Re: segfault in dhclient 5.4 please help
On Tue, Apr 15, 2014 at 8:05 AM, Otto Moerbeek o...@drijf.net wrote: Op 15 apr. 2014 om 13:13 heeft Kenneth Westerback kwesterb...@gmail.com het volgende geschreven: On 15 April 2014 08:34, Otto Moerbeek o...@drijf.net wrote: On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Not surprising *if* the gdb info is correct and the pointer parameter 'classless_static_routes' is NULL. :-) Current and 5.5 have a rewritten version of this code. Can you reproduce on current? That would be good to check, but if there a NULL pointer being passed I fear it will still fault. -Otto [snip] 1397524674.011308 96:4f:87:9c:ad:67 fe:e1:ba:d0:8e:d0 0800 373: 10.0.0.254.67 10.0.0.126.68: xid:0x95ce17 Y:10.0.0.126 S:10.0.0.254 vend-rfc1048 DHCP:ACK SID:10.0.0.254 LT:43200 RN:21600 RB:37800 SM:255.255.255.0 BR:10.0.0.255 HN:ulis-v12-GW T121:415279105,3232236030,415279114,3232236030,3232236030,167772414 NS:10.0.0.254 DG:10.0.0.254 (DF) : fee1 bad0 8ed0 964f 879c ad67 0800 4500 ...O...g..E. 0010: 0167 4000 4011 240b 0a00 00fe 0a00 .g..@.@.$... 0020: 007e 0043 0044 0153 9aa6 0201 0600 0095 .~.C.D.S 0030: ce17 0a00 007e 0a00 .~.. 0040: 00fe fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 0536 040a ..c.Sc5..6.. 0120: fe33 0400 00a8 c03a 0400 0054 603b ...3.:...T`; 0130: 0400 0093 a801 04ff 001c 040a 0140: ff0c 0b75 6c69 732d 7631 322d 4757 7918 ...ulis-v12-GWy. 0150: 18c0 a801 c0a8 01fe 18c0 a80a c0a8 01fe 0160: c0a8 01fe 0a00 00fe 0604 0a00 00fe 0304 0170: 0a00 00fe ff . Pulling out the options provided we get Options === 6382 5363 /* Cookie */ 35 01 05 /* DHCP message type */ 36 04 0a 00 00 fe /* DHCP server id */ 33 04 00 00 a8 c0 /* DHCP lease time */ 3a 04 00 00 54 60 /* DHCP renewal time */ 3b 04 00 00 93 a8 /* DHCP rebinding time */ 01 04 ff ff ff 00 /* Subnet Mask */ 1c 04 0a 00 00 ff /* Broadcast Address */ 0c 0b 75 6c 69 73 2d 76 31 32 2d 47 57 /* Hostname */ 79 18 18 c0 a8 01 c0 a8 01 fe 18 c0 a8 0a c0 a8 01 fe c0 a8 01 fe 0a 00 00 fe /Classless static routes */ 06 04 0a 00 00 fe /* Domain Name Servers */ 03 04 0a 00 00 fe /* Routers */ ff /* End of Options */ And looking at the classless static routes closer we see 79 18 18 c0 a8 01 c0 a8 01 fe /* 192.168.1/24 via 192.168.1.254 */ 18 c0 a8 0a c0 a8 01 fe /* 192.168.10/24 via 192.168.1.254 */ c0 a8 01 fe 0a 00 00 fe /* ??? */ Where the last one is, to use the technical term, fucked. It seems to specify a network with 'c0' == 192 bits. I can't see how this would cause a NULL pointer to be passed though. Ken I think the NULL is a red herring. If I see thing correctly the value comes from an expression which should never be NULL. It's pretty common for gdb to get locals or rags wrong or maybe the
Re: segfault in dhclient 5.4 please help
On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Current and 5.5 have a rewritten version of this code. Can you reproduce on current? -Otto The transmission leading to the bug, maybe it can be used as a replay test : tcpdump: listening on trunk0, link-type EN10MB 1397524649.881762 fe:e1:ba:d0:8e:d0 ff:ff:ff:ff:ff:ff 0800 342: 10.0.0.126.68 255.255.255.255.67: xid:0x38641e99 vend-rfc1048 DHCP:REQUEST HN:ulis-v12-GW RQ:10.0.0.126 PR:SM+BR+TZ+121+DG+DN+NS+HN CID:1.254.225.186.208.142.208 [tos 0x10] : fee1 bad0 8ed0 0800 4510 ..E. 0010: 0148 8011 2f18 0a00 007e .H../~.. 0020: 0044 0043 0134 3fc2 0101 0600 3864 ...D.C.4?.8d 0030: 1e99 0040: fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 030c 0b75 ..c.Sc5u 0120: 6c69 732d 7631 322d 4757 3204 0a00 007e lis-v12-GW2~ 0130: 3708 011c 0279 030f 060c 3d07 01fe e1ba 7y=. 0140: d08e d0ff 0150: .. 1397524652.887574 fe:e1:ba:d0:8e:d0 ff:ff:ff:ff:ff:ff 0800 342: 10.0.0.126.68 255.255.255.255.67: xid:0x38641e99 secs:3 vend-rfc1048 DHCP:REQUEST HN:ulis-v12-GW RQ:10.0.0.126 PR:SM+BR+TZ+121+DG+DN+NS+HN CID:1.254.225.186.208.142.208 [tos 0x10] : fee1 bad0 8ed0 0800 4510 ..E. 0010: 0148 8011 2f18 0a00 007e .H../~.. 0020: 0044 0043 0134 3fbf 0101 0600 3864 ...D.C.4?.8d 0030: 1e99 0003 0040: fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 030c 0b75 ..c.Sc5u 0120: 6c69 732d 7631 322d 4757 3204 0a00 007e lis-v12-GW2~ 0130: 3708 011c 0279 030f 060c 3d07 01fe e1ba 7y=. 0140: d08e d0ff 0150: .. 1397524658.897378 fe:e1:ba:d0:8e:d0 ff:ff:ff:ff:ff:ff 0800 342: 10.0.0.126.68 255.255.255.255.67: xid:0x38641e99 secs:9 vend-rfc1048 DHCP:REQUEST HN:ulis-v12-GW RQ:10.0.0.126 PR:SM+BR+TZ+121+DG+DN+NS+HN CID:1.254.225.186.208.142.208 [tos 0x10] :
Re: segfault in dhclient 5.4 please help
On 15 April 2014 08:34, Otto Moerbeek o...@drijf.net wrote: On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Not surprising *if* the gdb info is correct and the pointer parameter 'classless_static_routes' is NULL. :-) Current and 5.5 have a rewritten version of this code. Can you reproduce on current? That would be good to check, but if there a NULL pointer being passed I fear it will still fault. -Otto [snip] 1397524674.011308 96:4f:87:9c:ad:67 fe:e1:ba:d0:8e:d0 0800 373: 10.0.0.254.67 10.0.0.126.68: xid:0x95ce17 Y:10.0.0.126 S:10.0.0.254 vend-rfc1048 DHCP:ACK SID:10.0.0.254 LT:43200 RN:21600 RB:37800 SM:255.255.255.0 BR:10.0.0.255 HN:ulis-v12-GW T121:415279105,3232236030,415279114,3232236030,3232236030,167772414 NS:10.0.0.254 DG:10.0.0.254 (DF) : fee1 bad0 8ed0 964f 879c ad67 0800 4500 ...O...g..E. 0010: 0167 4000 4011 240b 0a00 00fe 0a00 .g..@.@.$... 0020: 007e 0043 0044 0153 9aa6 0201 0600 0095 .~.C.D.S 0030: ce17 0a00 007e 0a00 .~.. 0040: 00fe fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 0536 040a ..c.Sc5..6.. 0120: fe33 0400 00a8 c03a 0400 0054 603b ...3.:...T`; 0130: 0400 0093 a801 04ff 001c 040a 0140: ff0c 0b75 6c69 732d 7631 322d 4757 7918 ...ulis-v12-GWy. 0150: 18c0 a801 c0a8 01fe 18c0 a80a c0a8 01fe 0160: c0a8 01fe 0a00 00fe 0604 0a00 00fe 0304 0170: 0a00 00fe ff . Pulling out the options provided we get Options === 6382 5363 /* Cookie */ 35 01 05 /* DHCP message type */ 36 04 0a 00 00 fe /* DHCP server id */ 33 04 00 00 a8 c0 /* DHCP lease time */ 3a 04 00 00 54 60 /* DHCP renewal time */ 3b 04 00 00 93 a8 /* DHCP rebinding time */ 01 04 ff ff ff 00 /* Subnet Mask */ 1c 04 0a 00 00 ff /* Broadcast Address */ 0c 0b 75 6c 69 73 2d 76 31 32 2d 47 57 /* Hostname */ 79 18 18 c0 a8 01 c0 a8 01 fe 18 c0 a8 0a c0 a8 01 fe c0 a8 01 fe 0a 00 00 fe /Classless static routes */ 06 04 0a 00 00 fe /* Domain Name Servers */ 03 04 0a 00 00 fe /* Routers */ ff /* End of Options */ And looking at the classless static routes closer we see 79 18 18 c0 a8 01 c0 a8 01 fe /* 192.168.1/24 via 192.168.1.254 */ 18 c0 a8 0a c0 a8 01 fe /* 192.168.10/24 via 192.168.1.254 */ c0 a8 01 fe 0a 00 00 fe /* ??? */ Where the last one is, to use the technical term, fucked. It seems to specify a network with 'c0' == 192 bits. I can't see how this would cause a NULL pointer to be passed though. Ken
Re: segfault in dhclient 5.4 please help
Op 15 apr. 2014 om 13:13 heeft Kenneth Westerback kwesterb...@gmail.com het volgende geschreven: On 15 April 2014 08:34, Otto Moerbeek o...@drijf.net wrote: On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Not surprising *if* the gdb info is correct and the pointer parameter 'classless_static_routes' is NULL. :-) Current and 5.5 have a rewritten version of this code. Can you reproduce on current? That would be good to check, but if there a NULL pointer being passed I fear it will still fault. -Otto [snip] 1397524674.011308 96:4f:87:9c:ad:67 fe:e1:ba:d0:8e:d0 0800 373: 10.0.0.254.67 10.0.0.126.68: xid:0x95ce17 Y:10.0.0.126 S:10.0.0.254 vend-rfc1048 DHCP:ACK SID:10.0.0.254 LT:43200 RN:21600 RB:37800 SM:255.255.255.0 BR:10.0.0.255 HN:ulis-v12-GW T121:415279105,3232236030,415279114,3232236030,3232236030,167772414 NS:10.0.0.254 DG:10.0.0.254 (DF) : fee1 bad0 8ed0 964f 879c ad67 0800 4500 ...O...g..E. 0010: 0167 4000 4011 240b 0a00 00fe 0a00 .g..@.@.$... 0020: 007e 0043 0044 0153 9aa6 0201 0600 0095 .~.C.D.S 0030: ce17 0a00 007e 0a00 .~.. 0040: 00fe fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 0536 040a ..c.Sc5..6.. 0120: fe33 0400 00a8 c03a 0400 0054 603b ...3.:...T`; 0130: 0400 0093 a801 04ff 001c 040a 0140: ff0c 0b75 6c69 732d 7631 322d 4757 7918 ...ulis-v12-GWy. 0150: 18c0 a801 c0a8 01fe 18c0 a80a c0a8 01fe 0160: c0a8 01fe 0a00 00fe 0604 0a00 00fe 0304 0170: 0a00 00fe ff . Pulling out the options provided we get Options === 6382 5363 /* Cookie */ 35 01 05 /* DHCP message type */ 36 04 0a 00 00 fe /* DHCP server id */ 33 04 00 00 a8 c0 /* DHCP lease time */ 3a 04 00 00 54 60 /* DHCP renewal time */ 3b 04 00 00 93 a8 /* DHCP rebinding time */ 01 04 ff ff ff 00 /* Subnet Mask */ 1c 04 0a 00 00 ff /* Broadcast Address */ 0c 0b 75 6c 69 73 2d 76 31 32 2d 47 57 /* Hostname */ 79 18 18 c0 a8 01 c0 a8 01 fe 18 c0 a8 0a c0 a8 01 fe c0 a8 01 fe 0a 00 00 fe /Classless static routes */ 06 04 0a 00 00 fe /* Domain Name Servers */ 03 04 0a 00 00 fe /* Routers */ ff /* End of Options */ And looking at the classless static routes closer we see 79 18 18 c0 a8 01 c0 a8 01 fe /* 192.168.1/24 via 192.168.1.254 */ 18 c0 a8 0a c0 a8 01 fe /* 192.168.10/24 via 192.168.1.254 */ c0 a8 01 fe 0a 00 00 fe /* ??? */ Where the last one is, to use the technical term, fucked. It seems to specify a network with 'c0' == 192 bits. I can't see how this would cause a NULL pointer to be passed though. Ken I think the NULL is a red herring. If I see thing correctly the value comes from an expression which should never be NULL. It's pretty common for gdb to get locals or rags wrong or maybe the stack is smashed. -Otto
Re: segfault in dhclient 5.4 please help
On Tue, Apr 15, 2014 at 7:13 AM, Kenneth Westerback kwesterb...@gmail.com wrote: On 15 April 2014 08:34, Otto Moerbeek o...@drijf.net wrote: On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Not surprising *if* the gdb info is correct and the pointer parameter 'classless_static_routes' is NULL. :-) Current and 5.5 have a rewritten version of this code. Can you reproduce on current? That would be good to check, but if there a NULL pointer being passed I fear it will still fault. -Otto [snip] 1397524674.011308 96:4f:87:9c:ad:67 fe:e1:ba:d0:8e:d0 0800 373: 10.0.0.254.67 10.0.0.126.68: xid:0x95ce17 Y:10.0.0.126 S:10.0.0.254 vend-rfc1048 DHCP:ACK SID:10.0.0.254 LT:43200 RN:21600 RB:37800 SM:255.255.255.0 BR:10.0.0.255 HN:ulis-v12-GW T121:415279105,3232236030,415279114,3232236030,3232236030,167772414 NS:10.0.0.254 DG:10.0.0.254 (DF) : fee1 bad0 8ed0 964f 879c ad67 0800 4500 ...O...g..E. 0010: 0167 4000 4011 240b 0a00 00fe 0a00 .g..@.@.$... 0020: 007e 0043 0044 0153 9aa6 0201 0600 0095 .~.C.D.S 0030: ce17 0a00 007e 0a00 .~.. 0040: 00fe fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 0536 040a ..c.Sc5..6.. 0120: fe33 0400 00a8 c03a 0400 0054 603b ...3.:...T`; 0130: 0400 0093 a801 04ff 001c 040a 0140: ff0c 0b75 6c69 732d 7631 322d 4757 7918 ...ulis-v12-GWy. 0150: 18c0 a801 c0a8 01fe 18c0 a80a c0a8 01fe 0160: c0a8 01fe 0a00 00fe 0604 0a00 00fe 0304 0170: 0a00 00fe ff . Pulling out the options provided we get Options === 6382 5363 /* Cookie */ 35 01 05 /* DHCP message type */ 36 04 0a 00 00 fe /* DHCP server id */ 33 04 00 00 a8 c0 /* DHCP lease time */ 3a 04 00 00 54 60 /* DHCP renewal time */ 3b 04 00 00 93 a8 /* DHCP rebinding time */ 01 04 ff ff ff 00 /* Subnet Mask */ 1c 04 0a 00 00 ff /* Broadcast Address */ 0c 0b 75 6c 69 73 2d 76 31 32 2d 47 57 /* Hostname */ 79 18 18 c0 a8 01 c0 a8 01 fe 18 c0 a8 0a c0 a8 01 fe c0 a8 01 fe 0a 00 00 fe /Classless static routes */ 06 04 0a 00 00 fe /* Domain Name Servers */ 03 04 0a 00 00 fe /* Routers */ ff /* End of Options */ And looking at the classless static routes closer we see 79 18 18 c0 a8 01 c0 a8 01 fe /* 192.168.1/24 via 192.168.1.254 */ 18 c0 a8 0a c0 a8 01 fe /* 192.168.10/24 via 192.168.1.254 */ c0 a8 01 fe 0a 00 00 fe /* ??? */ Where the last one is, to use the technical term, fucked. It seems to specify a network with 'c0' == 192 bits. I can't see how this would cause a NULL pointer to be passed though. Ken ok the last was supposed to be 192.168.1.254/32 via 10.0.0.254, in the dhcp server but i didn't specify the subnet. with this infos i will try to replay this on last snapshots (basic test didnt fault) -- - () ascii ribbon campaign - against html e-mail
Re: segfault in dhclient 5.4 please help
On Mon, Apr 14, 2014 at 8:21 AM, sven falempin sven.falem...@gmail.com wrote: hello As far as i know, nothing change... but the machine is remote. v12-GW 14# /sbin/dhclient -l /run/dhclient.leases.trunk0 trunk0 DHCPDISCOVER on trunk0 to 255.255.255.255 port 67 interval 3 DHCPOFFER from 10.0.0.254 (96:4f:87:9c:ad:67) DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Segmentation fault I am trying to get the core file of this priviledge separated daemon. # ulimit -c unlinited write to everyone on / and / sbin just during the test. i also change sysctl core nosuidcoredump to 0 (despair ..) I dont have gdb on the machine how to get the core of dhclient. I guess i will (try to) reproduce on a recent snashots, the dhcp server is dnsmasq. (i am using it to resolve local hostanmes) Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPOFFER from 10.0.0.254 (96:4f:87:9c:ad:67) Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPREQUEST on trunk0 to 255.255.255.255 port 67 Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Apr 14 13:46:48 v12-GW /bsd: arpresolve: 10.0.0.254: can't allocate llinfo ( i am using syslogc to read logs and the begining date is not in the buffer ) I work around setting ip statically on my trunk0 and unmonitor the trunk0 leases. everything s fine like this. Someone reboot the machine since, it didnt fix the problem. Of course because setting the ip manually works the 10.0.0.254 is in arp table. (i am setting trunk0 to the ip the dhcp server is giving 10.0.0.126) v12-GW 49# arp -a ? (10.0.0.1) at 16:00:40:da:39:d0 on trunk0 ? (10.0.0.254) at 96:4f:87:9c:ad:67 on trunk0 and the dhclient is getting leases on two other interfaces, no problem. As far as i understand dhclient does not like something about the mac address, i cannot do anymore test for a few hours (like ulimit -c unlimited and restart dhclient, wheres does it dump already ?) - - - - - OpenBSD 5.4 (GENERIC) #37: Tue Jul 30 12:05:01 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 499 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX,MMXX,3DNOW2,3DNOW real mem = 536408064 (511MB) avail mem = 516194304 (492MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/70/03, BIOS32 rev. 0 @ 0xfac40 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc8000/0xa800 cpu0 at mainbus0: (uniprocessor) amdmsr0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) 0:20:0: io address conflict 0x6100/0x100 0:20:0: io address conflict 0x6200/0x200 pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x33 glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES vr0 at pci0 dev 6 function 0 VIA VT6105M RhineIII rev 0x96: irq 11, address 00:00:24:d0:8e:d0 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 7 function 0 VIA VT6105M RhineIII rev 0x96: irq 5, address 00:00:24:d0:8e:d1 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr2 at pci0 dev 8 function 0 VIA VT6105M RhineIII rev 0x96: irq 9, address 00:00:24:d0:8e:d2 ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr3 at pci0 dev 9 function 0 VIA VT6105M RhineIII rev 0x96: irq 12, address 00:00:24:d0:8e:d3 ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 ppb0 at pci0 dev 14 function 0 TI PCI2250 rev 0x02 pci1 at ppb0 bus 1 vr4 at pci1 dev 0 function 0 VIA VT6105M RhineIII rev 0x96: irq 10, address 00:00:24:cf:f5:a8 ukphy4 at vr4 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr5 at pci1 dev 1 function 0 VIA VT6105M RhineIII rev 0x96: irq 7, address 00:00:24:cf:f5:a9 ukphy5 at vr5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr6 at pci1 dev 2 function 0 VIA VT6105M RhineIII rev 0x96: irq 10, address 00:00:24:cf:f5:aa ukphy6 at vr6 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr7 at pci1 dev 3 function 0 VIA VT6105M RhineIII rev 0x96: irq 7, address 00:00:24:cf:f5:ab ukphy7 at vr7 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 glxpcib0 at pci0 dev 20 function 0 AMD CS5536 ISA rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio, i2c gpio0 at glxpcib0: 32 pins iic0 at glxpcib0 pciide0 at pci0 dev 20 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 1: SanDisk SDCFH-4096 wd0: 1-sector PIO, LBA, 3825MB, 7835184 sectors wd0(pciide0:0:1):
Re: segfault in dhclient 5.4 please help
On Mon, Apr 14, 2014 at 2:04 PM, sven falempin sven.falem...@gmail.com wrote: On Mon, Apr 14, 2014 at 8:21 AM, sven falempin sven.falem...@gmail.com wrote: hello As far as i know, nothing change... but the machine is remote. v12-GW 14# /sbin/dhclient -l /run/dhclient.leases.trunk0 trunk0 DHCPDISCOVER on trunk0 to 255.255.255.255 port 67 interval 3 DHCPOFFER from 10.0.0.254 (96:4f:87:9c:ad:67) DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Segmentation fault I am trying to get the core file of this priviledge separated daemon. # ulimit -c unlinited write to everyone on / and / sbin just during the test. i also change sysctl core nosuidcoredump to 0 (despair ..) I dont have gdb on the machine how to get the core of dhclient. I guess i will (try to) reproduce on a recent snashots, the dhcp server is dnsmasq. (i am using it to resolve local hostanmes) Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPOFFER from 10.0.0.254 (96:4f:87:9c:ad:67) Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPREQUEST on trunk0 to 255.255.255.255 port 67 Apr 14 13:46:48 v12-GW dhclient[1810]: DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Apr 14 13:46:48 v12-GW /bsd: arpresolve: 10.0.0.254: can't allocate llinfo ( i am using syslogc to read logs and the begining date is not in the buffer ) I work around setting ip statically on my trunk0 and unmonitor the trunk0 leases. everything s fine like this. Someone reboot the machine since, it didnt fix the problem. Of course because setting the ip manually works the 10.0.0.254 is in arp table. (i am setting trunk0 to the ip the dhcp server is giving 10.0.0.126) v12-GW 49# arp -a ? (10.0.0.1) at 16:00:40:da:39:d0 on trunk0 ? (10.0.0.254) at 96:4f:87:9c:ad:67 on trunk0 and the dhclient is getting leases on two other interfaces, no problem. As far as i understand dhclient does not like something about the mac address, i cannot do anymore test for a few hours (like ulimit -c unlimited and restart dhclient, wheres does it dump already ?) - - - - - OpenBSD 5.4 (GENERIC) #37: Tue Jul 30 12:05:01 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 499 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX,MMXX,3DNOW2,3DNOW real mem = 536408064 (511MB) avail mem = 516194304 (492MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/70/03, BIOS32 rev. 0 @ 0xfac40 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc8000/0xa800 cpu0 at mainbus0: (uniprocessor) amdmsr0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) 0:20:0: io address conflict 0x6100/0x100 0:20:0: io address conflict 0x6200/0x200 pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x33 glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES vr0 at pci0 dev 6 function 0 VIA VT6105M RhineIII rev 0x96: irq 11, address 00:00:24:d0:8e:d0 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 7 function 0 VIA VT6105M RhineIII rev 0x96: irq 5, address 00:00:24:d0:8e:d1 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr2 at pci0 dev 8 function 0 VIA VT6105M RhineIII rev 0x96: irq 9, address 00:00:24:d0:8e:d2 ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr3 at pci0 dev 9 function 0 VIA VT6105M RhineIII rev 0x96: irq 12, address 00:00:24:d0:8e:d3 ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 ppb0 at pci0 dev 14 function 0 TI PCI2250 rev 0x02 pci1 at ppb0 bus 1 vr4 at pci1 dev 0 function 0 VIA VT6105M RhineIII rev 0x96: irq 10, address 00:00:24:cf:f5:a8 ukphy4 at vr4 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr5 at pci1 dev 1 function 0 VIA VT6105M RhineIII rev 0x96: irq 7, address 00:00:24:cf:f5:a9 ukphy5 at vr5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr6 at pci1 dev 2 function 0 VIA VT6105M RhineIII rev 0x96: irq 10, address 00:00:24:cf:f5:aa ukphy6 at vr6 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr7 at pci1 dev 3 function 0 VIA VT6105M RhineIII rev 0x96: irq 7, address 00:00:24:cf:f5:ab ukphy7 at vr7 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 glxpcib0 at pci0 dev 20 function 0 AMD CS5536 ISA rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio, i2c gpio0 at glxpcib0: 32 pins iic0 at glxpcib0 pciide0 at pci0 dev 20 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive
Re: segfault in dhclient 5.4 please help
On 4/14/14, sven falempin sven.falem...@gmail.com wrote: [..] OpenBSD 5.4 (GENERIC) #37: Tue Jul 30 12:05:01 MDT 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC [...] so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 that rdomain value looks awful funny. You aren't by chance mixing binaries pre/post time_t change? But, don't mind me too much. Wait for someone with actual knowledge in this area. --patrick