>>>>> On Mon, 18 Jul 2022 10:06:50 -0500, Larry Rosenman said:
>
> On 07/18/2022 10:00 am, Martin Simmons wrote:
> >>>>>> On Mon, 18 Jul 2022 09:18:17 -0500, Larry Rosenman said:
> >>
> >> On 07/18/2022 8:22 am, Martin Simmons wrote:
> >> >>>>>> On Sat, 16 Jul 2022 17:00:33 -0500, Larry Rosenman said:
> >> >>
> >> >> (gdb) bt full
> >> >> #0 kill () at kill.S:4
> >> >> No locals.
> >> >> #1 0x000000088ad660a0 in __fail (
> >> >> msg=0x88ac6d34f "stack overflow detected; terminated")
> >> >> at /usr/src/lib/libc/secure/stack_protector.c:130
> >> >> sa = {__sigaction_u = {__sa_handler = 0x0, __sa_sigaction =
> >> >> 0x0},
> >> >> sa_flags = 0, sa_mask = {__bits = {0, 0, 0, 0}}}
> >> >> mask = {__bits = {4294967263, 4294967295, 4294967295,
> >> >> 4294967295}}
> >> >> #2 0x000000088ad66010 in __stack_chk_fail ()
> >> >> at /usr/src/lib/libc/secure/stack_protector.c:137
> >> >> No locals.
> >> >> #3 0x0000000000252e69 in send_include_list(JCR*) ()
> >> >> No symbol table info available.
> >> >> #4 0x000000000024241e in do_backup(JCR*) ()
> >> >> No symbol table info available.
> >> >> #5 0x0000000000257307 in job_thread(void*) ()
> >> >> No symbol table info available.
> >> >> #6 0x000000000025d124 in jobq_server ()
> >> >> No symbol table info available.
> >> >> #7 0x0000000886269d08 in lmgr_thread_launcher ()
> >> >> from /usr/local/lib/libbac-13.0.0.so
> >> >> No symbol table info available.
> >> >> #8 0x00000008869a496a in thread_start (curthread=0x89c8a7000)
> >> >> at /usr/src/lib/libthr/thread/thr_create.c:292
> >> >
> >> > It might be useful to also post the output of these three gdb commands
> >> > from
> >> > the core file:
> >> >
> >> > disass send_include_list
> >> > p __stack_chk_guard
> >> > x/256xg $sp
> >> >
> >> > __Martin
> >>
> >> https://www.lerctr.org/~ler/bacula-dir.gdb.txt
> >>
> >> too big for the list :)
> >
> > Ok, that shows the problem. The function send_fileset in
> > src/dird/fd_cmds.c
> > has an array called newopts on the stack, but it is too small so it
> > overflows.
> > It is too small because fd_cmds.c includes findlib/find.h, which
> > redefines
> > MAX_FOPTS with a value that is too small for this use. I don't see why
> > findlib/find.h needs to be included, so you could try the patch below:
> >
> > ------------------------------------------------------------------------------
> > --- src/dird/fd_cmds.c~ 2022-05-17 17:13:42.541093000 +0100
> > +++ src/dird/fd_cmds.c 2022-07-18 15:45:10.357144000 +0100
> > @@ -32,7 +32,7 @@
> >
> > #include "bacula.h"
> > #include "dird.h"
> > -#include "findlib/find.h"
> > +#include "findlib/bfile.h"
> >
> > const int dbglvl = 400;
> >
> > ------------------------------------------------------------------------------
> >
> > The overflow is triggered by your change to the fileset, which
> > increases the
> > size of the options list sent to the client.
> >
> > __Martin
> I'm just surprised the DEBUG build works then.....
It probably just corrupts the stack in some way that is not detected.
__Martin
_______________________________________________
Bacula-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bacula-users
