[Chilli] Chilli 1.2.9 sudently crash

Mohsen Saeedi mohsen.saeedi at gmail.com
Fri Sep 7 05:55:30 UTC 2012 

An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20120907/5a6ea011/attachment.html>
-------------- next part --------------
Missing separate debuginfo for 
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/74/22987f6cfa699f465b0327139aac3fdac4a838 /var/cache/abrt-di/usr/lib/debug/.build-id/74/22987f6cfa699f465b0327139aac3fdac4a838
[New Thread 5270]
[Thread debugging using libthread_db enabled]
Core was generated by `/usr/sbin/chilli -c /etc/chilli.conf --pidfile=/var/run/chilli.pid'.
Program terminated with signal 11, Segmentation fault.
#0  copy_mac6 (dst=0x7fffd9a96f76 "", src=0x5 <Address 0x5 out of bounds>) at util.c:60
60	  dst[0]=src[0]; dst[1]=src[1];

Thread 1 (Thread 0x7f82174df7c0 (LWP 5270)):
#0  copy_mac6 (dst=0x7fffd9a96f76 "", src=0x5 <Address 0x5 out of bounds>) at util.c:60
No locals.
#1  0x00007f821709f34c in dhcp_ethhdr (conn=0x1858d10, packet=0x7fffd9a96f70 "", hismac=<value optimized out>, nexthop=0x5 <Address 0x5 out of bounds>, prot=<value optimized out>) at dhcp.c:4126
        pack_ethh = 0x7fffd9a96f70
#2  0x00007f82170a70d4 in dhcp_data_req (conn=0x1858d10, pack=<value optimized out>, len=<value optimized out>, ethhdr=<value optimized out>) at dhcp.c:4324
        this = 0x0
        packet = "\000\000\000\000\000\000\000\f)y\035\215\b\000E\000\000b\n\023\000\000@\021\066n\n\a\222\001\n\a\223\373\000\065(\002\000NN\223\357\225\201\200\000\001\000\002\000\000\000\000\003www\016gingersoftware\003com\000\000\001\000\001\300\f\000\005\000\001\000\000\n{\000\002\300\020\300\020\000\001\000\001\000\000\n|\000\004\255\347\222\346com\002s3\tamazonaws\300\036\300\063\000\005\000\001\000\000\t`\000\t\006s3-1-w\300L\300d\000\001\000\001\000\000\000<\000\004H\025\302 \023\002--1\022\060\020\006\003U\004\b\f\tSomeState1\021\060\017\006\003U\004\a\f\bSomeCity1\031\060\027\006\003U\004\n\f\020"...
        length = 112
        tag = <value optimized out>
        pkt = 0x7fffd9a96f70 ""
        do_checksum = 0 '\000'
        allowed = 0 '\000'
        authstate = 0
#3  0x00007f8217089d84 in cb_tun_ind (tun=<value optimized out>, pack=0x7fffd9ab7140, len=98, idx=<value optimized out>) at chilli.c:2373
        dst = {s_addr = 4220716810}
        ipm = 0x17b96f0
        appconn = 0x184a330
        udph = <value optimized out>
        ipph = <value optimized out>
        ethhdr = <value optimized out>
#4  0x00007f82170b54d1 in net_read_dispatch (netif=<value optimized out>, func=0x7f821708a680 <tun_decaps_cb>, ctx=0x7fffd9ac7170) at net.c:712
        packet = "E\000\000b\n\023\000\000@\021\066n\n\a\222\001\n\a\223\373\000\065(\002\000NN\223\357\225\201\200\000\001\000\002\000\000\000\000\003www\016gingersoftware\003com\000\000\001\000\001\300\f\000\005\000\001\000\000\n{\000\002\300\020\300\020\000\001\000\001\000\000\n|\000\004\255\347\222\346com\002s3\tamazonaws\300\036\300\063\000\005\000\001\000\000\t`\000\t\006s3-1-w\300L\300d\000\001\000\001\000\000\000<\000\004H\025\302 \023\002--1\022\060\020\006\003U\004\b\f\tSomeState1\021\060\017\006\003U\004\a\f\bSomeCity1\031\060\027\006\003U\004\n\f\020SomeOrganizat"...
        length = <value optimized out>
#5  0x00007f821708a9a7 in tun_decaps (this=<value optimized out>, idx=<value optimized out>) at tun.c:884
        length = <value optimized out>
        c = {this = 0x17b6530, idx = 0}
#6  0x00007f82170b4a19 in net_run_selected (sctx=0x7fffd9ac7210, status=1) at net.c:617
        sfd = <value optimized out>
        i = 0
#7  0x00007f8217086087 in chilli_main (argc=4, argv=0x7fffd9ac7df8) at chilli.c:6197
        sctx = {count = 9, desc = {{fd = 4, idx = 0, evts = 1 '\001', cb = 0x7f821708a940 <tun_decaps>, ctx = 0x17b6530}, {fd = 13, idx = 0, evts = 1 '\001', cb = 0x7f821707fc70 <chilli_handle_signal>, ctx = 0x0}, {fd = 7, idx = 0, evts = 1 '\001', cb = 0x7f821708f110 <radius_decaps>, ctx = 0x17c0330}, {fd = 5, idx = 0, evts = 1 '\001', cb = 0x7f82170a0760 <dhcp_decaps>, ctx = 0x17bb3e0}, {fd = 10, idx = 0, evts = 1 '\001', cb = 0x7f8217086bd0 <redir_msg>, ctx = 0x17b61a0}, {fd = 8, idx = 0, evts = 1 '\001', cb = 0x7f821709eed0 <redir_accept>, ctx = 0x17b61a0}, {fd = 9, idx = 1, evts = 1 '\001', cb = 0x7f821709eed0 <redir_accept>, ctx = 0x17b61a0}, {fd = 15, idx = 0, evts = 1 '\001', cb = 0x7f821707b820 <rtmon_accept>, ctx = 0x7f82172d0340}, {fd = 11, idx = 11, evts = 1 '\001', cb = 0x7f8217081d10 <cmdsock_accept>, ctx = 0x0}, {fd = 0, idx = 0, evts = 0 '\000', cb = 0, ctx = 0x0} <repeats 47 times>}, efd = 12, events = {{events = 1, data = {ptr = 0x7fffd9ac7218, fd = -643010024, u32 = 3651957272, u64 = 140736845345304}}, {events = 1, data = {ptr = 0x7fffd9ac7238, fd = -643009992, u32 = 3651957304, u64 = 140736845345336}}, {events = 1, data = {ptr = 0x7fffd9ac7218, fd = -643010024, u32 = 3651957272, u64 = 140736845345304}}, {events = 1, data = {ptr = 0x7fffd9ac7238, fd = -643009992, u32 = 3651957304, u64 = 140736845345336}}, {events = 0, data = {ptr = 0x0, fd = 0, u32 = 0, u64 = 0}} <repeats 52 times>}}
        status = 1
        lastSecond = 6868
        cmdsock = 11
        cpid = <value optimized out>
        i = <value optimized out>
        keep_going = 1
        reload_config = 0
#8  0x00007f82158aacdd in __libc_start_main (main=0x400860 <main>, argc=4, ubp_av=0x7fffd9ac7df8, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fffd9ac7de8) at libc-start.c:226
        result = <value optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -9085594755115986989, 4196208, 140736845348336, 0, 0, 9085670221895225299, 9146055068147568595}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x400940, 0x7fffd9ac7df8}, data = {prev = 0x0, cleanup = 0x0, canceltype = 4196672}}}
        not_first_call = <value optimized out>
#9  0x0000000000400799 in _start ()
No symbol table info available.
From                To                  Syms Read   Shared Object Library
0x00007f821707b400  0x00007f82170bd188  Yes         /usr/lib64/libchilli.so.0.0.0
0x00007f8216e66d00  0x00007f8216e6d7b8  Yes         /usr/lib64/libbstring.so.0.0.0
0x00007f8216c610c0  0x00007f8216c638a8  Yes         /usr/lib64/libjson.so.0.0.0
0x00007f8216a18570  0x00007f8216a4a0c8  Yes (*)     /usr/lib64/libssl.so.10
0x00007f82166c6a00  0x00007f821678ddd8  Yes (*)     /usr/lib64/libcrypto.so.10
0x00007f82164680b0  0x00007f8216469425  Yes         /usr/lib64/libnetfilter_queue.so.1
0x00007f8216262830  0x00007f8216265647  Yes (*)     /usr/lib64/libnfnetlink.so.0
0x00007f8216030c00  0x00007f8216049ee8  Yes (*)     /usr/lib64/libpcap.so.1
0x00007f8215e26de0  0x00007f8215e27998  Yes         /lib64/libdl-2.12.so
0x00007f8215c20140  0x00007f8215c234f8  Yes         /lib64/librt-2.12.so
0x00007f82158aaa20  0x00007f82159ca52c  Yes         /lib64/libc-2.12.so
0x00007f8215653e20  0x00007f8215680968  Yes         /lib64/libgssapi_krb5.so.2.2
0x00007f8215385610  0x00007f82153fa7c8  Yes         /lib64/libkrb5.so.3.3
0x00007f82151683f0  0x00007f8215168fc8  Yes         /lib64/libcom_err.so.2.1
0x00007f8214f3f7c0  0x00007f8214f59468  Yes         /lib64/libk5crypto.so.3.1
0x00007f8214d26f30  0x00007f8214d321b8  Yes         /lib64/libz.so.1.2.3
0x00007f82172d1b00  0x00007f82172ea85b  Yes         /lib64/ld-2.12.so
0x00007f8214b0d660  0x00007f8214b18eb8  Yes         /lib64/libpthread-2.12.so
0x00007f82148ff840  0x00007f8214904a08  Yes         /lib64/libkrb5support.so.0.1
0x00007f82146fabf0  0x00007f82146fb1d8  Yes         /lib64/libkeyutils.so.1.3
0x00007f82144e3930  0x00007f82144f28a8  Yes         /lib64/libresolv-2.12.so
0x00007f82142c6850  0x00007f82142d6c78  Yes         /lib64/libselinux.so.1
(*): Shared library is missing debugging information.
$1 = 0x0
No symbol "__glib_assert_msg" in current context.
rax            0x0	0
rbx            0x7fffd9a96f70	140736845148016
rcx            0x0	0
rdx            0x0	0
rsi            0x5	5
rdi            0x7fffd9a96f76	140736845148022
rbp            0x1858d10	0x1858d10
rsp            0x7fffd9a96f08	0x7fffd9a96f08
r8             0x0	0
r9             0x0	0
r10            0x0	0
r11            0x6637735	107181877
r12            0x5	5
r13            0x8	8
r14            0x0	0
r15            0x7fffd9a96f70	140736845148016
rip            0x7f82170abb80	0x7f82170abb80 <copy_mac6>
eflags         0x10246	[ PF ZF IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
Dump of assembler code for function copy_mac6:
=> 0x00007f82170abb80 <+0>:	movzbl (%rsi),%r10d
   0x00007f82170abb84 <+4>:	mov    %r10b,(%rdi)
   0x00007f82170abb87 <+7>:	movzbl 0x1(%rsi),%r9d
   0x00007f82170abb8c <+12>:	mov    %r9b,0x1(%rdi)
   0x00007f82170abb90 <+16>:	movzbl 0x2(%rsi),%r8d
   0x00007f82170abb95 <+21>:	mov    %r8b,0x2(%rdi)
   0x00007f82170abb99 <+25>:	movzbl 0x3(%rsi),%ecx
   0x00007f82170abb9d <+29>:	mov    %cl,0x3(%rdi)
   0x00007f82170abba0 <+32>:	movzbl 0x4(%rsi),%edx
   0x00007f82170abba4 <+36>:	mov    %dl,0x4(%rdi)
   0x00007f82170abba7 <+39>:	movzbl 0x5(%rsi),%eax
   0x00007f82170abbab <+43>:	mov    %al,0x5(%rdi)
   0x00007f82170abbae <+46>:	retq   
End of assembler dump.

More information about the Chilli mailing list