On sze, szept 25, 2013 at 21:57:59 +0200, Reyk Floeter wrote:
> Hi,
>
>
> On 25.09.2013, at 15:23, LEVAI Daniel <[email protected]> wrote:
[...]
> > Thanks! Here is gdb's output:
> >
> > # gdb /sbin/iked iked.core
> > GNU gdb 6.3
> > Copyright 2004 Free Software Foundation, Inc.
> > GDB is free software, covered by the GNU General Public License, and you are
> > welcome to change it and/or distribute copies of it under certain
> > conditions.
> > Type "show copying" to see the conditions.
> > There is absolutely no warranty for GDB. Type "show warranty" for details.
> > This GDB was configured as "i386-unknown-openbsd5.3"...
> > Core was generated by `iked'.
> > Program terminated with signal 11, Segmentation fault.
> > #0 0x1c01726b in ikev2_msg_send (env=0x86e6b000, msg=0xcfbeee10) at
> > /usr/src/sbin/iked/ikev2_msg.c:296
> > 296 m->msg_exchange = hdr->ike_exchange;
>
> this shouldn't fail, it sounds like memory corruption somewhere else.
>
> but can you also print *m and *hdr in gdb?
>
> Reyk
Good call:
# gdb /sbin/iked iked.core
GNU gdb 6.3
[...]
This GDB was configured as "i386-unknown-openbsd5.3"...
Core was generated by `iked'.
Program terminated with signal 11, Segmentation fault.
#0 0x1c01726b in ikev2_msg_send (env=0x86e6b000, msg=0xcfbeee10) at
/usr/src/sbin/iked/ikev2_msg.c:296
warning: Source file is more recent than executable.
296 m->msg_exchange = hdr->ike_exchange;
(gdb) print *m
$1 = {msg_data = 0x7eda8d60, msg_offset = 4, msg_local = {ss_len = 16 '\020',
ss_family = 2 '\002', __ss_pad1 = "\021\224N\203W, __ss_pad2 = 0,
__ss_pad3 = '\0' <repeats 239 times>}, msg_locallen = 16, msg_peer =
{ss_len = 16 '\020', ss_family = 2 '\002', __ss_pad1 = "\022\231[Rj\202",
__ss_pad2 = 0,
__ss_pad3 = '\0' <repeats 239 times>}, msg_peerlen = 16, msg_sock = 0x0,
msg_fd = 12, msg_response = 1, msg_natt = 0, msg_error = 0, msg_e = 0,
msg_parent = 0x87268c00,
msg_policy = 0x0, msg_sa = 0x89ed0000, msg_msgid = 1, msg_exchange = 0 '\0',
msg_proposals = {tqh_first = 0x0, tqh_last = 0x87268e40}, msg_rekey = {spi = 0,
spi_size = 0 '\0',
spi_protoid = 0 '\0'}, msg_nonce = 0x0, msg_ke = 0x0, msg_auth = {id_type =
0 '\0', id_offset = 0 '\0', id_buf = 0x0}, msg_id = {id_type = 0 '\0',
id_offset = 0 '\0',
id_buf = 0x0}, msg_cert = {id_type = 0 '\0', id_offset = 0 '\0', id_buf =
0x0}, msg_prop = 0x0, msg_attrlength = 0, msg_timer = {tmr_ev = {ev_next =
{tqe_next = 0x0,
tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, tqe_prev = 0x0},
ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 0, ev_base =
0x0, ev_fd = 0,
ev_events = 0, ev_ncalls = 0, ev_pncalls = 0x0, ev_timeout = {tv_sec = 0,
tv_usec = 0}, ev_pri = 0, ev_callback = 0, ev_arg = 0x0, ev_res = 0, ev_flags =
0},
tmr_env = 0x0, tmr_cb = 0, tmr_cbarg = 0x0}, msg_entry = {tqe_next = 0x0,
tqe_prev = 0x0}, msg_tries = 0}
(gdb) print *hdr
Cannot access memory at address 0x818dc000
I must say, that I'm running with: /etc/malloc.conf@ -> S
... if that alters the equation.
Daniel
--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
