[syslog-ng]HUP causes a core dump
Chris Pile
cpile@snoogans.co.uk
Fri, 23 Feb 2001 17:08:04 +0000
Balazs Scheidler,
I read your message from:
http://lists.balabit.hu/pipermail/syslog-ng/2001-January/001147.html
and noticed you required a backtrace to help debug the problem where sending SIGHUP to syslog-ng causes a core dump.
We have noticed this problem occurs when you send repeated SIGHUP signals within about a second of each other.
This can happen either manually or when newsyslog is run and HUPs syslog-ng while it rotates/gzips the logs. (newsyslog -v)
quick example of how to core syslog-ng manually:
$ ps aux | grep syslog-ng
root 14416 0.2 1.0 928 624 ?? Ss 5:07PM 0:00.06 /usr/local/sbin/syslog-ng -p /var/run/syslog.pid
$ kill -HUP 14416
$ kill -HUP 14416
bash: kill: (14416) - No such pid
$ cat /var/run/syslog.pid
14416
$ ps aux | grep syslog-ng
<nothing, process cored>
OS: FreeBSD 3.3-RELEASE
syslog-ng: 1.4.10
Thanks,
Chris Pile
--
See below the gdb output:
$ gdb syslog-ng -c syslog-ng.core
(gdb) bt
#0 0x280aa3d0 in kill () from /usr/lib/libc.so.3
#1 0x280de728 in abort () from /usr/lib/libc.so.3
#2 0x8057727 in fatal (format=0x805d2db "Memory corrupted!\n") at werror.c:187
#3 0x8057fa0 in debug_free (m=0x8061a28) at xalloc.c:95
#4 0x805839d in ol_space_free (p=0x8061a2c) at xalloc.c:315
#5 0x80585ae in do_flush (c=0x8071388, w=0xbfbfdaa8) at pkt_buffer.c:101
#6 0x8055fee in write_callback (fd=0x8071408) at io.c:487
#7 0x8055a43 in io_iter (b=0x8062008) at io.c:253
#8 0x8049a58 in main_loop (backend=0x8062008) at main.c:148
#9 0x8049f8f in main (argc=5, argv=0xbfbfdc04) at main.c:317
#10 0x80496b9 in _start ()
(gdb) bt full
#0 0x280aa3d0 in kill () from /usr/lib/libc.so.3
No symbol table info available.
#1 0x280de728 in abort () from /usr/lib/libc.so.3
No symbol table info available.
#2 0x8057727 in fatal (format=0x805d2db "Memory corrupted!\n") at werror.c:187
args = 0xbfbfda28 "¼^\005\b\004"
#3 0x8057fa0 in debug_free (m=0x8061a28) at xalloc.c:95
p = (int *) 0x8061a28
real_size = 16
size = 4
#4 0x805839d in ol_space_free (p=0x8061a2c) at xalloc.c:315
m = (int *) 0x8061a28
#5 0x80585ae in do_flush (c=0x8071388, w=0xbfbfdaa8) at pkt_buffer.c:101
self = (struct pkt_buffer *) 0x8071388
res = 87
item_this = (struct ol_queue_node *) 0x8061a2c
item_next = (struct ol_queue_node *) 0x80713b4
item = (struct buffer_node *) 0x8061a2c
#6 0x8055fee in write_callback (fd=0x8071408) at io.c:487
self = (struct io_fd *) 0x8071408
res = 134577764
w = {super = {super = {next = 0x0, isa = 0x0, alloc_method = 2 '\002',
marked = 0 '\000', dead = 0 '\000'}, write = 0x8055ebc <do_write>,
writestr = 0}, fd = 0}
#7 0x8055a43 in io_iter (b=0x8062008) at io.c:253
fd = (struct nonblocking_fd *) 0x8071408
i = 0
nfds = 2
nco = 3217021744
fds = (struct pollfd *) 0xbfbfdad4
res = 1
timeout = 0
now = 982946899
#8 0x8049a58 in main_loop (backend=0x8062008) at main.c:148
exit_main_loop = 0
#9 0x8049f8f in main (argc=5, argv=0xbfbfdc04) at main.c:317
do_fork = 1
opt = -1
backend = (struct syslog_backend *) 0x8062008
syslog_ng_options = {{name = 0x8058cc0 "cfgfile", has_arg = 1,
flag = 0x0, val = 102}, {name = 0x8058cc8 "pidfile", has_arg = 1,
flag = 0x0, val = 112}, {name = 0x8058cd0 "debug", has_arg = 0,
flag = 0x0, val = 100}, {name = 0x8058cd6 "verbose", has_arg = 0,
flag = 0x0, val = 118}, {name = 0x8058cde "help", has_arg = 0, flag = 0x0,
val = 104}, {name = 0x8058ce3 "version", has_arg = 0, flag = 0x0,
val = 86}, {name = 0x8058ceb "yydebug", has_arg = 0, flag = 0x0,
val = 121}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
#10 0x80496b9 in _start ()
No symbol table info available.