Opened 13 years ago

Closed 13 years ago

#1385 closed defect (fixed)

trunk 4147: segfault when accessing webif, gdb bt included

Reported by: rakzer Owned by:
Priority: blocker Component: ! Please select...
Severity: medium Keywords: oscam segfault
Cc: Sensitive: no

Description

Revision

4147

Issue Description

Oscam segfaults when accessing webinterface.

When the issue occurs

Whenever you access the webinterface from both a trusted or an untrusted network.

How the issue is reproducable

  • build oscam trunk 4147 with debug symbols (added -g to CFLAGS) and don't strip the binary
  • run oscam in gdb:
$ gdb /usr/local/bin/oscam -d 255
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...Warning: /usr/local/etc/oscam/255: No such file or directory.

(gdb) r
Starting program: /usr/local/bin/oscam 
[New LWP 100224]
[New Thread 8010041c0 (LWP 100224)]
[New Thread 8010e81c0 (LWP 100655)]
[New Thread 80100ae40 (LWP 100684)]
[New Thread 80100ac80 (LWP 100814)]
  • now access the webinterface
  • gdb return:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 8010e81c0 (LWP 100655)]
process_request (f=0x800ff0fb0, in={s_addr = 50440384}) at oscam-http.c:2594
2594            cur_client()->last = time((time_t)0); //reset last busy time
  • print a backtrace:
(gdb) bt
#0  process_request (f=0x800ff0fb0, in={s_addr = 50440384}) at oscam-http.c:2594
#1  0x000000000044cfc4 in http_srv () at oscam-http.c:2974
#2  0x0000000800ca7511 in pthread_getprio () from /lib/libthr.so.3
#3  0x0000000000000000 in ?? ()
#4  0x0000000000000000 in ?? ()
#5  0x0000000000000000 in ?? ()
#6  0x0000000000000000 in ?? ()
#7  0x0000000000000000 in ?? ()
#8  0x0000000000000000 in ?? ()
#9  0x0000000000000000 in ?? ()
#10 0x0000000000000000 in ?? ()
#11 0x0000000000000000 in ?? ()
#12 0x0000000000000000 in ?? ()
#13 0x0000000000000000 in ?? ()
#14 0x0000000000000000 in ?? ()
#15 0x0000000000000000 in ?? ()
#16 0x0000000000000000 in ?? ()
#17 0x0000000000000000 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0x0000000000000000 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x0000000000000000 in ?? ()
#26 0x0000000000000000 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000000 in ?? ()
#29 0x0000000000000000 in ?? ()
#30 0x0000000000000000 in ?? ()
#31 0x0000000000000000 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x0000000000000000 in ?? ()
Error accessing memory address 0x7fffffbff000: Bad address.

Attachments (1)

oscam-debug-255.log (2.5 KB ) - added by rakzer 13 years ago.
oscam.log while running in debug level 255

Download all attachments as: .zip

Change History (5)

by rakzer, 13 years ago

Attachment: oscam-debug-255.log added

oscam.log while running in debug level 255

comment:1 by rakzer, 13 years ago

Here is the backtrace of the other threads:

(gdb) thr apply all bt

Thread 4 (Thread 80100ae40 (LWP 100684)):
#0  0x0000000800eab36c in select () from /lib/libc.so.7
#1  0x0000000800ca9574 in select () from /lib/libthr.so.3
#2  0x0000000000419571 in start_cardreader (rdr=Variable "rdr" is not available.
) at oscam-reader.c:724
#3  0x0000000800ca7511 in pthread_getprio () from /lib/libthr.so.3
#4  0x0000000000000000 in ?? ()
Error accessing memory address 0x7fffffbfb000: Bad address.

Thread 3 (Thread 8010e81c0 (LWP 100360)):
#0  process_request (f=0x800ff0e80, in={s_addr = 50440384}) at oscam-http.c:2594
#1  0x000000000044cfc4 in http_srv () at oscam-http.c:2974
#2  0x0000000800ca7511 in pthread_getprio () from /lib/libthr.so.3
#3  0x0000000000000000 in ?? ()
#4  0x0000000000000000 in ?? ()
#5  0x0000000000000000 in ?? ()
#6  0x0000000000000000 in ?? ()
#7  0x0000000000000000 in ?? ()
#8  0x0000000000000000 in ?? ()
#9  0x0000000000000000 in ?? ()
#10 0x0000000000000000 in ?? ()
#11 0x0000000000000000 in ?? ()
#12 0x0000000000000000 in ?? ()
#13 0x0000000000000000 in ?? ()
#14 0x0000000000000000 in ?? ()
#15 0x0000000000000000 in ?? ()
#16 0x0000000000000000 in ?? ()
#17 0x0000000000000000 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0x0000000000000000 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x0000000000000000 in ?? ()
#26 0x0000000000000000 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000000 in ?? ()
#29 0x0000000000000000 in ?? ()
#30 0x0000000000000000 in ?? ()
#31 0x0000000000000000 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x0000000000000000 in ?? ()
Error accessing memory address 0x7fffffbff000: Bad address.

Thread 2 (Thread 8010041c0 (LWP 100751)):
#0  0x0000000800e905ac in nanosleep () from /lib/libc.so.7
#1  0x0000000800ca9965 in nanosleep () from /lib/libthr.so.3
#2  0x000000000040ccd4 in cs_sleepms (msec=Variable "msec" is not available.
) at oscam-simples.c:518
#3  0x0000000000405285 in cs_waitforcardinit () at oscam.c:2874
#4  0x000000000040aa21 in main (argc=Variable "argc" is not available.
) at oscam.c:3217
2594            cur_client()->last = time((time_t)0); //reset last busy time

comment:2 by alno, 13 years ago

could you check pls with head? We are >40 revisions above and there are some changes in WebIf

in reply to:  2 comment:3 by rakzer, 13 years ago

Replying to alno:

could you check pls with head? We are >40 revisions above and there are some changes in WebIf

This particular segfault doens't happen with 4184 anymore. The ticket can be closed, thanks.

comment:4 by alno, 13 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.