Fix committed by dillon@

Yes, it was very handy to have the installer in the source tree and
moreover being able to quickly recompile it and run it directly on the
system.

Pierre Riteau

:OK, I tracked it down to an off-by-one that was probably corrupting
:malloc internals.
:
:A quick grep through the code found the same issue in other files
:(looks like copy and paste).
:
:Diff inline below.
:
:Pierre Riteau

    Excellent sleuthing!  We'll get these patches committed ASAP.

    This is also a dividend of the easier access to the installer sources
    we got when Dave Hayes ported it into the base system bulid.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>

OK, I tracked it down to an off-by-one that was probably corrupting
malloc internals.

A quick grep through the code found the same issue in other files
(looks like copy and paste).

Diff inline below.

Pierre Riteau

Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_caps.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c	26 Jul 2008 18:50:59 -0000
@@ -285,7 +285,7 @@ dfui_caps_fe_ll_request(struct dfui_conn
 	 * Construct a message.
 	 */

-	fmsg = aura_malloc(strlen(msg) + 1, "exchange message");
+	fmsg = aura_malloc(strlen(msg) + 2, "exchange message");
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);
 	dfui_debug("SEND<<%s>>\n", fmsg);
Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_npipe.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c	26 Jul 2008 18:49:00 -0000
@@ -340,7 +340,7 @@ dfui_npipe_fe_ll_request(struct dfui_con
 	 * Construct a message.
 	 */

-	fmsg = malloc(strlen(msg) + 1);
+	fmsg = malloc(strlen(msg) + 2);
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);

Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_tcp.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c	26 Jul 2008 17:11:57 -0000
@@ -394,7 +394,7 @@ dfui_tcp_fe_ll_request(struct dfui_conne
 	 * Construct a message.
 	 */

-	fmsg = malloc(strlen(msg) + 1);
+	fmsg = malloc(strlen(msg) + 2);
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);
 	dfui_debug("SEND<<%s>>\n", fmsg);

It is in VMware with a VM having 256MB of RAM. I tried again and I could
reproduce it, by logging in as installer or as root.
I can make available the core file of dfuife_curses if you want.

Pierre Riteau

I experimented same segfault when installing 2.0 under KVM, but I have 
been unable to reproduce it. I followed just the same path as Pierre.

Regards,
Antonio Huete

:Pierre Riteau wrote:
:> Hi,
:> I was installing DragonFlyBSD 2.0.0 to try out HAMMER and the installer
:> segfaulted.
:> Can anyone reproduce it?
:> Launch the installer, go to "Configure an Installer System", select the
:> system then choose "Select timezone", answer YES to the question about
:> UTC and then select Europe: the installer freezes and I get on the other
:> tty "pid 1724 (dfuife_curses), uid 0: exited on signal 11 (core dumped)".
:> 
:> I could debug it but I would need to finish the install and get the
:> source tree first, so if anyone wants to take a look at it, that would
:> be great.
:
:Try this: Login as "root" and then type "installer". IIRC, I had a
:similar problem (at least once). Nevertheless, the bug should be fixed.
:
:Regards,
:
:   Michael

    Very odd.  It seems to work fine when I try it (by logging in as
    'installer').

    Maybe there's a memory corruption issue in the installer and the
    problem is due to some prior action.  When you select 'Europe'
    it does have to allocate fairly large list to generate the next
    menu.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>

Try this: Login as "root" and then type "installer". IIRC, I had a
similar problem (at least once). Nevertheless, the bug should be fixed.

Regards,

   Michael

Hi,
I was installing DragonFlyBSD 2.0.0 to try out HAMMER and the installer
segfaulted.
Can anyone reproduce it?
Launch the installer, go to "Configure an Installer System", select the
system then choose "Select timezone", answer YES to the question about
UTC and then select Europe: the installer freezes and I get on the other
tty "pid 1724 (dfuife_curses), uid 0: exited on signal 11 (core dumped)".

I could debug it but I would need to finish the install and get the
source tree first, so if anyone wants to take a look at it, that would
be great.

Pierre Riteau