Description of problem: $ tla register-archive http://arch.sv.gnu.org/archives/emacs Segmentation fault $gdb tla (gdb) r register-archive http://arch.sv.gnu.org/archives/emacs [...] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1208297184 (LWP 5605)] 0x080b0e5a in ?? () (gdb) bt #0 0x080b0e5a in ?? () #1 0x080a0f7f in ?? () #2 0x00144083 in end_response (userdata=0x8381198, resource=0x8386158, status=0x0, description=0x0) at ne_props.c:553 #3 0x001426f4 in end_element (userdata=0x837f190, state=2, nspace=0x837fbf0 "DAV:", name=0x8386040 "response") at ne_207.c:220 #4 0x00142eb8 in end_element (userdata=0x8380778, name=0x8385f00 "D:response") at ne_xml.c:390 #5 0x00552262 in doContent (parser=0x8380f98, startTagLevel=0, enc=0x569300, s=0x837fe5a "</D:response>\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/gnus/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getlastmodified>Thu, 19 Jan 2006 "..., end=0x838014a "lient/0.1 neon/0.27.2\r\nConnection: TE\r\nTE: trailers\r\nDepth: 1\r\nContent-Length: 182\r\nContent-Type: application/xml\r\n", nextPtr=0x8380fb0, haveMore=1 '\001') at lib/xmlparse.c:2449 #6 0x00552edd in contentProcessor (parser=0x8380f98, start=0x837fc6f "<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getl"..., end=0x838014a "lient/0.1 neon/0.27.2\r\nConnection: TE\r\nTE: trailers\r\nDepth: 1\r\nContent-Length: 182\r\nContent-Type: application/xml\r\n", endPtr=0x8380fb0) at lib/xmlparse.c:2023 ---Type <return> to continue, or q <return> to quit--- #7 0x00553f94 in doProlog (parser=0x8380f98, enc=0x569300, s=0x837fc6f "<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getl"..., end=0x838014a "lient/0.1 neon/0.27.2\r\nConnection: TE\r\nTE: trailers\r\nDepth: 1\r\nContent-Length: 182\r\nContent-Type: application/xml\r\n", tok=12, next=0x837fc6f "<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getl"..., nextPtr=0x8380fb0, haveMore=1 '\001') at lib/xmlparse.c:3905 #8 0x00554e65 in prologProcessor (parser=0x8380f98, s=0x837fc48 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., end=0x838014a "lient/0.1 neon/0.27.2\r\nConnection: TE\r\nTE: trailers\r\nDepth: 1\r\nContent-Length: 182\r\nContent-Type: application/xml\r\n", nextPtr=0x8380fb0) at lib/xmlparse.c:3635 #9 0x0054c57b in XML_ParseBuffer (parser=0x8380f98, len=1282, isFinal=0) at lib/xmlparse.c:1573 #10 0x00555342 in XML_Parse (parser=0x8380f98, s=0x8383080 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., ---Type <return> to continue, or q <return> to quit--- len=1282, isFinal=0) at lib/xmlparse.c:1544 #11 0x0014304d in ne_xml_parse (p=0x8380778, block=0x8383080 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., len=1282) at ne_xml.c:546 #12 0x0014317b in ne_xml_parse_v (userdata=0x8380778, block=0x8383080 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., len=1282) at ne_xml.c:500 #13 0x00135d81 in ne_read_response_block (req=0x8383048, buffer=0x8383080 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., buflen=<value optimized out>) at ne_request.c:779 #14 0x00136144 in ne_discard_response (req=0x8383048) at ne_request.c:1334 #15 0x0013712b in ne_request_dispatch (req=0x8383048) at ne_request.c:1346 #16 0x00143925 in propfind (handler=0x8381198, results=0x80a0f10, userdata=0xbf90d6b4) at ne_props.c:143 #17 0x001442c6 in ne_simple_propfind (sess=0x837e968, href=0x8380620 "/archives/emacs/", depth=1, props=0x80de7e0, results=0x80a0f10, userdata=0xbf90d6b4) at ne_props.c:616 ---Type <return> to continue, or q <return> to quit--- #18 0x080a1235 in ?? () #19 0x080a138c in ?? () #20 0x080aa828 in ?? () #21 0x0809a4ae in ?? () #22 0x08063684 in ?? () #23 0x08049c4e in ?? () #24 0x0018f320 in __libc_start_main () from /lib/libc.so.6 #25 0x08049901 in ?? () Version-Release number of selected component (if applicable): 1.3.4-8.fc8 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: neon-0.27.2-2 expat-2.0.1-2
This happens on x86_64, too. In src/tla/libarch/pfs-dav.c, in function results, this invocation: file = str_chr_rindex_n (uri, n, '/') + 1; sets file to 1, because the str_chr_rindex_n call is returning 0, meaning "not found". The code then calls str_length on file, with predictable results. Incidentally, the string in which it is looking for a '/' (named "uri") is "http". The string in data->uri is "/archives/emacs". I see that tla 1.3.5 has been out since July 2006. Is there any chance we can try that to see if it fixes this bug?
I orphaned this a while ago and it was picked up by Debarshi Ray
tla-1.3.5 is available for Fedora 7, Fedora 8 and Rawhide. Can you please try them?
No, that doesn't fix the problem. :-( It's still crashing in exactly the same spot. Here is a more detailed backtrace from my F8 x86_64 machine, with debuginfo installed for expat-2.0.1-2, keyutils-1.2-2, neon-0.27.2-2, and tla-1.3.5-2. #0 str_length (x=0x1 <Address 0x1 out of bounds>) at /usr/src/debug/tla-1.3.5/src/hackerlab/char/str.c:54 #1 0x0000000000449b60 in results (userdata=0x7ffface6a210, uri=<value optimized out>, set=<value optimized out>) at /usr/src/debug/tla-1.3.5/src/tla/libarch/pfs-dav.c:940 #2 0x00002aaaaaad9cb3 in end_response (userdata=0x6ff6a0, resource=0x6feb50, status=<value optimized out>, description=0x6feb68 "��o") at ne_props.c:553 #3 0x00002aaaaaad8618 in end_element (userdata=0x6f7da0, state=2, nspace=<value optimized out>, name=<value optimized out>) at ne_207.c:220 #4 0x00002aaaaaad8d22 in end_element (userdata=<value optimized out>, name=<value optimized out>) at ne_xml.c:390 #5 0x000000383c20a035 in doContent (parser=0x6f7f30, startTagLevel=0, enc=0x383c420640, s=0x6fd3f2 "</D:response>\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/gnus/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getlastmodified>Thu, 19 Jan 2006 "..., end=0x6fd692 "GMT</lp1:getlastmodified>\n<lp1:resourcetype><D:collection/></lp1:resourcetype>\n</D:prop>\n<D:status>HTTP/1.1 200 OK</D:status>\n</D:propstat>\n<D:propstat>\n<D:prop>\n<g0:getcontentlength/>\n</D:prop>\n<D:st"..., nextPtr=0x6f7f60, haveMore=1 '\001') at lib/xmlparse.c:2449 #6 0x000000383c20acf4 in contentProcessor (parser=0x6f7f30, start=0x6feb68 "��o", end=0x2aaaaaad9c80 "H\211\\$�H\211l$�H\203�\030H\213G`H\211�H\211�H\205�t\026D\213^\bE\205�~\rH\215v\030H\213\177hH\211���H\211�H\211��R���H�EH", endPtr=0x6464646464646464) at lib/xmlparse.c:2023 #7 0x000000383c20be19 in doProlog (parser=0x6f7f30, enc=0x383c420640, s=0x6fd207 "<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getl"..., end=0x6fd692 "GMT</lp1:getlastmodified>\n<lp1:resourcetype><D:collection/></lp1:resourcetype>\n</D:prop>\n<D:status>HTTP/1.1 200 OK</D:status>\n</D:propstat>\n<D:propstat>\n<D:prop>\n<g0:getcontentlength/>\n</D:prop>\n<D:st"..., tok=29, next=0x6fd207 "<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</D:href>\n<D:propstat>\n<D:prop>\n<lp1:getl"..., nextPtr=0x6f7f60, haveMore=1 '\001') at lib/xmlparse.c:3905 #8 0x000000383c20ce2b in prologProcessor (parser=0x6f7f30, s=0x6fd1e0 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., end=0x6fd692 "GMT</lp1:getlastmodified>\n<lp1:resourcetype><D:collection/></lp1:resourcetype>\n</D:prop>\n<D:status>HTTP/1.1 200 OK</D:status>\n</D:propstat>\n<D:propstat>\n<D:prop>\n<g0:getcontentlength/>\n</D:prop>\n<D:st"..., nextPtr=0x6f7f60) at lib/xmlparse.c:3635 #9 0x000000383c203fb1 in XML_ParseBuffer (parser=0x1, len=0, isFinal=0) at lib/xmlparse.c:1573 #10 0x00002aaaaaad8e89 in ne_xml_parse (p=0x6f6300, block=0x6fb010 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., len=1202) at ne_xml.c:546 #11 0x00002aaaaaacd479 in ne_read_response_block (req=0x6fafc0, buffer=0x6fb010 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"DAV:\">\n<D:response xmlns:lp1=\"DAV:\" xmlns:lp2=\"http://apache.org/dav/props/\" xmlns:g0=\"DAV:\">\n<D:href>/archives/emacs/</"..., buflen=<value optimized out>) at ne_request.c:779 #12 0x00002aaaaaacd790 in ne_discard_response (req=0x1) at ne_request.c:1334 #13 0x00002aaaaaace53b in ne_request_dispatch (req=0x6fafc0) at ne_request.c:1346 #14 0x00002aaaaaad962d in propfind (handler=0x6ff6a0, results=0x449af0 <results>, userdata=0x7ffface6a210) at ne_props.c:143 #15 0x00002aaaaaad9eaf in ne_simple_propfind (sess=<value optimized out>, href=<value optimized out>, depth=<value optimized out>, props=0x489cc0, results=0x449af0 <results>, userdata=0x7ffface6a210) at ne_props.c:616 #16 0x0000000000449df6 in pfs_directory_files (p=0x6f4dc0, path=<value optimized out>, soft_errors=1) at /usr/src/debug/tla-1.3.5/src/tla/libarch/pfs-dav.c:406 #17 0x0000000000449ef2 in pfs_file_exists (p=0x6f4dc0, path=<value optimized out>) at /usr/src/debug/tla-1.3.5/src/tla/libarch/pfs-dav.c:458 #18 0x000000000045269b in pfs_archive_version (a=0x6e2770) at /usr/src/debug/tla-1.3.5/src/tla/libarch/archive-pfs.c:261 #19 0x00000000004446f2 in arch_archive_connect_location (name=0x0, location=0x7ffface6b8ed "http://arch.sv.gnu.org/archives/emacs", want_mirror_of=0x0) at /usr/src/debug/tla-1.3.5/src/tla/libarch/archive.c:103 #20 0x0000000000418386 in arch_cmd_register_archive ( program_name=0x6e1460 "tla register-archive", argc=2, argv=0x7ffface6a490) at /usr/src/debug/tla-1.3.5/src/tla/libarch/cmd-register-archive.c:179 #21 0x000000000040277c in main (argc=3, argv=<value optimized out>) at /usr/src/debug/tla-1.3.5/src/tla/tla/tla.c:103 #22 0x0000003838e1e074 in __libc_start_main () from /lib64/libc.so.6 #23 0x0000000000402499 in _start ()
This bug does not hit Fedora 7 and older systems. I will try to replicate this on Fedora 8 and Rawhide and see.
This is identical to Debian Bug #402952: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402952 Looks like there is a problem with neon >= 0.25.2.
Created attachment 287851 [details] Patch to prevent segmentation fault on Fedora 8 onwards. The attached patch seems to fix this problem and I have created a new update -- 1.3.5-4 -- which uses it. You can find tla-1.3.5-4 on updates-testing or from http://koji.fedoraproject.org/koji/packageinfo?packageID=3996 Please let me know if this is satisfactory or not,
tla-1.3.5-4.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update tla'
tla-1.3.5-4.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update tla'
I don't know what happened to sangu, but 1.3.5-4.fc8 works for me. Thanks!
I am changing the resolution to "WORKSFORME". Feel free to comment if there are further problems.
tla-1.3.5-4.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
tla-1.3.5-4.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.