[syslog-ng]Core Dump issue on FreeBSD 4.10-STABLE

Sat, 18 Sep 2004 22:59:19 +0200

On Fri, 2004-09-17 at 20:41, Mike Williams wrote:
> --- Balazs Scheidler <bazsi@balabit.hu> wrote:
> > I find your backtrace strange, it seems to indicate, that:
> > 
> > 1) you seem to have an unknown priority code in your configuration
> > 2) while printing this fact it segfaults
> > 
> > could you enter the following commands to gdb, once you loaded the core
> > file:
> > 
> > (gdb) frame 3
> > (gdb) p yyvsp[0].cptr
> > 
> > And, please enable debug information for libol as well (e.g. pass the -g
> > argument in CFLAGS to the libol configure script as well)
> 
> root@loghost# gdb -c syslog-ng.core /usr/local/sbin/syslog-ng
> GNU gdb 4.18 (FreeBSD)
> Copyright 1998 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "i386-unknown-freebsd"...Deprecated bfd_read called at
> /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 2627 in
> elfstab_build_psymtabs
> Deprecated bfd_read called at
> /usr/src/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 933 in fill_symbuf
> 
> Core was generated by `syslog-ng'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/lib/libc.so.4...done.
> Reading symbols from /usr/libexec/ld-elf.so.1...done.
> #0  0x80580b7 in c_vformat_length (f=0x805fc46 "S\n", args=0x805cb40 "p:dvhyVC:u:g:") at
> format.c:161
> 161			length += s ? s->length : 6;
> (gdb) bt
> #0  0x80580b7 in c_vformat_length (f=0x805fc46 "S\n", args=0x805cb40 "p:dvhyVC:u:g:") at
> format.c:161
> #1  0x805af1d in msg_vformat (level=3, f=0x805fc20 "Changing permissions on special file %S\n",
> args=0xbfbff82c "@q\006\b\004") at werror.c:132
> #2  0x805afdb in werror (format=0x805fc20 "Changing permissions on special file %S\n") at
> werror.c:152
> #3  0x8052038 in do_open_file (name=0x8067140, flags=32772, uid=-1, gid=-1, mode=-1, dir_uid=-1,
> dir_gid=-1, dir_mode=-1, create_dirs=0, fd=0xbfbff8f8)
>     at affile.c:101
> #4  0x8052278 in do_init_affile_source (c=0x8068100, cfg=0x8069000, persistent=0x0) at
> affile.c:159
> #5  0x804b2eb in do_init_group (c=0x8074100, cfg=0x8069000, persistent=0x0) at sources.c:303
> #6  0x804d84f in do_init_config (self=0x8069000, p=0x0) at cfgfile.c:232
> #7  0x804a6db in main (argc=1, argv=0xbfbffae8) at main.c:491
> (gdb) frame 3
> #3  0x8052038 in do_open_file (name=0x8067140, flags=32772, uid=-1, gid=-1, mode=-1, dir_uid=-1,
> dir_gid=-1, dir_mode=-1, create_dirs=0, fd=0xbfbff8f8)
>     at affile.c:101
> 101			werror("Changing permissions on special file %S\n", name);
> (gdb) p yyvsp[0].cptr
> No symbol "yyvsp" in current context.
> (gdb) quit
> 
> It appears I may have done something wrong.  Can you help?

Something is completely strange, do_open_file still has name=0x8067140
as argument, which is passed to werror() without _any_ changes.

werror passes this value to msg_vformat(), and it still seems to be ok,
'@' == 0x40, 'q' == 0x71, and the other two bytes matches as well.

in msg_vformat the argument list is copied using va_copy and the copied
value is passed to c_vformat_length. Looking at the backtrace you sent,
that value is completely bogus.

Either the va_copy implementation on FreeBSD is broken, or I'm doing
something wrong with that macro in syslog-ng. I read the man page for
va_* macros on Linux, and my use seem to be conforming to the spec.

Can you show your stdarg.h file? It is either in
/usr/lib/gcc-lib/<arch>/<gccversion>/include/stdarg.h or in
/usr/include/stdarg.h.

It might also be useful to check which file your compiler uses, if you
are running gcc, please specify the -E option to gcc while compiling
werror.c and please post the resulting output. (the postprocessed file)

-- 
Bazsi