Date: Wed, 18 May 2005 05:38:41 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Xu Qiang <Qiang.Xu@fujixerox.com> Cc: freebsd-questions@freebsd.org Subject: Re: The availability of socketbits.h? Message-ID: <20050518023841.GA42546@gothmog.gr> In-Reply-To: <20050518015322.7F0F11D93F@imss.sgp.fujixerox.com> References: <20050518015322.7F0F11D93F@imss.sgp.fujixerox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-05-18 10:02, Xu Qiang <Qiang.Xu@fujixerox.com> wrote:
> Thank you again. It can roll forward when the declaration of the
> "random" function function is removed. It seems 1.1.16 version is full
> of bugs, like stated above. The 1.1.14 version is much better in
> compiling.
>
> However, both versions give me an error when I run the compiled
> application after gmake, gmake install. I go to bin directory and type
> "./nngssrv", it told me: Bus error (core dumped)
>
> GDB trace is here:
> -----------------------------------------------
> gso_dev_2# gdb nngssrv nngssrv.core
> (gdb) bt
> [...]
> #0 0x2818bbc5 in __vfprintf () from /lib/libc.so.5
> #1 0x2818a513 in vfprintf () from /lib/libc.so.5
> #2 0x28177352 in fprintf () from /lib/libc.so.5
> #3 0x0805f98c in commands_init () at command.c:1149
> #4 0x0805aeab in main (argc=1116382465, argv=0x807e702) at nngsmain.c:162
> -----------------------------------------------
>
> What is a "Bus error"?
A bug in the program. The relevant code seems to be this part of
nngs-1.1.14/nrat/command.c:
1131 void commands_init()
1132 {
1133 FILE *fp, *afp;
1134 int i = 0;
1135
1136 fp = xyfopen(FILENAME_CMDS, "w");
1137 if (!fp) {
1138 return;
1139 }
1140 afp = xyfopen(FILENAME_ACMDS, "w");
1141 if (!afp) {
1142 fclose(fp);
1143 return;
1144 }
1145 for (i = 0; command_list[i].comm_name; i++) {
1146 if (command_list[i].adminLevel >= ADMIN_ADMIN) {
1147 fprintf(afp, "%s\n", command_list[i].comm_name);
1148 } else {
1149 fprintf(fp, "%s\n", command_list[i].comm_name);
1150 }
1151 }
1152 fclose(fp);
1153 fclose(afp);
1154 }
If we put for a while the horrible style aside, the bug seems to be that
the for loop doesn't properly check the bounds of the command_list[]
array. This would probably be ok if the command_list array was declared
to have a trailing element set to an "all zeroes" value:
struct command_type command_list[] = {
{"accept", "n", com_accept, ADMIN_USER },
{"actitle", "dS", com_actitle, ADMIN_ADMIN },
{0, 0, 0, 0 },
};
but it's not (look in nngs-1.1.14/nrat/command_list.h):
/* Name Options Functions Security */
struct command_type command_list[] = {
{"accept", "n", com_accept, ADMIN_USER },
{"actitle", "dS", com_actitle, ADMIN_ADMIN },
[...]
/* by Syncanph */
{"shownote", "", com_shownote, ADMIN_USER },
};
and this is *EXACTLY* where this particular bug lies.
> Any hints to overcome this last barrier?
Yes. Don't run software that is full of bugs, unless you're keen on
fixing those bugs :-(
The nngs.sourceforge.net web page shows *no* release of nngs after 2002.
The history of that project shows that the ones developing it would
release very often; some times twice within the same week. The fact
that there has been absolutely no release for more than 3 years means
that nngs is, for all purposes, thoroughly dead.
- Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050518023841.GA42546>