Hi,
I've rebuilt rsync (which was running just fine for quite some time)
and it works if used via ssh or if the daemon is started via ssh.
But it crashed in daemon mode (started standalone or by xinetd)
Here is the gdb log
gdb ...
set follow-fork-mode child
run --daemon --no-detach
Program received signal SIGSEGV, Segmentation fault.
[Switching to process 32521]
0x08056577 in glob_expand (base1=0x5 <Address 0x5 out of bounds>,
argv_ptr=0xbfa4a20c, argc_ptr=0xbfa4a210, maxargs_ptr=0xbfa4a214)
at util.c:548
548 if (!(argv[argc++] =
strdup(globbuf.gl_pathv[i])))
(gdb) where
#0 0x08056577 in glob_expand (base1=0x5 <Address 0x5 out of bounds>,
argv_ptr=0xbfa4a20c, argc_ptr=0xbfa4a210, maxargs_ptr=0xbfa4a214)
at util.c:548
#1 0x080710f6 in start_daemon (f_in=7, f_out=7) at clientserver.c:451
line 451: glob_expand(name, &argv, &argc, &maxargs);
line 232: char *name = lp_name(i);
within gdb:
print lp_name
$1 = {char *(int)} 0x806f0c0 <lp_name>
(gdb) print lp_name@5
$2 = {{char *(int)} 0, {char *(int)} 0, {char *(int)} 0, {char *(int)} 0, {
char *(int)} 0}
I don't understand the code since I see 2 (global) definitions of
lp_name
first in t_stub.c
char *lp_name(UNUSED(int mod))
{
return NULL;
}
and second in loadparm.c
FN_LOCAL_STRING(lp_name, name)
where
#define FN_LOCAL_STRING(fn_name,val) \
char *fn_name(int i)
{return((LP_SNUM_OK(i)&&pSERVICE(i)->val)?pSERVICE(i)->val :
(sDefault.val?sDefault.val:""));}
#2 0x0806b9e5 in start_accept_loop (port=873, fn=0x80706a0
<start_daemon>)
at socket.c:512
#3 0x0807181a in daemon_main () at clientserver.c:675
#4 0x08058cbf in main (argc=0, argv=0x0) at main.c:1154
Any help is greatly appreciated,
Helmut.
--
Helmut Jarausch
Lehrstuhl fuer Numerische Mathematik
RWTH - Aachen University
D 52056 Aachen, Germany
On Fri 29 Jul 2005, Helmut Jarausch wrote:> > I've rebuilt rsync (which was running just fine for quite some time) > and it works if used via ssh or if the daemon is started via ssh. > But it crashed in daemon mode (started standalone or by xinetd)I just tested it, and for me it works, started standalone as /usr/bin/rsync --no-detach --daemon --config /etc/rsyncd.conf --address=192.168.1.2 Paul Slootman
On Fri, Jul 29, 2005 at 11:04:38AM +0200, Helmut Jarausch wrote:> But it crashed in daemon mode (started standalone or by xinetd)I've never seen this crash. Also, in your gdb output, it appears that the stack was corrupted by the crash, so it's not showing an accurate picture of the variables when the crash occurred (e.g. glob_expand_one() is missing from the backtrace). You might try running rsync under valgrind (if you have that) to see if it reports any errors (it works fine in my testing). Also, you could sprinkle some debug output into the glob_expand_one() routine (using fprintf(stderr, "...\n") works well with --no-detach) to help you narrow down what rsync is doing when it crashes (or attach gdb to the child and debug it -- I sometimes insert a sleep into the child process to make it easy to attach after the child has already started to run). As a stab in the dark, I wonder if glob() might be returning an error after modifying the globbuf structure. If so, the attached patch may have an affect on the problem (but I kinda doubt it).> I don't understand the code since I see 2 (global) definitions of > lp_nameOne is a stub for use in the testing programs and may be ignored. ..wayne.. -------------- next part -------------- --- util.c 27 Jul 2005 23:30:51 -0000 1.185 +++ util.c 29 Jul 2005 18:32:57 -0000 @@ -540,9 +540,8 @@ static void glob_expand_one(char *s, cha else s = strdup(s); - memset(&globbuf, 0, sizeof globbuf); - if (!filter_server_path(s)) - glob(s, 0, NULL, &globbuf); + if (filter_server_path(s) || glob(s, 0, NULL, &globbuf) != 0) + globbuf.gl_pathc = 0; if (MAX((int)globbuf.gl_pathc, 1) > maxargs - argc) { maxargs += globbuf.gl_pathc + MAX_ARGS; if (!(argv = realloc_array(argv, char *, maxargs)))