Random crashing with rc.40 on Linux

Jonathan Towne jontow at hijacked.us
Thu Mar 8 10:39:11 EST 2007 

On Thu, Mar 08, 2007 at 09:58:44AM -0500, Jonathan Towne scribbled:
# On Thu, Mar 08, 2007 at 02:08:14PM +0000, carter at qosient.com scribbled:
# [snip]
# # 
# #    argus -r dump.file -w out.file
# # 

Ok, using the above technique and adding '-ggdb' to the environment
I've gained the following:



(gdb) run -r 2007-03-07_19:10:00-argus-crashes.arg -w test
Starting program: /usr/local/sbin/argus -r 2007-03-07_19:10:00-argus-crashes.arg -w test
argus[37968]: 08 Mar 07 10:32:38.089016 started

Program received signal SIGSEGV, Segmentation fault.
0x0805223f in ArgusOpenInterface (src=0x8220000, inf=0x8220060) at ArgusSource.c:100
100        if ((inf->ArgusPd = pcap_open_live(device->name, src->ArgusSnapLen, !src->Arguspflag, 100, errbuf)) != NULL) {
(gdb) bt full
#0  0x0805223f in ArgusOpenInterface (src=0x8220000, inf=0x8220060) at ArgusSource.c:100
        device = (struct ArgusDeviceStruct *) 0x0
        errbuf = "??a 9\n(jU\b(?\222\004\b\000?\n( 9\n(\000?\n(\000?\n\001 at Op\005jV\020(\000?\n(\220?\005\000\000\000\005\000\000\000jU\b(L\220\004\b\000\000\000\000 9\n(\2305\n(\034k\017(\001\000\000\0004?cX\b(\000?\n($?\001\000\000\0003w\b(\001\000\000\000\2305\n(D?\211x\b(@?n(\204\203\033(t?]x\b(\2305\n((?030(t??Y\b(D{\n(\001\000\000\000t?\211x\b(@?n(\001\000\000\000\000?\n( \201\033(\000\000\"\b ?021\b???"...
#1  0x08054d9e in ArgusGetPackets (src=0x8220000) at ArgusSource.c:1548
        ArgusReadMask = {__fds_bits = {0 <repeats 32 times>}}
        ArgusWriteMask = {__fds_bits = {0 <repeats 32 times>}}
        ArgusExceptMask = {__fds_bits = {0 <repeats 32 times>}}
        tmp = 134688080
        i = 136446048
        width = 0
        noerror = 1
        fd = 672435999
        up = 0
        wait = {tv_sec = 0, tv_usec = 20000}
#2  0x0804bedc in main (argc=5, argv=0xbfbfe7bc) at argus.c:462
        tmpfile = (FILE *) 0x8220001
        commandlinew = 1
        doconf = 0
        path = "/etc/argus.conf\000argus", '\0' <repeats 1002 times>
        i = 0
        pid = 136445953
        tmparg = 0x811c000 ""
        filter = 0x0
        statbuf = {st_dev = 3217024772, st_ino = 1, st_mode = 30515, st_nlink = 10248, st_uid = 1, st_gid = 671757720, st_rdev = 3217024804, 
  st_atimespec = {tv_sec = 671643785, tv_nsec = 671793216}, st_mtimespec = {tv_sec = 134745396, tv_nsec = -1077942444}, st_ctimespec = {
    tv_sec = 671643741, tv_nsec = 671757720}, st_size = -4629727543277489824, st_blocks = 2889744647000185249, st_blksize = 1, st_flags = 0, st_gen = 0, 
  st_lspare = -1077942196, st_birthtimespec = {tv_sec = 672968000, tv_nsec = 671785984}}
        host = (struct hostent *) 0x0
        commandlinei = 0
        op = 136445953



Now, having set the breakpoint at ArgusLog again in the same manner:


(gdb) run -r 2007-03-07_19:10:00-argus-crashes.arg -w test
Starting program: /usr/local/sbin/argus -r 2007-03-07_19:10:00-argus-crashes.arg -w test

Breakpoint 1, ArgusLog (priority=4, fmt=0x8070ea3 "started") at argus_util.c:1416
1416       gettimeofday (&now, 0L);
(gdb) bt full
#0  ArgusLog (priority=4, fmt=0x8070ea3 "started") at argus_util.c:1416
        buf = "\000\000\000\000???\024U\b(?221\004\b\201\033(\034??\000\000\000\b?\b?\031(\220?\035&\a\b\034?\220?", '\0' <repeats 132 times>, "?\232\024( \201\033(\037\217\024(\000\b??\005T\b(?\222\004\b?b\020(\006\000\000\000\225S\b(\021\000\000\000?n\000\000?\000\000\001\2305\n(\200?\n(\000\000\000\000???\024U\b(?\222\004\b??006\000\000?\n(\001\000\000\000?217\024(?n"...
        ptr = 0x8220000 ""
        now = {tv_sec = 671757720, tv_usec = 672435642}
#1  0x0804c414 in main (argc=5, argv=0xbfbfe7bc) at argus.c:454
        gr = (struct group *) 0x0
        commandlinew = 1
        doconf = 0
        path = "/etc/argus.conf\000argus", '\0' <repeats 1002 times>
        i = 30
        pid = 0
        tmparg = 0x0
        filter = 0x8271000 ""
        statbuf = {st_dev = 3217024772, st_ino = 1, st_mode = 30515, st_nlink = 10248, st_uid = 1, st_gid = 671757720, st_rdev = 3217024804, 
  st_atimespec = {tv_sec = 671643785, tv_nsec = 671793216}, st_mtimespec = {tv_sec = 134745396, tv_nsec = -1077942444}, st_ctimespec = {
    tv_sec = 671643741, tv_nsec = 671757720}, st_size = -4629727543277489824, st_blocks = 2889744647000185249, st_blksize = 1, st_flags = 0, st_gen = 0, 
  st_lspare = -1077942196, st_birthtimespec = {tv_sec = 672968000, tv_nsec = 671785984}}
        host = (struct hostent *) 0x8271000
        commandlinei = 0
        op = 0




That ought to be a little more helpful ;)

I'll do a bit of digging, but it may be more obvious to Carter what's happening here.


-- Jonathan Towne

More information about the argus mailing list