From owner-freebsd-stable Wed Mar 15 0:25:40 2000 Delivered-To: freebsd-stable@freebsd.org Received: from ipt2.iptelecom.net.ua (ipt2.iptelecom.net.ua [212.9.224.2]) by hub.freebsd.org (Postfix) with ESMTP id 6305737B95E; Wed, 15 Mar 2000 00:25:30 -0800 (PST) (envelope-from sobomax@altavista.net) Received: from vega.vega.com (dialup2-40.iptelecom.net.ua [212.9.226.104]) by ipt2.iptelecom.net.ua (8.9.3/8.9.3) with ESMTP id KAA12811; Wed, 15 Mar 2000 10:29:26 +0200 (EET) Received: from altavista.net (big_brother.vega.com [192.168.1.1]) by vega.vega.com (8.9.3/8.9.3) with ESMTP id KAA27641; Wed, 15 Mar 2000 10:24:53 +0200 (EET) (envelope-from sobomax@altavista.net) Message-ID: <38CF48CF.59A100D7@altavista.net> Date: Wed, 15 Mar 2000 10:24:47 +0200 From: Maxim Sobolev Reply-To: sobomax@mail.ru Organization: Vega International Capital X-Mailer: Mozilla 4.72 [en] (WinNT; I) X-Accept-Language: uk,ru,en MIME-Version: 1.0 To: current@freebsd.org Cc: stable@freebsd.org Subject: gcc -Os optimisation broken (RELENG_4) Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I've just upgraded my production server to the 4.0-RELEASE and found that squid23 when compiled with -Os option dying with signal 11 on each attempt to load page. When I recompiled it with -O fault disappeared. After some digging into the sources with gdb I found that fault came from dereferencing NULL pointer somewhere in the DNS query procedures. I've tracked the source of this pointer and found that the function rfc1035QuestionPack (rfc1035.c) called from rfc1035BuildAQuery receives NULL pointer instead of the supplied hostname as a 3rd argument. Following is two debugging sessions with squid compiled with -Os and -O (faulty call is in the end of the output): -Maxim -Os: Script started on Wed Mar 15 10:16:16 2000 root@vega# gdb squid GNU gdb 4.18 [GDB copyright omitted] (gdb) set args -C -N -d 10 (gdb) b rfc1035BuildAQuery Breakpoint 1 at 0x8096cb1: file rfc1035.c, line 472. (gdb) r Starting program: /usr/ports/www/squid23/work/squid-2.3.STABLE2/src/squid -C -N -d 10 [unrelevant squid output omitted] Breakpoint 1, 0x8096cb1 in rfc1035BuildAQuery ( hostname=0x84a5900 "www.yahoo.com", buf=0x8212c00 "", szp=0x8212e00) at rfc1035.c:472 472 size_t sz = *szp; (gdb) n 473 memset(&h, '\0', sizeof(h)); (gdb) 472 size_t sz = *szp; (gdb) 473 memset(&h, '\0', sizeof(h)); (gdb) 474 h.id = rfc1035Qid(); (gdb) 476 h.rd = 1; (gdb) 477 h.opcode = 0; /* QUERY */ (gdb) 478 h.qdcount = (unsigned int) 1; (gdb) 479 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h); (gdb) 480 offset += rfc1035QuestionPack(buf + offset, (gdb) print hostname $1 = 0x84a5900 "www.yahoo.com" (gdb) list 475 h.qr = 0; 476 h.rd = 1; 477 h.opcode = 0; /* QUERY */ 478 h.qdcount = (unsigned int) 1; 479 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h); 480 offset += rfc1035QuestionPack(buf + offset, 481 sz - offset, 482 hostname, 483 RFC1035_TYPE_A, 484 RFC1035_CLASS_IN); (gdb) s rfc1035QuestionPack (buf=0x8212c0c "", sz=500, name=0x0, type=1, class=1) at rfc1035.c:201 201 off += rfc1035NamePack(buf + off, sz - off, name); (gdb) q The program is running. Exit anyway? (y or n) y root@vega# exit Script done on Wed Mar 15 10:17:46 2000 -O: Script started on Wed Mar 15 09:57:49 2000 root@vega# gdb squid [GDB copyright omitted] (gdb) set args -C -N -d 10 (gdb) b rfc1035BuildAQuery Breakpoint 1 at 0x8096321: file rfc1035.c, line 469. (gdb) r Starting program: /usr/ports/www/squid23/work/squid-2.3.STABLE2/src/squid -C -N -d 10 [unrelevant squid output omitted] Breakpoint 1, 0x8096321 in rfc1035BuildAQuery ( hostname=0x84a5900 "www.yahoo.com", buf=0x8212c00 "", szp=0x8212e00) at rfc1035.c:469 469 { (gdb) n 472 size_t sz = *szp; (gdb) 473 memset(&h, '\0', sizeof(h)); (gdb) 474 h.id = rfc1035Qid(); (gdb) 475 h.qr = 0; (gdb) 476 h.rd = 1; (gdb) 477 h.opcode = 0; /* QUERY */ (gdb) 478 h.qdcount = (unsigned int) 1; (gdb) 479 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h); (gdb) 480 offset += rfc1035QuestionPack(buf + offset, (gdb) print hostname $1 = 0x84a5900 "www.yahoo.com" (gdb) list 475 h.qr = 0; 476 h.rd = 1; 477 h.opcode = 0; /* QUERY */ 478 h.qdcount = (unsigned int) 1; 479 offset += rfc1035HeaderPack(buf + offset, sz - offset, &h); 480 offset += rfc1035QuestionPack(buf + offset, 481 sz - offset, 482 hostname, 483 RFC1035_TYPE_A, 484 RFC1035_CLASS_IN); (gdb) s rfc1035QuestionPack (buf=0x8212c0c "", sz=500, name=0x84a5900 "www.yahoo.com", type=1, class=1) at rfc1035.c:201 201 off += rfc1035NamePack(buf + off, sz - off, name); (gdb) q The program is running. Exit anyway? (y or n) y root@vega# exit Script done on Wed Mar 15 09:59:28 2000 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message