Home > Archive > C > June 2006 > Strange Segmentation Fault
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Strange Segmentation Fault
|
|
| Tim Evers 2006-06-24, 7:58 am |
| Hi,
though I'm some kind of experienced bug-hunter :) I have no idea what
happens in the following case:
linux system, apache w. suexec, perl, graphviz (2.8).
A perl script calls the graphviz binary. This works perfectly in a console
but fails with a segfault when called under Apache/mod_cgi/perl
regardsless of suexec beeing active or not. All apache limits are off,
ulimit ist set to unlimited, user is both the same.
This is a strace excerpt:
27137 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400e5000
27137 read(3, "\ndigraph A {\ngraph [ clusterMode=\"local\" rankdir=\"LR\", ranksep=\"1\", bgcolor=\"#EDEDEE\"]\nnode [shape=record,style=filled,fontname=\"
Verdana\",fontsize=10,fontcolor=\"#8C0000\",color=\"#FF0000\",fillcolor=\"#EE"..., 4096) = 1882
27137 brk(0x8052000) = 0x8052000
27137 brk(0x8053000) = 0x8053000
27137 brk(0x8054000) = 0x8054000
27137 brk(0x8058000) = 0x8058000
27137 brk(0x8059000) = 0x8059000
27137 brk(0x805a000) = 0x805a000
27137 --- SIGSEGV (Segmentation fault) ---
27137 +++ killed by SIGSEGV +++
Executed on a console:
17162 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x400e5000
17162 read(3, "\ndigraph A {\ngraph [ clusterMode=\"local\" rankdir=\"LR\", ranksep=\"1\", bgcolor=\"#EDEDEE\"]\nnode [shape=record,style=filled,fontname=\"
Verdana\",fontsize=10,fontcolor=\"#8C0000\",color=\"#FF0000\",fillcolor=\"#EE"..., 4096) = 1882
17162 brk(0x8052000) = 0x8052000
17162 brk(0x8053000) = 0x8053000
17162 brk(0x8054000) = 0x8054000
17162 brk(0x8058000) = 0x8058000
17162 brk(0x8059000) = 0x8059000
17162 brk(0x805a000) = 0x805a000
17162 time(NULL) = 115099714
And here are the questions:
Does strace record the system call before or after the execution?
What may have happened here?
Any idea anyone?
Regards
Tim
| |
| Walter Roberson 2006-06-24, 7:58 am |
| In article <pan.2006.06.22.17.36.45.448101@massaker.de>,
Tim Evers <devnull@massaker.de> wrote:
>though I'm some kind of experienced bug-hunter :) I have no idea what
>happens in the following case:
>linux system, apache w. suexec, perl, graphviz (2.8).
>A perl script calls the graphviz binary. This works perfectly in a console
>but fails with a segfault when called under Apache/mod_cgi/perl
I think you'd better take this question to a linux newsgroup.
comp.lang.c only deals with matters that are expressible in standard C
but large parts of apache and suexec and perl require system-specific
extensions.
--
Prototypes are supertypes of their clones. -- maplesoft
| |
| Tim Evers 2006-06-24, 7:59 am |
| Es schrieb roberson@ibd.nrc-cnrc.gc.ca (Walter Roberson):
> In article <pan.2006.06.22.17.36.45.448101@massaker.de>,
> Tim Evers <devnull@massaker.de> wrote:
>
>
>
> I think you'd better take this question to a linux newsgroup.
> comp.lang.c only deals with matters that are expressible in standard C
> but large parts of apache and suexec and perl require system-specific
> extensions.
Thanks for the tip - I will do that, but all the Apache/Perl stuff ist not
problem specific and just presented "colorandi causa".
Is the linux system interface and/or strace ontopic in this group?
Thanks & regards
Tim
| |
| Ben Pfaff 2006-06-24, 7:59 am |
| Tim Evers <devnull@massaker.de> writes:
> Does strace record the system call before or after the execution?
> What may have happened here?
You'd be better off asking the strace or kernel developers. This
is a question about your operating system, not one about the C
programming language.
--
"I don't have C&V for that handy, but I've got Dan Pop."
--E. Gibbons
| |
| Ben Pfaff 2006-06-24, 7:59 am |
| Tim Evers <devnull@massaker.de> writes:
> Is the linux system interface and/or strace ontopic in this group?
No.
--
A competent C programmer knows how to write C programs correctly,
a C expert knows enough to argue with Dan Pop, and a C expert
expert knows not to bother.
| |
| Walter Roberson 2006-06-24, 7:59 am |
| In article <pan.2006.06.22.18.01.59.226931@massaker.de>,
Tim Evers <devnull@massaker.de> wrote:
>Es schrieb roberson@ibd.nrc-cnrc.gc.ca (Walter Roberson):
[color=darkred]
[color=darkred]
[color=darkred]
[color=darkred]
>Thanks for the tip - I will do that, but all the Apache/Perl stuff ist not
>problem specific and just presented "colorandi causa".
Ah? Then you've been able to reproduce the problem without using
apache or perl? Until you are able to create a test case that does
not rely on those factors, you cannot know whether they are
contributing to the problem or not.
[color=darkred]
mmap() and mmap2() are not part of standard C.
[Off topic]
When you are running under apache mod_perl, you are going to have
libraries loaded into your address space that you would not otherwise
have loaded. Depending on where the system's memory allocator
places allocated memory relative to loaded libraries, that could
result there being a noticably smaller available allocatable space.
Are you checking all of your malloc()'s to see if they perhaps
return the NULL pointer?
Alternately, it is potentially a case not of running out of virtual
memory, but rather that the virtual memory gets located in a different
place when those libraries are loaded, and that the difference in
location is making visible a bug you have in using a bad pointer
or in accessing an array out of bounds.
So, are you *sure* that
"all the Apache/Perl stuff is not problem specific" ?
--
"law -- it's a commodity"
-- Andrew Ryan (The Globe and Mail, 2005/11/26)
| |
| Gordon Burditt 2006-06-24, 7:59 am |
| >A perl script calls the graphviz binary. This works perfectly in a console
>but fails with a segfault when called under Apache/mod_cgi/perl
>regardsless of suexec beeing active or not. All apache limits are off,
>ulimit ist set to unlimited, user is both the same.
>
>This is a strace excerpt:
>
>27137 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
>-1, 0) = 0x400e5000
>27137 read(3, "\ndigraph A {\ngraph [ clusterMode=\"local\"
>rankdir=\"LR\", ranksep=\"1\", bgcolor=\"#EDEDEE\"]\nnode
>[shape=record,style=filled,fontname=\"
>Verdana\",fontsize=10,fontcolor=\"#8C0000\",color=\"#FF0000\",fillcolor=\"#EE"..., 4096) = 1882
>27137 brk(0x8052000) = 0x8052000
>27137 brk(0x8053000) = 0x8053000
>27137 brk(0x8054000) = 0x8054000
>27137 brk(0x8058000) = 0x8058000
>27137 brk(0x8059000) = 0x8059000
>27137 brk(0x805a000) = 0x805a000
>27137 --- SIGSEGV (Segmentation fault) ---
>27137 +++ killed by SIGSEGV +++
>
>Executed on a console:
>
>17162 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
>-1, 0) = 0x400e5000
>17162 read(3, "\ndigraph A {\ngraph [ clusterMode=\"local\"
>rankdir=\"LR\", ranksep=\"1\", bgcolor=\"#EDEDEE\"]\nnode
>[shape=record,style=filled,fontname=\"
>Verdana\",fontsize=10,fontcolor=\"#8C0000\",color=\"#FF0000\",fillcolor=\"#EE"..., 4096) = 1882
>17162 brk(0x8052000) = 0x8052000
>17162 brk(0x8053000) = 0x8053000
>17162 brk(0x8054000) = 0x8054000
>17162 brk(0x8058000) = 0x8058000
>17162 brk(0x8059000) = 0x8059000
>17162 brk(0x805a000) = 0x805a000
>17162 time(NULL) = 115099714
I don't believe that return value from time(). I think you lopped off
a digit at the end.
>And here are the questions:
>
>Does strace record the system call before or after the execution?
Since the output seems to show the return value of the system
call, it is recorded afterwards (unless it is recorded BOTH times
and just printed that way).
>What may have happened here?
There's a lot of differences between the environment running under
Apache vs. a command-line shell.
- uid and associated ulimits and file permissions
- current working directory
- environment variables
- control terminal or lack thereof
I'd take a hard look at environment variables, especially search
paths for libraries (LD_LIBRARY_PATH) and executables (PATH).
Does anything call getenv() and use the return value without checking
it for NULL?
Gordon L. Burditt
| |
| Tim Evers 2006-06-26, 6:56 pm |
| Es schrieb roberson@ibd.nrc-cnrc.gc.ca (Walter Roberson):
> So, are you *sure* that
> "all the Apache/Perl stuff is not problem specific" ?
At first thanks to all who took time to answer. The problem is solved,
it was a bug in libfontconfig which delivered a nullpointer to strcpy when
$HOME env var was unset. This is the case under Apache/suexec.
Thanks to all who answered though I was offtopic with my question.
regards
Tim
|
|
|
|
|