From nobody@FreeBSD.org  Tue Mar 21 06:32:59 2006
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B2BE516A41F
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 21 Mar 2006 06:32:59 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7B3E743D49
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 21 Mar 2006 06:32:59 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k2L6WxGg062337
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 21 Mar 2006 06:32:59 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id k2L6Wxgw062336;
	Tue, 21 Mar 2006 06:32:59 GMT
	(envelope-from nobody)
Message-Id: <200603210632.k2L6Wxgw062336@www.freebsd.org>
Date: Tue, 21 Mar 2006 06:32:59 GMT
From: Ganbold <ganbold@micom.mng.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: rcorder dumps core when does not use a proper RCng script (dansguardian)
X-Send-Pr-Version: www-2.3

>Number:         94767
>Category:       bin
>Synopsis:       [patch] rcorder(8) dumps core when does not use a proper RCng script (dansguardian)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    delphij
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 21 06:40:16 GMT 2006
>Closed-Date:    Wed Jun 21 15:35:41 GMT 2006
>Last-Modified:  Wed Jun 21 15:35:41 GMT 2006
>Originator:     Ganbold
>Release:        FreeBSD-7.0-CURRENT
>Organization:
>Environment:
FreeBSD gw.micom.mng.net 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Tue Mar 21 09:00:50 ULAT 2006     tsgan@gw.micom.mng.net:/usr/obj/usr/src/sys/GW  i386

>Description:
There is a rcorder problem with dansguardian-2.8.0.6 startup script on FreeBSD-7.0-CURRENT.

When booting rcorder complains and dumps core.
When I manually run rcorder -s nostart /etc/rc.d/* /usr/local/etc/rc.d/* it shows:
.
rcorder: Circular dependency on file `/usr/local/etc/rc.d/start-dg.sh'.
rcorder: Circular dependency on provision `squid' in file `/usr/local/etc/rc.d/start-dg.sh'.
/etc/rc.d/LOGIN
/usr/local/etc/rc.d/squid.sh
/usr/local/etc/rc.d/start-dg.sh
Segmentation fault (core dumped)

>How-To-Repeat:
Install dansguardian-2.8.0.6 and squid (Squid Cache: Version 2.5.STABLE12) from ports and try to reboot.
Or after installation one could run command:

rcorder -s nostart /etc/rc.d/* /usr/local/etc/rc.d/*


 
>Fix:
--- rcorder.c   Tue Mar 21 14:10:58 2006
+++ rcorder.c-new       Tue Mar 21 14:10:41 2006
@@ -798,8 +798,10 @@

        DPRINTF((stderr, "nuking %s\n", fnode->filename));
        if (was_set == 0) {
-               free(fnode->filename);
-               free(fnode);
+               if(fnode->next == NULL){
+                       free(fnode->filename);
+                       free(fnode);
+               }
        }
 }

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Tue Mar 21 07:20:43 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94767 

From: Adrian Steinmann <ast@marabu.ch>
To: bug-followup@FreeBSD.org
Cc: ganbold@micom.mng.net
Subject: Re: bin/94767: [patch] rcorder(8) dumps core when does not use a
 proper RCng script (dansguardian)
Date: Sat, 25 Mar 2006 18:13:54 +0100 (CET)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.
 
 --0-674585855-1143306834=:31295
 Content-Type: TEXT/PLAIN; charset=iso-8859-1; format=flowed
 Content-Transfer-Encoding: 8BIT
 
 
 I've run into this problem on -current too and have created three
 test cases which dump core. With the mentioned patch two of the
 cases are fixed, but one remains: It seems the "don't nuke unless
 last node" patch works when no third "stub dependancy" interferes.
 
 On 6.1-PRERELEASE all three test cases pass.
 
 Adrian
 
 Details:
 
 #!/bin/sh
 
 try()
 {
      [ $# -lt 2 ] && return
      echo "=============== TEST rcorder $@"
      files=$@
      cmd="rcorder $files"
      for f in $files
      do
          echo === cat $f:
          cat $f
      done
      rm -f rcorder.core
      echo === $cmd:
      eval $cmd
      [ -e rcorder.core ] && echo "DUMPED CORE - ^C to stop" && read a
      rm -f rcorder.core $@
      echo
 }
 
 { echo "# PROVIDE: A"; echo "# REQUIRE: B"; } >A
 { echo "# PROVIDE: B"; echo "# REQUIRE: A"; } >B
 try A B
 
 { echo "# PROVIDE: A"; echo "# REQUIRE: B C"; } >A
 { echo "# PROVIDE: B"; echo "# REQUIRE: A C"; } >B
 { echo "# PROVIDE: C"; } > C
 try A B C
 
 { echo "# PROVIDE: A"; echo "# REQUIRE: B"; } >A
 { echo "# PROVIDE: B"; echo "# REQUIRE: C"; } >B
 { echo "# PROVIDE: C"; echo "# REQUIRE: A"; } >C
 try A B C
 
 exit 0
 
 
 Index: rcorder.c
 ===================================================================
 RCS file: /usr/cvs/src/sbin/rcorder/rcorder.c,v
 retrieving revision 1.2
 diff -u -r1.2 rcorder.c
 --- rcorder.c   17 Jan 2006 08:01:00 -0000      1.2
 +++ rcorder.c   25 Mar 2006 16:40:33 -0000
 @@ -51,8 +51,9 @@
   #include "sprite.h"
   #include "hash.h"
 
 +#define DEBUG 1
   #ifdef DEBUG
 -int debug = 0;
 +int debug = 1;
   # define       DPRINTF(args) if (debug) { fflush(stdout); fprintf args; }
   #else
   # define       DPRINTF(args)
 
 here, all three test cases dump core, apparently the stack is being hit
 in the first and third case:
 
 =============== TEST1 rcorder A B
 ...
 generate on ZZZZZZZZZZZZZZZZZZZZ
 do_file on ZZZZZZZZZZZZZZZZZZZZ.
 Segmentation fault (core dumped)
 DUMPED CORE - ^C to stop
 
 Core was generated by `rcorder'.
 Program terminated with signal 11, Segmentation fault.
 #0  0x080493ac in satisfy_req (rnode=0x5a5a5a5a,
      filename=0xbfbfe7b0 "?㿿\003\001") at /usr/src/sbin/rcorder/rcorder.c:655
 655             entry = rnode->entry;
 (gdb) where
 #0  0x080493ac in satisfy_req (rnode=0x5a5a5a5a,
      filename=0xbfbfe7b0 "?㿿\003\001") at /usr/src/sbin/rcorder/rcorder.c:655
 #1  0x08048fa3 in do_file (fnode=0xa000110)
      at /usr/src/sbin/rcorder/rcorder.c:759
 #2  0x0804917b in generate_ordering () at /usr/src/sbin/rcorder/rcorder.c:827
 #3  0x08049369 in main (argc=2, argv=0x1)
      at /usr/src/sbin/rcorder/rcorder.c:193
 
 =============== TEST2 rcorder A B C
 Program terminated with signal 11, Segmentation fault.
 #0  satisfy_req (rnode=0xa000374, filename=0xa0001a0 "B")
      at /usr/src/sbin/rcorder/rcorder.c:666
 666             if (head->next == NULL)
 (gdb) where
 #0  satisfy_req (rnode=0xa000374, filename=0xa0001a0 "B")
      at /usr/src/sbin/rcorder/rcorder.c:666
 #1  0x08048fa3 in do_file (fnode=0xa0003e0)
      at /usr/src/sbin/rcorder/rcorder.c:759
 #2  0x080493d7 in satisfy_req (rnode=0xa000374, filename=0xa0001a0 "B")
      at /usr/src/sbin/rcorder/rcorder.c:687
 #3  0x08048fa3 in do_file (fnode=0xa000110)
      at /usr/src/sbin/rcorder/rcorder.c:759
 #4  0x080493d7 in satisfy_req (rnode=0xa000374, filename=0xa0001a0 "B")
      at /usr/src/sbin/rcorder/rcorder.c:687
 #5  0x08048fa3 in do_file (fnode=0xa0003e0)
      at /usr/src/sbin/rcorder/rcorder.c:759
 #6  0x0804917b in generate_ordering () at /usr/src/sbin/rcorder/rcorder.c:827
 #7  0x08049369 in main (argc=3, argv=0x1)
      at /usr/src/sbin/rcorder/rcorder.c:193
 
 =============== TEST3 rcorder A B C
 Program terminated with signal 11, Segmentation fault.
 #0  0x080493ac in satisfy_req (rnode=0x5a5a5a5a,
      filename=0xbfbfe7b0 "?㿿???\n") at /usr/src/sbin/rcorder/rcorder.c:655
 655             entry = rnode->entry;
 (gdb) where
 #0  0x080493ac in satisfy_req (rnode=0x5a5a5a5a,
      filename=0xbfbfe7b0 "?㿿???\n") at /usr/src/sbin/rcorder/rcorder.c:655
 #1  0x08048fa3 in do_file (fnode=0xa000360)
      at /usr/src/sbin/rcorder/rcorder.c:759
 #2  0x0804917b in generate_ordering () at /usr/src/sbin/rcorder/rcorder.c:827
 #3  0x08049369 in main (argc=3, argv=0x1)
      at /usr/src/sbin/rcorder/rcorder.c:193
 
 
 with the patch proposed earlier (skip nuking)
 
 Index: rcorder.c
 ===================================================================
 RCS file: /usr/cvs/src/sbin/rcorder/rcorder.c,v
 retrieving revision 1.2
 diff -u -r1.2 rcorder.c
 --- rcorder.c   17 Jan 2006 08:01:00 -0000      1.2
 +++ rcorder.c   25 Mar 2006 16:45:38 -0000
 @@ -51,8 +51,9 @@
   #include "sprite.h"
   #include "hash.h"
 
 +#define DEBUG 1
   #ifdef DEBUG
 -int debug = 0;
 +int debug = 1;
   # define       DPRINTF(args) if (debug) { fflush(stdout); fprintf args; }
   #else
   # define       DPRINTF(args)
 @@ -796,10 +797,14 @@
                  fnode->last->next = fnode->next;
          }
 
 -       DPRINTF((stderr, "nuking %s\n", fnode->filename));
          if (was_set == 0) {
 +               DPRINTF((stderr, "nuking %s\n", fnode->filename));
 +#if 0
                  free(fnode->filename);
                  free(fnode);
 +#else
 +               DPRINTF((stderr, "but skipping it for now\n"));
 +#endif
          }
   }
 
 only TEST2 dumps core:
 
 =============== TEST2 rcorder A B C
 === cat A:
 # PROVIDE: A
 # REQUIRE: B C
 === cat B:
 # PROVIDE: B
 # REQUIRE: A C
 === cat C:
 # PROVIDE: C
 === rcorder A B C:
 parse_args
 initialize
 crunch_all_files
 generate on C
 do_file on C.
 next do: C
 nuking C
 but skipping it for now
 generate on B
 do_file on B.
 do_file on A.
 do_file on B.
 rcorder: Circular dependency on file `B'.
 Segmentation fault (core dumped)
 
 Program terminated with signal 11, Segmentation fault.
 #0  0x080493d0 in satisfy_req ()
 (gdb) where
 #0  0x080493d0 in satisfy_req ()
 #1  0x08048fa3 in do_file ()
 #2  0x080493ef in satisfy_req ()
 #3  0x08048fa3 in do_file ()
 #4  0x080493ef in satisfy_req ()
 #5  0x08048fa3 in do_file ()
 #6  0x08049193 in generate_ordering ()
 #7  0x08049381 in main ()
 
 --0-674585855-1143306834=:31295--

From: Ganbold <ganbold@micom.mng.net>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/94767: [patch] rcorder(8) dumps core when does not use a
 proper RCng script (dansguardian)
Date: Tue, 28 Mar 2006 11:49:07 +0900

 In Dragonfly rcorder code, those lines which frees memory are commented 
 out.
 Clearer way will be just to delete those lines.
 In any case I just commented out those lines, since it can be used later 
 on.
 So the patch would be:
 
 --- rcorder.c.orig      Tue Jan 17 16:01:00 2006
 +++ rcorder.c   Mon Mar 27 16:41:49 2006
 @@ -757,8 +757,8 @@
                 r_tmp = r;
                 satisfy_req(r, fnode->filename);
                 r = r->next;
 -               if (was_set == 0)
 -                       free(r_tmp);
 +/*             if (was_set == 0)*/
 +/*                     free(r_tmp);*/
         }
         fnode->req_list = NULL;
 
 @@ -797,10 +797,10 @@
         }
 
         DPRINTF((stderr, "nuking %s\n", fnode->filename));
 -       if (was_set == 0) {
 -               free(fnode->filename);
 -               free(fnode);
 -       }
 +/*     if (was_set == 0) {*/
 +/*             free(fnode->filename);*/
 +/*             free(fnode);*/
 +/*     }*/
  }
 
  void
 
 

From: Freddie Cash <fcash@sd73.bc.ca>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: bin/94767: [patch] rcorder(8) dumps core when does not use a proper RCng script (dansguardian)
Date: Tue, 28 Mar 2006 14:37:47 -0800

 I've submitted a PR (ports/94802) that should fix the dansguardian 
 circular dependency issue (and make the RC script work correcty in 'the 
 new world order').  Hopefully, it also fixes the core dump for 
 dansguardian.  Testing on my 6.0 box shows no errors.  Don't have access 
 to a -CURRENT box to test on there.
 
 -- 
 Freddie Cash, LPIC-1 CCNT CCLP      Helpdesk / Network Support Tech.
 School District 73                  (250) 377-HELP [377-4357]
 fcash@sd73.bc.ca                    helpdesk@sd73.bc.ca

From: Ganbold <ganbold@micom.mng.net>
To: bug-followup@FreeBSD.org
Cc: dougb@freebsd.org
Subject: Re: bin/94767: [patch] rcorder(8) dumps core when does not use a
 proper RCng script (dansguardian)
Date: Wed, 05 Apr 2006 20:59:17 +0900

 Can somebody close this PR by committing it?
 By commenting out those free()s in rcorder.c solves the core dump 
 problem when there are circular dependent rc scripts on the system.
 
 thanks,
 
 Ganbold
 
Responsible-Changed-From-To: freebsd-rc->delphij 
Responsible-Changed-By: delphij 
Responsible-Changed-When: Sat May 20 05:06:22 UTC 2006 
Responsible-Changed-Why:  
Take 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94767 
State-Changed-From-To: open->patched 
State-Changed-By: delphij 
State-Changed-When: Sat May 20 05:48:11 UTC 2006 
State-Changed-Why:  
Patch applied to -HEAD 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94767 
State-Changed-From-To: patched->closed 
State-Changed-By: delphij 
State-Changed-When: Wed Jun 21 15:35:24 UTC 2006 
State-Changed-Why:  
Patch MFC'ed.  Thanks for your submission! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94767 
>Unformatted:
