Re: SEGV in bleadperl@17165 under mod_perl
Jarkko Hietaniemi [EMAIL PROTECTED] writes:
I'm grasping at straws, and I really don't know much about
PerlIO... but try this:
//depot/perl/perlio.c#179 - /u/vieraat/vieraat/jhi/pp4/perl/perlio.c
Index: perl/perlio.c
--- perl/perlio.c.~1~ Thu Jun 13 20:05:05 2002
+++ perl/perlio.c Thu Jun 13 20:05:05 2002
@@ -2734,7 +2734,7 @@
PerlIOStdio_flush(pTHX_ PerlIO *f)
{
FILE *stdio = PerlIOSelf(f, PerlIOStdio)-stdio;
-if (PerlIOBase(f)-flags PERLIO_F_CANWRITE) {
+if (stdio PerlIOBase(f)-flags PERLIO_F_CANWRITE) {
return PerlSIO_fflush(stdio);
}
else {
End of Patch.
NI-S will probably find this patch very wrong :-)
Should be harmless. A :stdio layer without a FILE * should never happen.
Your patch prevents it doing fflush(NULL) if it does.
--
Nick Ing-Simmons
http://www.ni-s.u-net.com/
Re: SEGV in bleadperl@17165 under mod_perl
Doug Maceachern [EMAIL PROTECTED] writes: patch below also cures (when calling system() with Apache::Upload handles still alive). seems PerlIO_importFILE() should have a mode argument, It did but nobody used it and now we have legacy. The thing that world passes as 0 was suppoed to be O_READ style mode. I think it it too late to start honouring that but will gladly do so if that is considered 5.8 worthy. in this case we only want to allow reading on the given FILE* --- Request/Request.xs~Sun Jan 20 09:27:35 2002 +++ Request/Request.xs Thu Jun 13 15:07:28 2002 @@ -38,6 +38,7 @@ #undef __attribute__ #include mod_perl.h +#include perliol.h #ifdef WIN32 @@ -494,6 +495,7 @@ CODE: if ( ( RETVAL = PerlIO_importFILE(ApacheUpload_fh(upload),0) ) == NULL ) XSRETURN_UNDEF; +PerlIOBase((PerlIO*)RETVAL)-flags = ~PERLIO_F_CANWRITE; OUTPUT: RETVAL Import attempts to find out how FD that FILE * is using is open but that really isn't sufficient. -- Nick Ing-Simmons http://www.ni-s.u-net.com/
Re: SEGV in bleadperl@17165 under mod_perl
On Wed, 12 Jun 2002 23:45:41 +0200, [EMAIL PROTECTED] (Andreas J. Koenig) said: Currently I have a testcase that is still 7300 lines of perl code for the server (after all these are in one file) but only 50 lines for the client. I hope to cut that down to a reasonable size tomorrow. I fear I have to give up on this, I cannot cut the test case below 2800 lines. I cannot make it database-independent either. Whatever I cut out, the SEGV goes away. :-( I have switched to blead@17207 (apache is 1.3.24, mod_perl is 1.27) and this is the stack trace today. The line numbers are again wrong and I have no idea why. Please take another *sharp* look. If this bug cannot be fixed, I cannot upgrade PAUSE to 5.8.0 (unless I rename it to PAUSEGV :-) Program received signal SIGSEGV, Segmentation fault. 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43 43 iofflush.c: No such file or directory. (gdb) bt #0 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43 #1 0x8205fea in PerlIOStdio_flush (my_perl=0x82f4258, f=0x82fb298) at perlio.c:2738 #2 0x8203fde in Perl_PerlIO_flush (my_perl=0x82f4258, f=0x82fb298) at perlio.c:1459 #3 0x82040a8 in Perl_PerlIO_flush (my_perl=0x82f4258, f=0x82fb298) at perlio.c:1487 #4 0x8173e8f in Perl_my_popen (my_perl=0x82f4258, cmd=0x88b8fc1 -, mode=0xb524 w) at util.c:2080 #5 0x81e3297 in Perl_do_openn (my_perl=0x82f4258, gv=0x88c5f34, name=0x88b8fc1 -, len=1, as_raw=0, rawmode=0, rawperm=0, supplied_fp=0x0, svp=0x84f7098, num_svs=0) at doio.c:282 #6 0x81cbda3 in Perl_pp_open (my_perl=0x82f4258) at pp_sys.c:542 #7 0x816eb43 in Perl_runops_debug (my_perl=0x82f4258) at dump.c:1398 #8 0x81174a3 in S_call_body (my_perl=0x82f4258, myop=0xb758, is_eval=0) at perl.c:2044 #9 0x8117003 in Perl_call_sv (my_perl=0x82f4258, sv=0x8387470, flags=4) at perl.c:1962 #10 0x809da38 in perl_call_handler (sv=0x8387470, r=0x87869ac, args=0x0) at mod_perl.c:1658 #11 0x809cbc4 in perl_run_stacked_handlers (hook=0x828e399 PerlHandler, r=0x87869ac, handlers=0x83873ec) at mod_perl.c:1371 #12 0x809a637 in perl_handler (r=0x87869ac) at mod_perl.c:897 #13 0x80e6379 in ap_invoke_handler () at eval.c:88 #14 0x80fbbdf in process_request_internal () at eval.c:88 #15 0x80fbc4a in ap_process_request () at eval.c:88 #16 0x80f2897 in child_main () at eval.c:88 #17 0x80f2a55 in make_child () at eval.c:88 #18 0x80f2bd6 in startup_children () at eval.c:88 #19 0x80f326d in standalone_main () at eval.c:88 #20 0x80f3acc in main () at eval.c:88 #21 0x400a475d in __libc_start_main (main=0x80f3738 main, argc=4, ubp_av=0xbae4, init=0x807a628 _init, fini=0x8286704 _fini, rtld_fini=0x4000b8f4 _dl_fini, stack_end=0xbadc) at ../sysdeps/generic/libc-start.c:129 Loaded modules of the application are quite a lot: Apache Apache::Connection Apache::Constants Apache::Constants::Exports Apache::HeavyCGI Apache::HeavyCGI::Date Apache::HeavyCGI::Exception Apache::HeavyCGI::ExePlan Apache::HeavyCGI::Layout Apache::Request Apache::Server Apache::Status Apache::Symbol Apache::Table Apache::URI AutoLoader B Carp Class::Singleton Compress::Zlib Config Cwd DBD::mysql DBI Data::Dumper Devel::Symdump DirHandle DynaLoader Encode Encode::Alias Encode::Config Encode::Encoding Exporter Exporter::Heavy ExtUtils::Manifest Fcntl File::Basename File::Copy File::Find File::Spec File::Spec::Unix HTML::Entities HTML::Parser HTTP::Date IO IO::File IO::Handle IO::Seekable List::Util Mail::Mailer Mail::Mailer::rfc822 Mail::Mailer::sendmail Mail::Send Scalar::Util SelectSaver String::Random Symbol Text::Tabs Text::Wrap Time::HiRes Time::Local URI URI::Escape URI::URL URI::WithBase URI::_generic URI::_query URI::_server URI::_userpass URI::ftp Unicode::String XML::Parser XML::Parser::Expat XSLoader base bytes constant fields integer lib mod_perl overload pause_1999::authensegv pause_1999::configsegv re strict utf8 vars warnings warnings::register Most of the modules are not involved in any action, most of the testscript is unused code. The test script only does the following: 1. Authentication via DBI (mysql) 2. Receive an uploaded file via Apache::Request 3. Send mail via Mail::Mailer (sendmail) Action must be repeated about 6-8 times, only then the SEGV is reached. -- andreas
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, Jun 13, 2002 at 06:52:13PM +0200, Andreas J. Koenig wrote:
On Wed, 12 Jun 2002 23:45:41 +0200, [EMAIL PROTECTED] (Andreas J.
Koenig) said:
Currently I have a testcase that is still 7300 lines of perl code for
the server (after all these are in one file) but only 50 lines for the
client. I hope to cut that down to a reasonable size tomorrow.
I fear I have to give up on this, I cannot cut the test case below
2800 lines. I cannot make it database-independent either. Whatever I
cut out, the SEGV goes away. :-(
I have switched to blead@17207 (apache is 1.3.24, mod_perl is 1.27)
and this is the stack trace today. The line numbers are again wrong
and I have no idea why. Please take another *sharp* look. If this bug
cannot be fixed, I cannot upgrade PAUSE to 5.8.0 (unless I rename it
to PAUSEGV :-)
Program received signal SIGSEGV, Segmentation fault.
0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
43 iofflush.c: No such file or directory.
(gdb) bt
#0 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
#1 0x8205fea in PerlIOStdio_flush (my_perl=0x82f4258, f=0x82fb298)
at perlio.c:2738
I'm grasping at straws, and I really don't know much about
PerlIO... but try this:
//depot/perl/perlio.c#179 - /u/vieraat/vieraat/jhi/pp4/perl/perlio.c
Index: perl/perlio.c
--- perl/perlio.c.~1~ Thu Jun 13 20:05:05 2002
+++ perl/perlio.c Thu Jun 13 20:05:05 2002
@@ -2734,7 +2734,7 @@
PerlIOStdio_flush(pTHX_ PerlIO *f)
{
FILE *stdio = PerlIOSelf(f, PerlIOStdio)-stdio;
-if (PerlIOBase(f)-flags PERLIO_F_CANWRITE) {
+if (stdio PerlIOBase(f)-flags PERLIO_F_CANWRITE) {
return PerlSIO_fflush(stdio);
}
else {
End of Patch.
NI-S will probably find this patch very wrong :-)
#2 0x8203fde in Perl_PerlIO_flush (my_perl=0x82f4258, f=0x82fb298)
at perlio.c:1459
#3 0x82040a8 in Perl_PerlIO_flush (my_perl=0x82f4258, f=0x82fb298)
at perlio.c:1487
#4 0x8173e8f in Perl_my_popen (my_perl=0x82f4258, cmd=0x88b8fc1 -,
mode=0xb524 w) at util.c:2080
#5 0x81e3297 in Perl_do_openn (my_perl=0x82f4258, gv=0x88c5f34,
name=0x88b8fc1 -, len=1, as_raw=0, rawmode=0, rawperm=0,
supplied_fp=0x0, svp=0x84f7098, num_svs=0) at doio.c:282
#6 0x81cbda3 in Perl_pp_open (my_perl=0x82f4258) at pp_sys.c:542
#7 0x816eb43 in Perl_runops_debug (my_perl=0x82f4258) at dump.c:1398
#8 0x81174a3 in S_call_body (my_perl=0x82f4258, myop=0xb758, is_eval=0)
at perl.c:2044
#9 0x8117003 in Perl_call_sv (my_perl=0x82f4258, sv=0x8387470, flags=4)
at perl.c:1962
#10 0x809da38 in perl_call_handler (sv=0x8387470, r=0x87869ac, args=0x0)
at mod_perl.c:1658
#11 0x809cbc4 in perl_run_stacked_handlers (hook=0x828e399 PerlHandler,
r=0x87869ac, handlers=0x83873ec) at mod_perl.c:1371
#12 0x809a637 in perl_handler (r=0x87869ac) at mod_perl.c:897
#13 0x80e6379 in ap_invoke_handler () at eval.c:88
#14 0x80fbbdf in process_request_internal () at eval.c:88
#15 0x80fbc4a in ap_process_request () at eval.c:88
#16 0x80f2897 in child_main () at eval.c:88
#17 0x80f2a55 in make_child () at eval.c:88
#18 0x80f2bd6 in startup_children () at eval.c:88
#19 0x80f326d in standalone_main () at eval.c:88
#20 0x80f3acc in main () at eval.c:88
#21 0x400a475d in __libc_start_main (main=0x80f3738 main, argc=4,
ubp_av=0xbae4, init=0x807a628 _init, fini=0x8286704 _fini,
rtld_fini=0x4000b8f4 _dl_fini, stack_end=0xbadc)
at ../sysdeps/generic/libc-start.c:129
Loaded modules of the application are quite a lot:
Apache Apache::Connection Apache::Constants Apache::Constants::Exports
Apache::HeavyCGI Apache::HeavyCGI::Date Apache::HeavyCGI::Exception
Apache::HeavyCGI::ExePlan Apache::HeavyCGI::Layout Apache::Request
Apache::Server Apache::Status Apache::Symbol Apache::Table Apache::URI
AutoLoader B Carp Class::Singleton Compress::Zlib Config Cwd
DBD::mysql DBI Data::Dumper Devel::Symdump DirHandle DynaLoader Encode
Encode::Alias Encode::Config Encode::Encoding Exporter Exporter::Heavy
ExtUtils::Manifest Fcntl File::Basename File::Copy File::Find
File::Spec File::Spec::Unix HTML::Entities HTML::Parser HTTP::Date IO
IO::File IO::Handle IO::Seekable List::Util Mail::Mailer
Mail::Mailer::rfc822 Mail::Mailer::sendmail Mail::Send Scalar::Util
SelectSaver String::Random Symbol Text::Tabs Text::Wrap Time::HiRes
Time::Local URI URI::Escape URI::URL URI::WithBase URI::_generic
URI::_query URI::_server URI::_userpass URI::ftp Unicode::String
XML::Parser XML::Parser::Expat XSLoader base bytes constant fields
integer lib mod_perl overload pause_1999::authensegv
pause_1999::configsegv re strict utf8 vars warnings warnings::register
Most of the modules are not involved in any action, most of the
testscript is unused code. The test script only does the following:
1. Authentication via DBI (mysql)
2. Receive an uploaded file via Apache::Request
3. Send mail
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, 13 Jun 2002, Andreas J. Koenig wrote:
this might be worth a try. since the segv is something stdio, must be one
of std{out,err} getting corrupted somehow. ap_error_log2stderr does
this:
API_EXPORT(void) ap_error_log2stderr(server_rec *s) {
if ( s-error_log != NULL
fileno(s-error_log) != STDERR_FILENO)
dup2(fileno(s-error_log), STDERR_FILENO);
}
no other suspects at the moment. of course, something else in your mix
could be messing with std{out,err}. strace might reveal some clues.
--- src/modules/perl/mod_perl.c~Wed May 22 21:23:18 2002
+++ src/modules/perl/mod_perl.c Thu Jun 13 10:24:59 2002
-1454,7 +1454,7
#endif
/* hookup stderr to error_log */
-#ifndef PERL_TRACE
+#if 0
if(r-server-error_log)
error_log2stderr(r-server);
#endif
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, 13 Jun 2002, Andreas J. Koenig wrote: Program received signal SIGSEGV, Segmentation fault. 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43 43 iofflush.c: No such file or directory. (gdb) bt #0 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43 also, if possible could you: (gdb) p *fp
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, Jun 13, 2002 at 08:26:30PM +0200, Andreas J. Koenig wrote:
On Thu, 13 Jun 2002 10:32:01 -0700 (PDT), Doug MacEachern [EMAIL PROTECTED]
said:
On Thu, 13 Jun 2002, Andreas J. Koenig wrote:
Program received signal SIGSEGV, Segmentation fault.
0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
43 iofflush.c: No such file or directory.
(gdb) bt
#0 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
also, if possible could you:
(gdb) p *fp
(gdb) p *fp
I'll try the other suggestions next.
Mine probably doesn't help much since the pointer seems to be non-NULL...
$1 = {_flags = 1075460144,
_IO_read_ptr = 0x401a3830
0ã\210\b0ã\210\bØñw\bØñw\b88\032@88\032@@8\032@@8\032@H8\032@H8\032@P8\032@P8\032@X8\032@X8\032@`8\032@`8\032@h8\032@h8\032@p8\032@p8\032@x8\032@x8\032@\2008\032@\2008\032@\2108\032@\2108\032@\2208\032@\2208\032@\2308\032@\2308\032@ 8\032@ 8\032@¨8\032@¨8\032@°8\032@°8\032@¸8\032@¸8\032@À8\032@À8\032@È8\032@È8\032@0ð\213\b0ð\213\bØ8\032@Ø8\032@à8\032@à8\032@è8\032@è8\032@...,
This doesn't look good...
_IO_read_end = 0x646e4128 Address 0x646e4128 out of bounds,
_IO_read_base = 0x73616572 Address 0x73616572 out of bounds,
_IO_write_base = 0x202e4a20 Address 0x202e4a20 out of bounds,
_IO_write_ptr = 0x6eb6c34b Address 0x6eb6c34b out of bounds,
_IO_write_end = 0x20296769 Address 0x20296769 out of bounds,
_IO_buf_base = 0x69736976 Address 0x69736976 out of bounds,
_IO_buf_end = 0x20646574 Address 0x20646574 out of bounds,
_IO_save_base = 0x20656874 Address 0x20656874 out of bounds,
_IO_backup_base = 0x53554150 Address 0x53554150 out of bounds,
_IO_save_end = 0x20200a45 Address 0x20200a45 out of bounds,
These look fishy...
_markers = 0x20646e61, _chain = 0x75716572, _fileno = 1702130533,
_blksize = 1851859044, _old_offset = 1819309344, _cur_column = 24943,
_vtable_offset = 100 'd', _shortbuf = , _lock = 0x6f746e69,
_offset = 8243109245980600352, _codecvt = 0x72696420,
_wide_data = 0x6f746365, _mode = 170817906,
_unused2 = The request used the following parameters\n\n SUBMIT_}
If this is an unused field why does it contain a very readable string :-)
In my Linux stdio.h unused2 is int _unused2[16], but off-hand I don't
even think it should be part of a FILE, so I really don't know what to say.
--
$jhi++; # http://www.iki.fi/jhi/
# There is this special biologist word we use for 'stable'.
# It is 'dead'. -- Jack Cohen
Re: SEGV in bleadperl@17165 under mod_perl
_IO_read_end = 0x646e4128 Address 0x646e4128 out of bounds, _IO_read_base = 0x73616572 Address 0x73616572 out of bounds, _IO_write_base = 0x202e4a20 Address 0x202e4a20 out of bounds, _IO_write_ptr = 0x6eb6c34b Address 0x6eb6c34b out of bounds, _IO_write_end = 0x20296769 Address 0x20296769 out of bounds, _IO_buf_base = 0x69736976 Address 0x69736976 out of bounds, _IO_buf_end = 0x20646574 Address 0x20646574 out of bounds, _IO_save_base = 0x20656874 Address 0x20656874 out of bounds, _IO_backup_base = 0x53554150 Address 0x53554150 out of bounds, _IO_save_end = 0x20200a45 Address 0x20200a45 out of bounds, These look fishy... $ perl -le 'print pack i, hex $_ foreach ARGV' 0x646e4128 0x73616572 0x202e4a20 0x6eb6c34b 0x20296769 0x69736976 0x20646574 0x20656874 0x53554150 0x20200a45 0x20646e61 (And reas J. Kön ig) visi ted the PAUS E Ouch. How did you even start to suspect this? Because the hexdigitsq looked like fitting well into the ASCII range? 08\cZ 08\cZ (Andreas J. König) visited the PAUSE and reqested an upload into his/her directory.\n . The request used the following parameters\n\n SUBMIT_ I think. (that's König in utf8, isn't it?) Yes. I don't think we're in FILE* any longer, Toto. (and I didn't get the misquote quite correct, did I?) What's a good memory leak checker for running PAUSE under? valgrind with Dunno about memory *leaks* but definitely looks like fandango on core... showleaks turned on? -- $jhi++; # http://www.iki.fi/jhi/ # There is this special biologist word we use for 'stable'. # It is 'dead'. -- Jack Cohen
Re: SEGV in bleadperl@17165 under mod_perl
seems to be an Apache::Request issue with perlio. i can get a similar
segv with the modperl test change below.
system() triggers a PERL_FLUSHALL_FOR_CHILD; with the Apache::Upload
filehandles still alive. there is some ugly code to import the FILE* from
ApacheUpload_fh to a PerlIO, which could be the culprit.
is there any way to flag a PerlIO to not be flushed during
PerlIO_flush(NULL) ?
--- t/net/perl/request-upload.pl~ Thu Dec 30 11:51:16 1999
+++ t/net/perl/request-upload.plThu Jun 13 14:31:37 2002
-28,7 +28,8
my $name = $upload-name;
my $type = $upload-type;
next unless $filename;
-
+local $ENV{PATH} = '/bin';
+system /bin/echo $filename /tmp/uploads;
print $name $filename ($type);
if ($fh and $name) {
no strict;
Re: SEGV in bleadperl@17165 under mod_perl
also note that the problem goes away if PERL_FLUSHALL_FOR_CHILD happens
after the Apache::Upload handles have gone out of scope. the change below
does not trigger and segvs, all tests pass. andreas, you could try to
make sure your Apache::Upload handles have gone out of scope (or are
undef-ed) before calling Mail::Mailer. also make sure you are using
the 1.0 version of libapreq, i think older versions leaked filehandles.
--- t/net/perl/request-upload.pl~ Thu Dec 30 11:51:16 1999
+++ t/net/perl/request-upload.plThu Jun 13 14:41:51 2002
-107,3 +107,5
print $filename bytes=$bytes,wanted=$wanted\n;
}
+local $ENV{PATH} = '/bin';
+system /bin/echo ok /tmp/uploads;
Re: SEGV in bleadperl@17165 under mod_perl
patch below also cures (when calling system() with Apache::Upload handles still alive). seems PerlIO_importFILE() should have a mode argument, in this case we only want to allow reading on the given FILE* --- Request/Request.xs~ Sun Jan 20 09:27:35 2002 +++ Request/Request.xs Thu Jun 13 15:07:28 2002 -38,6 +38,7 #undef __attribute__ #include mod_perl.h +#include perliol.h #ifdef WIN32 -494,6 +495,7 CODE: if ( ( RETVAL = PerlIO_importFILE(ApacheUpload_fh(upload),0) ) == NULL ) XSRETURN_UNDEF; +PerlIOBase((PerlIO*)RETVAL)-flags = ~PERLIO_F_CANWRITE; OUTPUT: RETVAL
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, Jun 13, 2002 at 09:36:42PM +0300, Jarkko Hietaniemi wrote:
On Thu, Jun 13, 2002 at 08:26:30PM +0200, Andreas J. Koenig wrote:
On Thu, 13 Jun 2002 10:32:01 -0700 (PDT), Doug MacEachern
[EMAIL PROTECTED] said:
On Thu, 13 Jun 2002, Andreas J. Koenig wrote:
Program received signal SIGSEGV, Segmentation fault.
0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
43 iofflush.c: No such file or directory.
(gdb) bt
#0 0x400ed761 in _IO_fflush (fp=0x877f1e0) at iofflush.c:43
also, if possible could you:
(gdb) p *fp
(gdb) p *fp
I'll try the other suggestions next.
Mine probably doesn't help much since the pointer seems to be non-NULL...
$1 = {_flags = 1075460144,
_IO_read_ptr = 0x401a3830
0ã\210\b0ã\210\bØñw\bØñw\b88\032@88\032@@8\032@@8\032@H8\032@H8\032@P8\032@P8\032@X8\032@X8\032@`8\032@`8\032@h8\032@h8\032@p8\032@p8\032@x8\032@x8\032@\2008\032@\2008\032@\2108\032@\2108\032@\2208\032@\2208\032@\2308\032@\2308\032@ 8\032@ 8\032@¨8\032@¨8\032@°8\032@°8\032@¸8\032@¸8\032@À8\032@À8\032@È8\032@È8\032@0ð\213\b0ð\213\bØ8\032@Ø8\032@à8\032@à8\032@è8\032@è8\032@...,
This doesn't look good...
_IO_read_end = 0x646e4128 Address 0x646e4128 out of bounds,
_IO_read_base = 0x73616572 Address 0x73616572 out of bounds,
_IO_write_base = 0x202e4a20 Address 0x202e4a20 out of bounds,
_IO_write_ptr = 0x6eb6c34b Address 0x6eb6c34b out of bounds,
_IO_write_end = 0x20296769 Address 0x20296769 out of bounds,
_IO_buf_base = 0x69736976 Address 0x69736976 out of bounds,
_IO_buf_end = 0x20646574 Address 0x20646574 out of bounds,
_IO_save_base = 0x20656874 Address 0x20656874 out of bounds,
_IO_backup_base = 0x53554150 Address 0x53554150 out of bounds,
_IO_save_end = 0x20200a45 Address 0x20200a45 out of bounds,
These look fishy...
$ perl -le 'print pack i, hex $_ foreach @ARGV' 0x646e4128 0x73616572 0x202e4a20
0x6eb6c34b 0x20296769 0x69736976 0x20646574 0x20656874 0x53554150 0x20200a45
0x20646e61
(And
reas
J.
Kön
ig)
visi
ted
the
PAUS
E
_markers = 0x20646e61, _chain = 0x75716572, _fileno = 1702130533,
_blksize = 1851859044, _old_offset = 1819309344, _cur_column = 24943,
_vtable_offset = 100 'd', _shortbuf = , _lock = 0x6f746e69,
_offset = 8243109245980600352, _codecvt = 0x72696420,
_wide_data = 0x6f746365, _mode = 170817906,
_unused2 = The request used the following parameters\n\n SUBMIT_}
$ perl -le 'print pack i, hex $_ foreach @ARGV' 0x20646e61 0x75716572
and
requ
$ perl -le 'print pack i, $_ foreach @ARGV' 1702130533 1851859044 1819309344
este
d an
upl
$ perl -le 'print pack s, $_ foreach @ARGV' 24943
oa
'd'
perl -le 'print pack i, hex $_ foreach @ARGV' 0x6f746e69
into
perl13693-64 -le 'print pack Q, 8243109245980600352'
his/her
perl -le 'print pack i, hex $_ foreach @ARGV' 0x72696420 0x6f746365
dir
ecto
perl -le 'print pack i, $_ foreach @ARGV' 170817906
ry.
If this is an unused field why does it contain a very readable string :-)
In my Linux stdio.h unused2 is int _unused2[16], but off-hand I don't
even think it should be part of a FILE, so I really don't know what to say.
08\cZ@
08\cZ@
(Andreas J. König) visited the PAUSE and reqested an upload into his/her
directory.\n .
The request used the following parameters\n\n SUBMIT_
I think. (that's König in utf8, isn't it?)
I don't think we're in FILE* any longer, Toto.
(and I didn't get the misquote quite correct, did I?)
What's a good memory leak checker for running PAUSE under? valgrind with
showleaks turned on?
Nicholas Clark
--
Even better than the real thing:http://nms-cgi.sourceforge.net/
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, 13 Jun 2002 15:11:04 -0700 (PDT), Doug MacEachern [EMAIL PROTECTED] said: patch below also cures (when calling system() with Apache::Upload handles still alive). Thank you so much, Doug. Your diagnostics confirmed: the upload filehandle was still in scope. The fix to Request.xs fixes the bug as does narrowing the scope of the filehandle. Phew! -- andreas
Re: SEGV in bleadperl@17165 under mod_perl
On Thu, Jun 13, 2002 at 11:22:46PM +0300, Jarkko Hietaniemi wrote: _IO_read_end = 0x646e4128 Address 0x646e4128 out of bounds, _IO_read_base = 0x73616572 Address 0x73616572 out of bounds, _IO_write_base = 0x202e4a20 Address 0x202e4a20 out of bounds, _IO_write_ptr = 0x6eb6c34b Address 0x6eb6c34b out of bounds, _IO_write_end = 0x20296769 Address 0x20296769 out of bounds, _IO_buf_base = 0x69736976 Address 0x69736976 out of bounds, _IO_buf_end = 0x20646574 Address 0x20646574 out of bounds, _IO_save_base = 0x20656874 Address 0x20656874 out of bounds, _IO_backup_base = 0x53554150 Address 0x53554150 out of bounds, _IO_save_end = 0x20200a45 Address 0x20200a45 out of bounds, These look fishy... $ perl -le 'print pack i, hex $_ foreach ARGV' 0x646e4128 0x73616572 0x202e4a20 0x6eb6c34b 0x20296769 0x69736976 0x20646574 0x20656874 0x53554150 0x20200a45 0x20646e61 (And reas J. Kön ig) visi ted the PAUS E Ouch. How did you even start to suspect this? Because the hexdigitsq looked like fitting well into the ASCII range? Yes. Basically. :-) I didn't get where I am today ... by not being suspicious about 0x646e It there seemed to be rather too many bytes in ASCII letter range. Particularly that there were steady 4 bytes all in ASCII range. Most integers and pointers don't look like that on 32 bit systems - most integers don't need to be that big, and most pointers have more 0 bits in them. (People (like me at work) will mess this up by trying to use all of the 32 bit memory map to store large volumes of data) To be honest I didn't remember that 6x was lower case (ie I should actually also be suspicious about numbers in the range 0x41-0x5A) but after finding that I had a good start with a word: $ perl -le 'print pack i, hex $_ foreach ARGV' 0x646e4128 (And I just kept on going. What's a good memory leak checker for running PAUSE under? valgrind with Dunno about memory *leaks* but definitely looks like fandango on core... Ah. That's what valgrind is good for finding the cause of. By the way, did I say that I like valgrind? I like ccache too. (The two are unrelated, other than they are both GPL and I like them both). The samba folks have a new scary thing under development - a distributed compile demon. I'm not sure how useful that is to most of us, except that it should allow anyone with 2+ similar machines a chance to debug Makefiles running under -j :-) Nicholas Clark -- Even better than the real thing:http://nms-cgi.sourceforge.net/
Re: SEGV in bleadperl@17165 under mod_perl
On Wed, 12 Jun 2002 17:18:53 +0100, Nick Ing-Simmons [EMAIL PROTECTED] said: Is this apache running multi-threaded? or just serially ? So far only tested with -Dusemultiplicity -Duseperlio. IIRC the back trace the SEGV was in stdio rather than in perl itself, suggesting that something else (the child?, another thread?) had done something nasty to the FILE *. Currently I have a testcase that is still 7300 lines of perl code for the server (after all these are in one file) but only 50 lines for the client. I hope to cut that down to a reasonable size tomorrow. Does it work with PERLIO=perlio or Configure -Ud_stdstdio ? Neither nor. -- andreas
Re: SEGV in bleadperl@17165 under mod_perl
On Tue, 11 Jun 2002, Andreas J. Koenig wrote: PAUSE is suffering from a SEGV since I installed RC1. After I upgraded yesterday to snapshot 17165 I finally caught the following within gdb. I'd appreciate further instructions where to go from here. test case? #4 0x816fc96 in Perl_my_popen (my_perl=0x82ffcc8, cmd=0x8a073f1 -, mode=0xb828 w) at util.c:2080 looks like something along the lines of: open my $foo, '|-' or ...; ?
Re: SEGV in bleadperl@17165 under mod_perl
As Jarkko and Nick have pointed out, line numbering is off. I cannot find out why this is the case, the sources *are* from 17165 as I can verify via Apache::Status. On Tue, 11 Jun 2002 08:23:18 -0700 (PDT), Doug MacEachern [EMAIL PROTECTED] said: doug On Tue, 11 Jun 2002, Andreas J. Koenig wrote: PAUSE is suffering from a SEGV since I installed RC1. After I upgraded yesterday to snapshot 17165 I finally caught the following within gdb. I'd appreciate further instructions where to go from here. doug test case? If you had a chance to log into PAUSE, I can send you instructions how to start a server for testing. Requirement to provoke the SEGV seems to be - upload a file (which I do via Apache::Request) and - submit some menu item that sends mail (which I do via Mail::Mailer), e.g. change your name I seem to recall, that once I needed yet another mail sending action, but I'm not sure. #4 0x816fc96 in Perl_my_popen (my_perl=0x82ffcc8, cmd=0x8a073f1 -, mode=0xb828 w) at util.c:2080 doug looks like something along the lines of: doug open my $foo, '|-' or ...; This is indeed done by Mail::Mailer. -- andreas
