系统：Solaris 9 x86, gcc 3.3.2, kbs 2.0 CVS

Telnet发文章，按“L”后回车，掉线，但是版面上已经有了该文章，
偶尔也出现过不掉线的情况。

GDB信息：

# gdb /export/home0/bbs/bin/bbsd
GNU gdb 6.0
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-pc-solaris2.9"...
(gdb) attach 13472
Attaching to program `/export/home0/bbs/bin/bbsd', process 13472
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/local/lib/libz.so.1...done.
Loaded symbols for /usr/local/lib/libz.so.1
Reading symbols from /usr/lib/libpthread.so.1...done.
Loaded symbols for /usr/lib/libpthread.so.1
Reading symbols from /usr/local/lib/libltdl.so.3...done.
Loaded symbols for /usr/local/lib/libltdl.so.3
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/local/lib/libgcc_s.so.1...done.
Loaded symbols for /usr/local/lib/libgcc_s.so.1
Reading symbols from /usr/lib/libthread.so.1...done.
Loaded symbols for /usr/lib/libthread.so.1
sol-thread active.
Retry #1:
Retry #2:
Retry #3:
Retry #4:
[New LWP    1        ]
[New Thread 1 (LWP 1)]
Symbols already loaded for /usr/lib/libnsl.so.1
Symbols already loaded for /usr/lib/libsocket.so.1
Symbols already loaded for /usr/local/lib/libz.so.1
Symbols already loaded for /usr/lib/libpthread.so.1
Symbols already loaded for /usr/local/lib/libltdl.so.3
Symbols already loaded for /usr/lib/libdl.so.1
Symbols already loaded for /usr/lib/libc.so.1
Symbols already loaded for /usr/lib/libmp.so.2
Symbols already loaded for /usr/local/lib/libgcc_s.so.1
Symbols already loaded for /usr/lib/libthread.so.1
[Switching to Thread 1 (LWP 1)]
0xd118d26d in _poll () from /usr/lib/libc.so.1
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0xd11ab4ee in strncasecmp () from /usr/lib/libc.so.1
(gdb) bt
#0  0xd11ab4ee in strncasecmp () from /usr/lib/libc.so.1
#1  0x080a2e7a in getboardnum (bname=0xd1040240 <Address 0xd1040240 out of bounds>, bh=0x0)
    at bcache.c:329
#2  0x080a2334 in updatelastpost (board=0xd1040240 <Address 0xd1040240 out of bounds>)
    at bcache.c:86
#3  0x080dd10c in after_post (user=0xd057cac0, fh=0x8046a50,
    boardname=0xd1040240 <Address 0xd1040240 out of bounds>, re=0x0, poststat=1,
    session=0x8147900) at article.c:1223
#4  0x080654bf in post_article (conf=0x8046e20, q_file=0x80f7f8a "", re_file=0x0) at bbs.c:2869
#5  0x08063a44 in do_post (conf=0x8046e20, fileinfo=0x816d5cc, extraarg=0x0) at bbs.c:2283
#6  0x080ed810 in read_key (conf=0x8046e20, command=16) at newread.c:228
#7  0x080c6247 in do_select_internal (conf=0x8046e20, key=16) at select.c:368
#8  0x080c62d1 in list_select (conf=0x8046e20, key=16) at select.c:388
#9  0x080c660f in list_select_loop (conf=0x8046e20) at select.c:486
#10 0x080ee966 in new_i_read (cmdmode=DIR_MODE_NORMAL, direct=0x8046fe0 "boards/vote/.DIR",
    dotitle=0x805f8c1 <readtitle>, doentry=0x805fe79 <readdoent>, rcmdlist=0x813c140, ssize=140)
    at newread.c:675
#11 0x0806cddf in Read () at bbs.c:6214
#12 0x080bc270 in fav_onselect (conf=0x80477d0) at boards_t.c:714
#13 0x080c5d8d in do_select_internal (conf=0x80477d0, key=4099) at select.c:268
#14 0x080c6443 in list_select (conf=0x80477d0, key=13) at select.c:425
#15 0x080c660f in list_select_loop (conf=0x80477d0) at select.c:486
#16 0x080bde0a in choose_board (newflag=1, boardprefix=0xd10a27f5 "0", group=0, favmode=0)
    at boards_t.c:1437
#17 0x080ba4d2 in EGroup (cmd=0xd10a2567 "0BBS") at boards_t.c:23
#18 0x080883bf in domenu (menu_name=0xd10a1f61 "M_EGROUP") at comm_lists.c:651
#19 0x080883bf in domenu (menu_name=0x810ef48 "TOPMENU") at comm_lists.c:651
#20 0x080cbe6c in main_bbs (convit=0, argv=0x8047e78 "bbsd:hutu") at newmain_single.c:1141
#21 0x080c4c14 in bbs_main (argv=0x8047e78 "bbsd:hutu") at bbsd_single.c:771
#22 0x080c4ddb in bbs_standalone_main (argv=0x8047e78 "bbsd:hutu") at bbsd_single.c:914
#23 0x080c4f17 in main (argc=3, argv=0x8047d98) at bbsd_single.c:1009
(gdb) frame 1
#1  0x080a2e7a in getboardnum (bname=0xd1040240 <Address 0xd1040240 out of bounds>, bh=0x0)
    at bcache.c:329
329             if (!strncasecmp(bname, bcache[i].filename, STRLEN)) {
(gdb) up 1
#2  0x080a2334 in updatelastpost (board=0xd1040240 <Address 0xd1040240 out of bounds>)
    at bcache.c:86
86          pos = getboardnum(board,NULL);       /* board name --> board No. */
(gdb) p board
$1 = 0xd1040240 <Address 0xd1040240 out of bounds>
--
修改:linton FROM 220.173.136.*
FROM 220.173.136.*