[IRCServices] Seg Fault/Bus Error on SQUIT
Chawmp
chawmp at cyberarmy.net
Thu Jul 8 12:50:51 PDT 2004
Hello,
Recently, after moving our ircservices to a new host, they have crashed with
a Bus Error whenever another server quit.
I've searched and found that a few others have posted with this problem, but
didn't find a resolution. So I had to debug :\
We actually use a non-current, modded version for long and boring reasons,
but I have checked and all this applies equally to stock ircservices 5.0.35:
do_squit() in servers.c contains the following code:
squit_server(server, av[1]);
if (server->hub) {
.. attempts to read server->hub ..
}
squit_server() in turn calls delete_server, that free()s the server record,
meaning "server->hub" attempts to dereference a freed pointer.
On most systems this would probably just work anyway, since there would have
been no time for the freed memory to have been changed before it was
accessed again for the last time. However, on the server we were using,
malloc was configured to initialize memory to 0xd0d0d0d0 when it was
free()d, leading to a Bus Error at the dereference.
I fixed this by moving the squit_server(...) call after the "if
(server->hub)" block, and things seem to work.
I hope this fix is correct, and works for everyone else.
Regards,
Tom McIntyre
chawmp at cyberarmy.net