him.

Below you can find the output of our gdb session. Looks very similar..

Any comments, hints or help appreciated.

Cheers,
Kai Gallasch.

---- gdb session.out ---

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".

(gdb) file /usr/local/news/bin/innfeed
Reading symbols from /usr/local/news/bin/innfeed...done.
(gdb) run
Starting program: /usr/local/news/bin/innfeed

Program received signal SIGSEGV, Segmentation fault.
0x000000000040585c in bufferBase (buff=0x0) at buffer.c:230
230     buffer.c: No such file or directory.
        in buffer.c
(gdb) ?
Undefined command: "".  Try "help".
(gdb) bt
#0  0x000000000040585c in bufferBase (buff=0x0) at buffer.c:230
#1  0x0000000000421c2c in getBanner (e=0x57b300, i=IoDone, b=0x56e980,
d=0x57b000) at connection.c:1392
#2  0x000000000040c210 in Run () at endpoint.c:752
#3  0x000000000041a66f in main (argc=0, argv=0x7fffffffeb68) at main.c:478
(gdb)
#0  0x000000000040585c in bufferBase (buff=0x0) at buffer.c:230
#1  0x0000000000421c2c in getBanner (e=0x57b300, i=IoDone, b=0x56e980,
d=0x57b000) at connection.c:1392
#2  0x000000000040c210 in Run () at endpoint.c:752
#3  0x000000000041a66f in main (argc=0, argv=0x7fffffffeb68) at main.c:478
(gdb) w
Ambiguous command "w": watch, wh, whatis, where, while, while-stepping,
winheight, ws.
(gdb) where
#0  0x000000000040585c in bufferBase (buff=0x0) at buffer.c:230
#1  0x0000000000421c2c in getBanner (e=0x57b300, i=IoDone, b=0x56e980,
d=0x57b000) at connection.c:1392
#2  0x000000000040c210 in Run () at endpoint.c:752
#3  0x000000000041a66f in main (argc=0, argv=0x7fffffffeb68) at main.c:478
(gdb) frame 1
(gdb) frame 1
#1  0x0000000000421c2c in getBanner (e=0x57b300, i=IoDone, b=0x56e980,
d=0x57b000) at connection.c:1392
1392    connection.c: No such file or directory.
        in connection.c
(gdb) print *cxn
$1 = {myHost = 0x56a400, myEp = 0x57b300, ident = 0, state =
cxnConnectingS, checkHead = 0x0, checkRespHead = 0x0, takeHead = 0x0,
takeRespHead = 0x0, articleQTotal = 0, missing = 0x0,
  respBuffer = 0x575048, ipName = 0x567b20 "news.verbrennung.org",
maxCheck = 1, port = 119, articleReceiptTimeout = 600, artReceiptTimerId
= 0, readTimeout = 300, readBlockedTimerId = 4,
  writeTimeout = 300, writeBlockedTimerId = 0, flushTimeout = 82059,
flushTimerId = 5, sleepTimeout = 30, sleepTimerId = 0, loggedNoCr =
false, immedRecon = false, doesStreaming = false,
  authenticated = false, quitWasIssued = false, needsChecks = true,
timeCon = 0, artsTaken = 0, checksIssued = 0, checksRefused = 0,
takesRejected = 0, takesOkayed = 0, takesSizeRejected = 0,
  takesSizeOkayed = 0, onThreshold = 47.5, offThreshold = 45,
filterValue = 0, lowPassFilter = 50, next = 0x0}
(gdb) p b
$2 = (Buffer *) 0x56e980
(gdb) p *b
$3 = 0x0
(gdb) p *(struct buffer_s*)b
$4 = {refCount = 0, mem = 0x0, memSize = 0, dataSize = 0, deletable =
false, bufferDeletedCbk = 0, bufferDeletedCbkData = 0x0, next = 0x0,
prev = 0x0}
(gdb)



-- 

"Jesus was a Crossmaker"


More information about the inn-workers mailing list