Re: [Owfs-developers] FC5 and embedded functions

[Paul Alfille]

Looks like you are still running an old binary. That 1-10 countdown was removed a while back.

Paul

On 4/24/06, Jan Bertelsen <[EMAIL PROTECTED]> wrote:

Now this is becoming a little strange; I've just compiled ow from CVS to
see how things are going and this happend:

First:
owserver -d /dev/ttyS0 -p 3000
owfs -s 3000 /mnt/1-wire --foreground

then a simple ll /mnt/1-wire and owfs seg-faults "as usually".

Then I started owfs in gdb to see if it still was the embedded function
call causing the seg-fault. A new ll /mnt/1-wire was issued and suddenly
it gave some output:

[EMAIL PROTECTED] ~]$ ll /mnt/1-wire/
total 0
drwxr-xr-x 1 root root 1 Apr 24 22:02 bus.0
drwxr-xr-x 1 root root 1 Apr 24 22:02 settings
drwxr-xr-x 1 root root 1 Apr 24 22:02 statistics
drwxr-xr-x 1 root root 1 Apr 24 22:02 structure
drwxr-xr-x 1 root root 1 Apr 24 22:02 system
drwxr-xr-x 1 root root 1 Apr 24 22:02 uncached

After another ll /mnt/1-wire owfs seg-faulted again. Details in the bottom.

What is more interesting: after quitting and restarting gdb the behavior
is the same: first ll /mnt/1-wire is ok, the second seg-faults

And owserver is still running.

ow was configured with ./configure --disable-mt

Is this something with uninitialized pointers?? I'm not used til run gdb
but if I get some directions I will try it.

Jan B.

=====================================

[EMAIL PROTECTED] owfs]$ /opt/owfs/bin/owfs -s 3000 /mnt/1-wire/ --foreground
0
1
2
3
4
5
6
7
8
9
10
Segmentation fault                        <------------ first ll
[EMAIL PROTECTED] owfs]$ gdb /opt/owfs/bin/owfs
GNU gdb Red Hat Linux (6.3.0.0-1.122rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host
libthread_db library "/lib/libthread_db.so.1".

(gdb) run  -s 3000 /mnt/1-wire/ --foreground
Starting program: /opt/owfs/bin/owfs -s 3000 /mnt/1-wire/ --foreground
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0x21a000
[Thread debugging using libthread_db enabled]
[New Thread -1208588096 (LWP 9015)]
0
1
2
3
4
5
6
7
8
9
10
Detaching after fork from child process 9019.
[New Thread 26590112 (LWP 9020)]
                                                      <--- second ll
Program received signal SIGSEGV, Segmentation fault.  <--- third ll
[Switching to Thread -1208588096 (LWP 9015)]
0x00f36224 in FS_dir (dirfunc=0xbf874fb4, pn=0xbf874f54) at ow_dir.c:110
110                             dirfunc( &pn2 ) ;
(gdb) bt
#0  0x00f36224 in FS_dir (dirfunc=0xbf874fb4, pn=0xbf874f54) at ow_dir.c:110
#1  0x0804915c in FS_getdir (path=Variable "path" is not available.
) at owfs_callback.c:156
#2  0x00703cc2 in fuse_readdir (req=0x9fef420, ino=1, size=4096, off=0,
    llfi=0xbf875168) at fuse.c:1438
#3  0x00706e38 in fuse_ll_process (data="" buf=0xb7f44008 "@",
len=64,
    ch=0x9fd37d8) at fuse_lowlevel.c:605
#4  0x00708776 in fuse_session_process (se=0x9fd3b98, buf=0xb7f44008 "@",
    len=64, ch=0x9fd37d8) at fuse_session.c:74
#5  0x0070592d in do_work (data="" at fuse_loop_mt.c:106
#6  0x00705c15 in fuse_session_loop_mt (se=0x9fd3b98) at fuse_loop_mt.c:169
#7  0x00707a18 in fuse_loop_mt (f=0x9fd39c0) at fuse_mt.c:188
#8  0x0070921b in fuse_main_common (argc=Variable "argc" is not available.
) at helper.c:271
#9  0x08048e07 in main (argc=167703712, argv=0xbf8754c4) at owfs.c:164
(gdb)

========================================

On Wed, April 19, 2006 23:43, Paul Alfille wrote:
> Making some progress with the fixes. It's more tedious and error-prone
> than
> difficult.
>
> I'll need some serious testers when done.
>
> Paul
>
> On 4/19/06, Jan Bertelsen <[EMAIL PROTECTED]> wrote:
>>
>>
>> OK, but as far as I can see (I'm not a skilled C-programmer), removing
>> the
>> embedded functions from owhttpd and owfs is quite extensive. 3 or 4 new
>> arguments has to be added to dirfunc() so that output file descriptor
>> and
>> other things can be passed.
>>
>> I don't know if this is the right way to fix the problem?
>>
>> Any suggestions??
>>
>> Jan B.
>>
>>
>> On Fri, April 14, 2006 15:58, Wim Heirman wrote:
>> > From http://www.manoverboard.org/weblog/fritza/StepintoXcode/ :
>> >
>> > """
>> > Embedded functions are now prohibited because gcc implemented them by
>> > pushing the code onto the stack, and executing them there. Many
>> security
>> > exploits work by executing code injected into the stack, and it is a
>> > prudent security measure to make the stack non-executable, even at the
>> > expense of embedded functions.
>> > """
>> >
>> > The newer kernels already refuse to start a thread with code located
>> on
>> > the stack (which is what the problem was with owserver), a few GCC
>> > versions from now the embedded functions will probably not even
>> compile
>> > anymore...
>> >
>> > Regards,
>> > Wim.




-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmdlnk&kid0709&bid&3057&dat1642
_______________________________________________
Owfs-developers mailing list
Owfs-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owfs-developers