From never@rabbit.netstyle.com.ua  Wed Dec 12 00:41:27 2001
Return-Path: <never@rabbit.netstyle.com.ua>
Received: from rabbit.netstyle.com.ua (rabbit.netstyle.com.ua [193.193.194.5])
	by hub.freebsd.org (Postfix) with ESMTP id 2EBFE37B416
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 12 Dec 2001 00:41:24 -0800 (PST)
Received: (from never@localhost)
	by rabbit.netstyle.com.ua (8.11.6/8.11.3) id fBC8hcI48346;
	Wed, 12 Dec 2001 10:43:38 +0200 (EET)
	(envelope-from never)
Message-Id: <200112120843.fBC8hcI48346@rabbit.netstyle.com.ua>
Date: Wed, 12 Dec 2001 10:43:38 +0200 (EET)
From: "Alexandr P. Kovalenko" <never@nevermind.kiev.ua>
Reply-To: "Alexandr P. Kovalenko" <never@nevermind.kiev.ua>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ftpd segfaults after get
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         32740
>Category:       bin
>Synopsis:       ftpd segfaults after get
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    yar
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Dec 12 00:50:01 PST 2001
>Closed-Date:    Mon Jan 28 11:29:49 PST 2002
>Last-Modified:  Mon Jan 28 11:32:10 PST 2002
>Originator:     Alexandr P. Kovalenko
>Release:        FreeBSD 4.4-STABLE i386
>Organization:
Net.Style Ltd.
>Environment:
System: FreeBSD rabbit.netstyle.com.ua 4.4-STABLE FreeBSD 4.4-STABLE #0: Thu Dec 6 12:47:02 EET 2001 root@rabbit.netstyle.com.ua:/usr/obj/usr/src/sys/rabbit i386

>Description:
# grep 43138 ftpd.log
Dec 11 16:34:25 rabbit ftpd[43138]: connection from h13.227.dialup.iptcom.net (212.9.227.13)
Dec 11 16:34:26 rabbit ftpd[43138]: FTP LOGIN FROM h13.227.dialup.iptcom.net as atlon
Dec 11 16:35:26 rabbit ftpd[43138]: get /usr/local/www/www.atlon.com.ua/htdocs/content/price/header.htm = 18 bytes

# ls -la /usr/local/www/www.atlon.com.ua/htdocs/contect/price/header.htm
-rw-r--r--  1 atlon  nobody  18 Dec 10 18:19 /usr/local/www/www.atlon.com.ua/htdocs/content/price/header.htm

daily security output:
> pid 43138 (ftpd), uid 3033: exited on signal 11
> Dec 11 16:35:26 rabbit /kernel: pid 43138 (ftpd), uid 3033: exited on signal 11

uid 3033 is user atlon

>How-To-Repeat:
	I cannot reproduce this error for sure, it happens according to very
	strange law...
>Fix:

	Haven't find anything that could cause this on 'get' in sources. Maybe you
	will?
>Release-Note:
>Audit-Trail:

From: "Crist J . Clark" <cjc@FreeBSD.ORG>
To: "Alexandr P. Kovalenko" <never@nevermind.kiev.ua>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/32740: ftpd segfaults after get
Date: Mon, 17 Dec 2001 03:36:09 -0800

 On Wed, Dec 12, 2001 at 10:43:38AM +0200, Alexandr P. Kovalenko wrote:
 [snip]
 
 > daily security output:
 > > pid 43138 (ftpd), uid 3033: exited on signal 11
 > > Dec 11 16:35:26 rabbit /kernel: pid 43138 (ftpd), uid 3033: exited on signal 11
 > 
 > uid 3033 is user atlon
 > 
 > >How-To-Repeat:
 > 	I cannot reproduce this error for sure, it happens according to very
 > 	strange law...
 > >Fix:
 > 
 > 	Haven't find anything that could cause this on 'get' in sources. Maybe you
 > 	will?
 
 Have a look at,
 
   http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/troubleshoot.html#SIGNAL11
 
 Anything there look familiar? Is ftpd(8) the only on dying like this?
 Do you have a better idea of how to reproduce this yet?
 -- 
 "It's always funny until someone gets hurt. Then it's hilarious."
 
 Crist J. Clark                     |     cjclark@alum.mit.edu
                                    |     cjclark@jhu.edu
 http://people.freebsd.org/~cjc/    |     cjc@freebsd.org
State-Changed-From-To: open->feedback 
State-Changed-By: cjc 
State-Changed-When: Mon Dec 17 04:11:37 PST 2001 
State-Changed-Why:  
We need more information to zero in on any problem (if one exists). 


http://www.FreeBSD.org/cgi/query-pr.cgi?pr=32740 

From: Nevermind <never@nevermind.kiev.ua>
To: "Crist J . Clark" <cjc@FreeBSD.ORG>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/32740: ftpd segfaults after get
Date: Mon, 17 Dec 2001 16:27:20 +0200

 Hello, Crist J . Clark!
 
 On Mon, Dec 17, 2001 at 03:36:09AM -0800, you wrote:
 
 > > > pid 43138 (ftpd), uid 3033: exited on signal 11
 > > > Dec 11 16:35:26 rabbit /kernel: pid 43138 (ftpd), uid 3033: exited on signal 11
 > > 
 > > uid 3033 is user atlon
 > > 
 > > >How-To-Repeat:
 > > 	I cannot reproduce this error for sure, it happens according to very
 > > 	strange law...
 > > >Fix:
 > > 
 > > 	Haven't find anything that could cause this on 'get' in sources. Maybe you
 > > 	will?
 >   http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/troubleshoot.html#SIGNAL11
 > 
 > Anything there look familiar? Is ftpd(8) the only on dying like this?
 I've checked URL, nothing looks familiar, I have not overclocked CPU, I
 have brand new Trascend memory, I have 400W power suppoly and ftpd(8) is
 the only one which is dying like this. No 11 signals except for ftpd.
 This server is pretty loaded with apache/mysql/postgresql, and nothing
 segfaults except for ftpd.
 > Do you have a better idea of how to reproduce this yet?
 No, unfortunately... I had this problem few times on different hardware
 known to be absolutely good.
 And the strange thing -- it does not leave core...
 
 -- 
 NEVE-RIPE
State-Changed-From-To: feedback->analyzed 
State-Changed-By: yar 
State-Changed-When: Mon Dec 24 10:37:30 PST 2001 
State-Changed-Why:  
I've investigated such segfaults on my pretty busy FTP server. 
They result from bogus signal handling in the old BSD FTPD, 
when non-reentrant functions are called from signal handlers etc. 
I'm working on merging OpenBSD improvements to FTPD, which include 
proper signal handling. 


Responsible-Changed-From-To: freebsd-bugs->yar 
Responsible-Changed-By: yar 
Responsible-Changed-When: Mon Dec 24 10:37:30 PST 2001 
Responsible-Changed-Why:  
I'm working on the solution. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=32740 
State-Changed-From-To: analyzed->closed 
State-Changed-By: yar 
State-Changed-When: Mon Jan 28 11:29:49 PST 2002 
State-Changed-Why:  
PR bin/33846 describes the same problem in much greater detail. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=32740 
>Unformatted:
