Re: send_netlink : segfault when removing the USB cable when my phone is sharing Internet
Roy Marples
Sat Jul 01 11:02:17 2017
Hi
On 01/07/17 09:49, LE GARREC Vincent wrote:
I'm using dhcpcd-7.0.0_rc1 and I found a line in my dmesg :
[49260.817999] dhcpcd[496]: segfault at 120 ip 000000000041e7e2 sp
00007ffe6991a880 error 4 in dhcpcd[400000+58000]
I activated dump. The backtrace is below.
In send_netlink, we can see that the context is corrupted.
Tell me if you need more information, I still have the dump.
Best regards,
Vincent
#0 0x000000000041e7e2 in send_netlink (ctx=0x40, ifp=0x0, protocol=0,
hdr=0x7ffe6991a970, callback=0x0) at if-linux.c:832
priv = 0x44c0b4
s = 1771153664
r = 32766
snl = {nl_family = 16, nl_pad = 0, nl_pid = 0, nl_groups = 0}
iov = {{iov_base = 0x5800000002, iov_len = 140730669574512}}
msg = {msg_name = 0x7ffe6991a9d0, msg_namelen = 4241125,
msg_iov = 0x7ffe6991aa40, msg_iovlen = 4505780, msg_control = 0x3000000008,
msg_controllen = 4319830, msg_flags = 1771153696}
#1 0x000000000041ff9a in if_address (cmd=21 '\025', addr=0x67f640) at
if-linux.c:1458
nlm = {hdr = {nlmsg_len = 32, nlmsg_type = 21, nlmsg_flags = 1,
nlmsg_seq = 0, nlmsg_pid = 0}, ifa = {ifa_family = 2 '\002',
ifa_prefixlen = 16 '\020', ifa_flags = 0 '\000', ifa_scope
= 0 '\000', ifa_index = 6781312},
buffer = "\b\000\002\000\251\376dž", '\000' <repeats 55 times>}
retval = 0
#2 0x000000000042b9af in ipv4_deladdr (addr=0x67f640, keeparp=1) at
ipv4.c:467
r = 0
state = 0x677980
ap = 0x600000000
astate = 0x676a20
__func__ = "ipv4_deladdr"
#3 0x000000000042f23c in ipv4ll_freedrop (ifp=0x677980, drop=1) at
ipv4ll.c:449
istate = 0x677800
state = 0x677880
dropped = 0
#4 0x0000000000405286 in dhcpcd_drop (ifp=0x677980, stop=0) at dhcpcd.c:369
No locals.
#5 0x0000000000406085 in dhcpcd_handlecarrier (ctx=0x7ffe6991adb0,
carrier=-1, flags=4098, ifname=0x7ffe6991ab60 "enp6s0u2") at dhcpcd.c:724
ifp = 0x677980
__func__ = "dhcpcd_handlecarrier"
#6 0x000000000041e71d in link_netlink (ctx=0x7ffe6991adb0,
ifp=0x677980, nlm=0x674700) at if-linux.c:802
r = 0
len = 0
rta = 0x674bec
hwaddr = 0x6747cc
ifi = 0x674710
ifn = "enp6s0u2\000\256\221i\376\177\000", <incomplete sequence
\354>
#7 0x000000000041d8bf in get_netlink (ctx=0x7ffe6991adb0,
iov=0x7ffe6991aea8, ifp=0x0, fd=7, flags=64, callback=0x41e3a6
<link_netlink>) at if-linux.c:397
msg = {msg_name = 0x7ffe6991abe0, msg_namelen = 12, msg_iov =
0x7ffe6991aea8, msg_iovlen = 1, msg_control = 0x0, msg_controllen = 0,
msg_flags = 0}
nladdr = {nl_family = 16, nl_pad = 0, nl_pid = 0, nl_groups = 1}
len = 1260
nlm = 0x674700
r = 0
again = 0
#8 0x000000000041e778 in if_handlelink (ctx=0x7ffe6991adb0) at
if-linux.c:812
No locals.
#9 0x0000000000406a5c in dhcpcd_handlelink (arg=0x7ffe6991adb0) at
dhcpcd.c:972
ctx = 0x7ffe6991adb0
__func__ = "dhcpcd_handlelink"
#10 0x000000000040b0d3 in eloop_start (eloop=0x66cbe0,
signals=0x7ffe6991aeb8) at eloop.c:970
n = 1
e = 0x66cd20
t = 0x67f740
now = {tv_sec = 49250, tv_nsec = 140066081}
ts = {tv_sec = 52, tv_nsec = 89210088}
tsp = 0x7ffe6991acf0
t0 = 0x40a49e <eloop_q_timeout_add_sec+88>
epe = {events = 1, data = {ptr = 0x66cd20, fd = 6737184, u32 =
6737184, u64 = 6737184}}
timeout = 52090
#11 0x0000000000409481 in main (argc=2, argv=0x7ffe6991b278) at
dhcpcd.c:1940
ctx = {pidfile = "/run/dhcpcd.pid", '\000' <repeats 23 times>,
cffile = 0x44843f "/etc/dhcpcd.conf", options = 310326615011679241,
logfile = 0x0,
argc = 2, argv = 0x7ffe6991b278, ifac = 0, ifav = 0x0, ifdc =
0, ifdv = 0x0, ifc = 0, ifv = 0x7ffe6991b288, ifcc = 0, ifcv = 0x0,
duid = 0x67ee40 "", duid_len = 14, ifaces = 0x6719f0, routes
= {tqh_first = 0x676b90, tqh_last = 0x674d10}, kroutes = {tqh_first =
0x676e00,
tqh_last = 0x6770f0}, froutes = {tqh_first = 0x67f4e0,
tqh_last = 0x67f170}, pf_inet_fd = 9, priv = 0x66cd00, link_fd = 7, seq
= 213, sseq = 213,
iov = {{iov_base = 0x674700, iov_len = 1536}}, sigset =
{__val = {0 <repeats 16 times>}}, eloop = 0x66cbe0, control_fd = 5,
control_unpriv_fd = 6,
control_fds = {tqh_first = 0x0, tqh_last = 0x7ffe6991af48},
control_sock = "/run/dhcpcd.sock", '\000' <repeats 20 times>,
control_group = 0,
vivso = 0x0, vivso_len = 0, randomstate = 0x7fba63f3f100
<randtbl> "\003", ppid = 453, pseq = 8, dhcp_opts = 0x66a730,
dhcp_opts_len = 124,
udp_fd = 10, opt_buffer = 0x0, opt_buffer_len = 0,
secret = 0x67f780
"@vE\337\273\023\a\315e8\363\255$ko\207\301\234\250\255q\311\306bd~K\237l\370\024\311#\003\036I8\305O)b?\215\255&q\341\060>\264\352UM\213\356(\277\030E%E\277\366d9:c6:62:64:7e:4b:9f:6c:f8:14:c9:23:03:1e:49:38:c5:4f:29:62:3f:8d:ad:26:71:e1:30:3e:b4:ea:55:4d:8b:ee:28:bf:18:45:25:45:bf:f6:64\n",
secret_len = 64, ctlbuf = '\000' <repeats 63 times>, from = {sin6_family
= 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 =
{0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id =
0}, sndhdr = {
msg_name = 0x7ffe6991ac50, msg_namelen = 28, msg_iov =
0x7ffe6991b078, msg_iovlen = 1, msg_control = 0x7ffe6991b088,
msg_controllen = 40,
msg_flags = 0}, sndiov = {{iov_base = 0x676ab0, iov_len =
16}},
sndbuf = "$\000\000\000\000\000\000\000)\000\000\000\062",
'\000' <repeats 19 times>, "\016\000\000\000\000\000\000", rcvhdr = {
msg_name = 0x7ffe6991b020, msg_namelen = 28, msg_iov =
0x7ffe6991aea8, msg_iovlen = 1, msg_control = 0x7ffe6991afe0,
msg_controllen = 0,
msg_flags = 0}, ntopbuf = '\000' <repeats 45 times>, sfrom
= 0x0, nd_fd = 14, ra_routers = 0x67f060, dhcp6_fd = -1, nd_opts =
0x66ca20,
nd_opts_len = 6, dhcp6_opts = 0x673300, dhcp6_opts_len = 71,
dev_load = 0x0, dev_fd = 11, dev = 0x66df60, dev_handle = 0x66cd60}
ifo = 0x0
ifp = 0x0
family = 0
opt = 0
oi = 0
i = 0
logopts = 2136192
t = 30
len = 140438519751319
pid = 0
sig = 0
siga = 0x0
__func__ = "main"
I can't replicate this on the head of the master branch?
Can you try that please?
If you still have the core dump and matching binary that made it, I'd
like that too please!
Roy
Archive administrator: postmaster@marples.name