Core dump with rasort.

Carter Bullard carter at qosient.com
Tue Feb 20 18:51:22 EST 2001


Hey Peter,
   The patch didn't take, as queue->size should be equal to
queue->count.  If not there is a problem.  The single patch
doesn't work for both file, as the line offsets are way
off.  Grab beta.6 from the server.  All the patches are there,
as well as our ntohll().

Carter

Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York  10022

carter at qosient.com
Phone +1 212 588-9133
Fax   +1 212 588-9134

> -----Original Message-----
> From: Peter Van Epp [mailto:vanepp at sfu.ca]
> Sent: Tuesday, February 20, 2001 10:57 AM
> To: Carter Bullard
> Cc: argus
> Subject: Re: Core dump with rasort.
> 
> 
> 	The ramon patch fixes it for my test cases (tried last 
> night) but
> rasort despite being the same patch still seg faults looks 
> like in the same
> place:
> 
> gcc -o ../bin/argus_bpf argus.o ArgusAuth.o ArgusModeler.o 
> ArgusOutput.o ArgusSource.o ArgusUtil.o Argus_tcp.o 
> Argus_udp.o Argus_icmp.o Argus_app.o Argus_arp.o Argus_frag.o 
> Argus_esp.o Argus_mac.o version.o ../lib/libpcap.a  
> ../lib/argus_common.a  -lm
> test4# cd bin
> test4# ./rasort -r argus.test
> Segmentation fault (core dumped)
> test4# gdb ./rasort rasort.core
> GNU gdb 4.18
> Copyright 1998 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public 
> License, and you are
> welcome to change it and/or distribute copies of it under 
> certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show 
> warranty" for details.
> This GDB was configured as "i386-unknown-freebsd"...
> Core was generated by `rasort'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/lib/libc_r.so.4...done.
> Reading symbols from /usr/libexec/ld-elf.so.1...done.
> #0  0x804a1de in RaSortQueue (queue=0x81320e0) at ./rasort.c:577
> 577           queue->array[i]->index = i;
> (gdb) print queue->array[i]->index    
> Cannot access memory at address 0x4.
> (gdb) print queue
> $1 = (struct RaQueueStruct *) 0x81320e0
> (gdb) print *queue
> $2 = {head = 0, tail = 19, count = 19, size = 128, array = 0x8148400}
> (gdb) print i
> $3 = 0
> (gdb) print queue->array[0]
> $4 = (struct ArgusQueueHeader *) 0x0
> (gdb) 
> 
> Peter Van Epp / Operations and Technical Support 
> Simon Fraser University, Burnaby, B.C. Canada
> 
> 
> > 
> > Yes, Peter and I have been working on this one.  Problem
> > exists for rasort() and ramon().  Same patch, with line
> > offsets.
> > 
> > Carter
> > 
> > Carter Bullard
> > QoSient, LLC
> > 300 E. 56th Street, Suite 18K
> > New York, New York  10022
> > 
> > carter at qosient.com
> > Phone +1 212 588-9133
> > Fax   +1 212 588-9134
> > 
> > Index: ramon.c
> > ===================================================================
> > RCS file: /usr/local/cvsroot/argus/clients/ramon.c,v
> > retrieving revision 1.32
> > diff -r1.32 ramon.c
> > 2145c2145,2146
> > <    }
> > ---
> > >    } else
> > >       queue->size = queue->count;
> > 
> > Index: rasort.c
> > ===================================================================
> > RCS file: /usr/local/cvsroot/argus/clients/rasort.c,v
> > retrieving revision 1.26
> > retrieving revision 1.27
> > diff -r1.26 -r1.27
> > 639c639,640
> > <    }
> > ---
> > >    } else
> > >       queue->size = queue->count;
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: owner-argus at lists.andrew.cmu.edu
> > > [mailto:owner-argus at lists.andrew.cmu.edu]On Behalf Of Scott 
> > > A. McIntyre
> > > Sent: Tuesday, February 20, 2001 1:15 AM
> > > To: Argus Mailing List
> > > Subject: Core dump with rasort.
> > > 
> > > 
> > > Hi,
> > > 
> > > RA:      Ra Version 2.0.0.beta.5
> > > TCPDUMP: tcpdump version 3.6 libpcap version 0.6
> > >  
> > > GCC:     Using builtin specs.
> > > gcc version 2.95.2 19991024 (release)
> > >  
> > > LIBC:
> > > -r--r--r--  1 root  wheel  1169076 Nov 20 12:59 /usr/lib/libc.a
> > > lrwxrwxrwx  1 root  wheel  9 Feb 14 12:50 /usr/lib/libc.so -> 
> > > libc.so.4
> > > -r--r--r--  1 root  wheel  559196 Nov 20 12:59 /usr/lib/libc.so.4
> > > 
> > > 
> > > Command:
> > > rasort -s packets -n -r new_argus_data - tcp
> > > 
> > > Result:
> > > 
> > > Core was generated by `rasort'.
> > > Program terminated with signal 11, Segmentation fault.
> > > Reading symbols from /usr/lib/libc_r.so.4...(no debugging 
> > > symbols found)...done.
> > > Reading symbols from /usr/libexec/ld-elf.so.1...(no debugging 
> > > symbols found)...done.
> > > #0  0x804a1b6 in RaSortQueue () 
> > > (gdb) bt
> > > #0  0x804a1b6 in RaSortQueue ()
> > > #1  0x8049958 in RaParseComplete ()
> > > #2  0x804b357 in ArgusShutDown ()
> > > #3  0x804b31f in main ()
> > > #4  0x804972d in _start ()
> > > 
> > > 
> > > Using the patched FreeBSD kernel as well.
> > > 
> > > Ideas?
> > > 
> > > Scott
> > > 
> > > 
> > > 
> > 
> > ------=_NextPart_000_004D_01C09B11.C11B8750
> > Content-Type: text/html;
> > 	charset="us-ascii"
> > Content-Transfer-Encoding: quoted-printable
> > 
> > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
> > <HTML>
> > <HEAD>
> > <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
> > charset=3DWindows-1252">
> > <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
> > 6.0.4417.0">
> > <TITLE>RE: Core dump with rasort.</TITLE>
> > </HEAD>
> > <BODY>
> > <!-- Converted from text/plain format -->
> > 
> > <P><FONT SIZE=3D2>Yes, Peter and I have been working on 
> this one.  =
> > Problem</FONT>
> > 
> > <BR><FONT SIZE=3D2>exists for rasort() and ramon().  
> Same patch, =
> > with line</FONT>
> > 
> > <BR><FONT SIZE=3D2>offsets.</FONT>
> > </P>
> > 
> > <P><FONT SIZE=3D2>Carter</FONT>
> > </P>
> > 
> > <P><FONT SIZE=3D2>Carter Bullard</FONT>
> > 
> > <BR><FONT SIZE=3D2>QoSient, LLC</FONT>
> > 
> > <BR><FONT SIZE=3D2>300 E. 56th Street, Suite 18K</FONT>
> > 
> > <BR><FONT SIZE=3D2>New York, New York  10022</FONT>
> > </P>
> > 
> > <P><FONT SIZE=3D2>carter at qosient.com</FONT>
> > 
> > <BR><FONT SIZE=3D2>Phone +1 212 588-9133</FONT>
> > 
> > <BR><FONT SIZE=3D2>Fax   +1 212 588-9134</FONT>
> > </P>
> > 
> > <P><FONT SIZE=3D2>Index: ramon.c</FONT>
> > 
> > <BR><FONT =
> > 
> SIZE=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=
> > 
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</FONT>
> > 
> > <BR><FONT SIZE=3D2>RCS file: =
> > /usr/local/cvsroot/argus/clients/ramon.c,v</FONT>
> > 
> > <BR><FONT SIZE=3D2>retrieving revision 1.32</FONT>
> > 
> > <BR><FONT SIZE=3D2>diff -r1.32 ramon.c</FONT>
> > 
> > <BR><FONT SIZE=3D2>2145c2145,2146</FONT>
> > 
> > <BR><FONT SIZE=3D2><    }</FONT>
> > 
> > <BR><FONT SIZE=3D2>---</FONT>
> > 
> > <BR><FONT SIZE=3D2>>    } else</FONT>
> > 
> > <BR><FONT SIZE=3D2>>       =
> > queue->size =3D queue->count;</FONT>
> > </P>
> > 
> > <P><FONT SIZE=3D2>Index: rasort.c</FONT>
> > 
> > <BR><FONT =
> > 
> SIZE=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=
> > 
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</FONT>
> > 
> > <BR><FONT SIZE=3D2>RCS file: =
> > /usr/local/cvsroot/argus/clients/rasort.c,v</FONT>
> > 
> > <BR><FONT SIZE=3D2>retrieving revision 1.26</FONT>
> > 
> > <BR><FONT SIZE=3D2>retrieving revision 1.27</FONT>
> > 
> > <BR><FONT SIZE=3D2>diff -r1.26 -r1.27</FONT>
> > 
> > <BR><FONT SIZE=3D2>639c639,640</FONT>
> > 
> > <BR><FONT SIZE=3D2><    }</FONT>
> > 
> > <BR><FONT SIZE=3D2>---</FONT>
> > 
> > <BR><FONT SIZE=3D2>>    } else</FONT>
> > 
> > <BR><FONT SIZE=3D2>>       =
> > queue->size =3D queue->count;</FONT>
> > </P>
> > <BR>
> > <BR>
> > 
> > <P><FONT SIZE=3D2>> -----Original Message-----</FONT>
> > 
> > <BR><FONT SIZE=3D2>> From: 
> owner-argus at lists.andrew.cmu.edu</FONT>
> > 
> > <BR><FONT SIZE=3D2>> [<A =
> > 
> HREF=3D"mailto:owner-argus at lists.andrew.cmu.edu">mailto:owner-
> argus at lists=
> > .andrew.cmu.edu</A>]On Behalf Of Scott </FONT>
> > 
> > <BR><FONT SIZE=3D2>> A. McIntyre</FONT>
> > 
> > <BR><FONT SIZE=3D2>> Sent: Tuesday, February 20, 2001 
> 1:15 AM</FONT>
> > 
> > <BR><FONT SIZE=3D2>> To: Argus Mailing List</FONT>
> > 
> > <BR><FONT SIZE=3D2>> Subject: Core dump with rasort.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Hi,</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> RA:      
> Ra Version =
> > 2.0.0.beta.5</FONT>
> > 
> > <BR><FONT SIZE=3D2>> TCPDUMP: tcpdump version 3.6 
> libpcap version =
> > 0.6</FONT>
> > 
> > <BR><FONT SIZE=3D2>>  </FONT>
> > 
> > <BR><FONT SIZE=3D2>> GCC:     Using builtin =
> > specs.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> gcc version 2.95.2 19991024 (release)</FONT>
> > 
> > <BR><FONT SIZE=3D2>>  </FONT>
> > 
> > <BR><FONT SIZE=3D2>> LIBC:</FONT>
> > 
> > <BR><FONT SIZE=3D2>> -r--r--r--  1 root  wheel  =
> > 1169076 Nov 20 12:59 /usr/lib/libc.a</FONT>
> > 
> > <BR><FONT SIZE=3D2>> lrwxrwxrwx  1 root  
> wheel  9 Feb =
> > 14 12:50 /usr/lib/libc.so -> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> libc.so.4</FONT>
> > 
> > <BR><FONT SIZE=3D2>> -r--r--r--  1 root  
> wheel  559196 =
> > Nov 20 12:59 /usr/lib/libc.so.4</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Command:</FONT>
> > 
> > <BR><FONT SIZE=3D2>> rasort -s packets -n -r new_argus_data - =
> > tcp</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Result:</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Core was generated by `rasort'.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> Program terminated with signal 11, 
> Segmentation =
> > fault.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> Reading symbols from 
> /usr/lib/libc_r.so.4...(no =
> > debugging </FONT>
> > 
> > <BR><FONT SIZE=3D2>> symbols found)...done.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> Reading symbols from =
> > /usr/libexec/ld-elf.so.1...(no debugging </FONT>
> > 
> > <BR><FONT SIZE=3D2>> symbols found)...done.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #0  0x804a1b6 in RaSortQueue () </FONT>
> > 
> > <BR><FONT SIZE=3D2>> (gdb) bt</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #0  0x804a1b6 in RaSortQueue ()</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #1  0x8049958 in 
> RaParseComplete ()</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #2  0x804b357 in ArgusShutDown 
> ()</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #3  0x804b31f in main ()</FONT>
> > 
> > <BR><FONT SIZE=3D2>> #4  0x804972d in _start ()</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Using the patched FreeBSD kernel as 
> well.</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Ideas?</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> Scott</FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > 
> > <BR><FONT SIZE=3D2>> </FONT>
> > </P>
> > 
> > </BODY>
> > </HTML>
> > ------=_NextPart_000_004D_01C09B11.C11B8750--
> > 
> > 
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20010220/4a6e3f31/attachment.html>


More information about the argus mailing list