Bug #1080
closed
Segfault in the 2.0.0 installer
0%
Description
Hi,
I was installing DragonFlyBSD 2.0.0 to try out HAMMER and the installer
segfaulted.
Can anyone reproduce it?
Launch the installer, go to "Configure an Installer System", select the
system then choose "Select timezone", answer YES to the question about
UTC and then select Europe: the installer freezes and I get on the other
tty "pid 1724 (dfuife_curses), uid 0: exited on signal 11 (core dumped)".
I could debug it but I would need to finish the install and get the
source tree first, so if anyone wants to take a look at it, that would
be great.
Pierre Riteau
Updated by mneumann over 16 years ago
Try this: Login as "root" and then type "installer". IIRC, I had a
similar problem (at least once). Nevertheless, the bug should be fixed.
Regards,
Michael
Updated by dillon over 16 years ago
:Pierre Riteau wrote:
:> Hi,
:> I was installing DragonFlyBSD 2.0.0 to try out HAMMER and the installer
:> segfaulted.
:> Can anyone reproduce it?
:> Launch the installer, go to "Configure an Installer System", select the
:> system then choose "Select timezone", answer YES to the question about
:> UTC and then select Europe: the installer freezes and I get on the other
:> tty "pid 1724 (dfuife_curses), uid 0: exited on signal 11 (core dumped)".
:>
:> I could debug it but I would need to finish the install and get the
:> source tree first, so if anyone wants to take a look at it, that would
:> be great.
:
:Try this: Login as "root" and then type "installer". IIRC, I had a
:similar problem (at least once). Nevertheless, the bug should be fixed.
:
:Regards,
:
: Michael
Very odd. It seems to work fine when I try it (by logging in as
'installer').Maybe there's a memory corruption issue in the installer and the
problem is due to some prior action. When you select 'Europe'
it does have to allocate fairly large list to generate the next
menu.-Matt
Matthew Dillon
<dillon@backplane.com>
Updated by ahuete.devel over 16 years ago
I experimented same segfault when installing 2.0 under KVM, but I have
been unable to reproduce it. I followed just the same path as Pierre.
Regards,
Antonio Huete
Updated by pierre.riteau over 16 years ago
It is in VMware with a VM having 256MB of RAM. I tried again and I could
reproduce it, by logging in as installer or as root.
I can make available the core file of dfuife_curses if you want.
Pierre Riteau
Updated by pierre.riteau over 16 years ago
OK, I tracked it down to an off-by-one that was probably corrupting
malloc internals.
A quick grep through the code found the same issue in other files
(looks like copy and paste).
Diff inline below.
Pierre Riteau
Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c,v
retrieving revision 1.1.1.1
diff p -u -r1.1.1.1 conn_caps.c contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c 12 Mar 2008 22:15:54 -0000 1.1.1.1
--
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c 26 Jul 2008 18:50:59 -0000@ -285,7 +285,7 @ dfui_caps_fe_ll_request(struct dfui_conn
* Construct a message.
*/
- fmsg = aura_malloc(strlen(msg) + 1, "exchange message");
+ fmsg = aura_malloc(strlen(msg) + 2, "exchange message");
fmsg0 = msgtype;
strcpy(fmsg + 1, msg);
dfui_debug("SEND<<%s>>\n", fmsg);
Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c,v
retrieving revision 1.1.1.1
diff p -u -r1.1.1.1 conn_npipe.c contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c 12 Mar 2008 22:15:54 -0000 1.1.1.1
--
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c 26 Jul 2008 18:49:00 -0000@ -340,7 +340,7 @ dfui_npipe_fe_ll_request(struct dfui_con
* Construct a message.
*/
- fmsg = malloc(strlen(msg) + 1);
+ fmsg = malloc(strlen(msg) + 2);
fmsg0 = msgtype;
strcpy(fmsg + 1, msg);
Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c,v
retrieving revision 1.1.1.1
diff p -u -r1.1.1.1 conn_tcp.c contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c 12 Mar 2008 22:15:54 -0000 1.1.1.1
--
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c 26 Jul 2008 17:11:57 -0000@ -394,7 +394,7 @ dfui_tcp_fe_ll_request(struct dfui_conne
* Construct a message.
*/
- fmsg = malloc(strlen(msg) + 1);
+ fmsg = malloc(strlen(msg) + 2);
fmsg0 = msgtype;
strcpy(fmsg + 1, msg);
dfui_debug("SEND<<%s>>\n", fmsg);
Updated by dillon over 16 years ago
:OK, I tracked it down to an off-by-one that was probably corrupting
:malloc internals.
:
:A quick grep through the code found the same issue in other files
:(looks like copy and paste).
:
:Diff inline below.
:
:Pierre Riteau
Excellent sleuthing! We'll get these patches committed ASAP.This is also a dividend of the easier access to the installer sources
we got when Dave Hayes ported it into the base system bulid.-Matt
Matthew Dillon
<dillon@backplane.com>
Updated by pierre.riteau over 16 years ago
Yes, it was very handy to have the installer in the source tree and
moreover being able to quickly recompile it and run it directly on the
system.
Pierre Riteau
Updated by