Red Hat Bugzilla – Bug 206711
tcpdump seg faults after applying latest glibc updates
Last modified: 2007-11-16 20:14:54 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.5) Gecko/20060726 Red Hat/1.5.0.5-0.el4.1 Firefox/1.5.0.5 pango-text Description of problem: after installing system with tcpdump from stock initial release of RHEL4 (update 0) tcpdump works fine. After applying updates for glibc only, tcpdumps segfaults. Version-Release number of selected component (if applicable): tcpdump-3.8.2-10.RHEL4 How reproducible: Always Steps to Reproduce: 1. install stock system with tcpdump 2. run: up2date -u glibc glibc-common glibc-devel glibc-headers 3. run: tcpdump Actual Results: [root@sys-z ~]# tcpdump tcpdump: WARNING: eth0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 0 packets captured 0 packets received by filter 0 packets dropped by kernel [root@sys-z ~]# up2date -u glibc glibc-common glibc-devel glibc-headers Fetching Obsoletes list for channel: rhel-i386-ws-4... Fetching rpm headers... ######################################## Name Version Rel ---------------------------------------------------------- glibc 2.3.4 2.25 i686 glibc-common 2.3.4 2.25 i386 glibc-devel 2.3.4 2.25 i386 glibc-headers 2.3.4 2.25 i386 Testing package set / solving RPM inter-dependencies... ######################################## glibc-2.3.4-2.25.i686.rpm: ########################## Done. glibc-common-2.3.4-2.25.i38 ########################## Done. glibc-devel-2.3.4-2.25.i386 ########################## Done. glibc-headers-2.3.4-2.25.i3 ########################## Done. Preparing ########################################### [100%] Installing... 1:glibc-common ########################################### [100%] 2:glibc ########################################### [100%] Stopping sshd:[ OK ] Starting sshd:[ OK ] 3:glibc-headers ########################################### [100%] 4:glibc-devel ########################################### [100%] [root@sys-z ~]# tcpdump Segmentation fault Expected Results: tcpdump to run Additional info:
Could you please check "#strace -o dump.txt tcpdump" and attach dump.txt here?
Created attachment 136540 [details] tcpdump strace strace of tcpdump segfault
Thanks. Could you please run it in debugger? Install the debug-info packages for tcpdump, run "#gdb /usr/sbin/tcpdump", in gdb type "r" and enter. After segfault, attach please a backtrace ("bt" commnad).
Installed tcpdump-debuginfo. (concquently, the URLs in RHN for the debug packages, for updates are broken. They are not referencing the "updates" directory for updated RPMs) note, this is the contents of the public tcpdump-debuginfo package: [root@sys-z ~]# rpm -ql tcpdump-debuginfo /usr/lib/debug/usr/lib/libpcap.so.0.8.3.debug /usr/src/debug/tcpdump-3.8.2 /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3 /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/bpf_dump.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/bpf_filter.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/bpf_image.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/etherent.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/fad-getad.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/gencode.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/gencode.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/grammar.y /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/inet.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/nametoaddr.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/optimize.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap-bpf.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap-int.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap-linux.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap-namedb.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/pcap.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/savefile.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/scanner.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/scanner.l /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/sll.h /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/version.c /usr/src/debug/tcpdump-3.8.2/libpcap-0.8.3/version.h gdb appears not to be reading the .debug file and source files as it's complaining no debugging symbols are found. Perhaps there is there a commanline switch I am missing? [root@sys-z ~]# gdb /usr/sbin/tcpdump GNU gdb Red Hat Linux (6.3.0.0-1.96rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...(no debugging symbols found) Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) r Starting program: /usr/sbin/tcpdump (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) Program received signal SIGSEGV, Segmentation fault. 0x007fe613 in _nss_nis_getservent_r () from /lib/libnss_nis.so.2 (gdb) bt #0 0x007fe613 in _nss_nis_getservent_r () from /lib/libnss_nis.so.2 #1 0x006aea7d in __nss_getent_r () from /lib/tls/libc.so.6 #2 0x006b43e5 in getservent_r@@GLIBC_2.1.2 () from /lib/tls/libc.so.6 #3 0x006ae6d8 in __nss_getent () from /lib/tls/libc.so.6 #4 0x006b419a in getservent () from /lib/tls/libc.so.6 #5 0x0804aeb3 in ?? () #6 0x09c4fd70 in ?? () #7 0x080c0920 in ?? () #8 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #9 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #10 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #11 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #12 0x0000eb13 in ?? () #13 0x080c092c in ?? () #14 0x09c4e0bb in ?? () #15 0x00000000 in ?? ()
Please install debug-info packages for glibc, they're: glibc-debuginfo glibc-debuginfo-common and check it again. If it doesn't help, please download this package: http://people.redhat.com/stransky/tcpdump/ recompile it (#rpmbuild --rebuild tcpdump.xxxx.src.rpm), install all packages from /usr/src/redhat/RPMS/arch and check the debuger. Thanks.
looks like the gilbc*debuginfo rpms did the trick. Karl ------------ [root@sys-z tmp]# gdb /usr/sbin/tcpdump GNU gdb Red Hat Linux (6.3.0.0-1.96rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...(no debugging symbols found) Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) r Starting program: /usr/sbin/tcpdump Program received signal SIGSEGV, Segmentation fault. 0x00fb4613 in _nss_nis_getservent_r (serv=0x6ff324, buffer=0x9ad5d70 "\n", buflen=1024, errnop=0xb7fb3a80) at nss_nis/nis-service.c:196 196 if (__builtin_expect (intern.offset >= bucket->size, 0)) (gdb) bt #0 0x00fb4613 in _nss_nis_getservent_r (serv=0x6ff324, buffer=0x9ad5d70 "\n", buflen=1024, errnop=0xb7fb3a80) at nss_nis/nis-service.c:196 #1 0x006aea7d in __nss_getent_r (getent_func_name=0x6f1a97 "getservent_r", setent_func_name=0x6f1a81 "setservent", lookup_fct=0x6af3c0 <__nss_services_lookup>, nip=0x6ff338, startp=0x6ff340, last_nip=0x6ff33c, stayopen_tmp=0x6ff344, res=0, resbuf=0x6ff324, buffer=0x9ad5d70 "\n", buflen=1024, result=0xbff0326c, h_errnop=0x0) at getnssent_r.c:165 #2 0x006b43e5 in __getservent_r (resbuf=0x0, buffer=0x0, buflen=0, result=0x0) at ../nss/getXXent_r.c:161 #3 0x006ae6d8 in __nss_getent (func=0x6b4340 <__getservent_r>, resbuf=0x6ff324, buffer=0x6fd10c, buflen=1024, buffer_size=0x6ff320, h_errnop=0x0) at getnssent.c:51 #4 0x006b419a in getservent () at ../nss/getXXent.c:84 #5 0x0804aeb3 in ?? () #6 0x09ad5d70 in ?? () #7 0x080c0960 in ?? () #8 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #9 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #10 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #11 0x006f0b91 in __libc_ptyname1 () from /lib/tls/libc.so.6 #12 0x0000eb13 in ?? () #13 0x080c096c in ?? () #14 0xbff03354 in ?? () #15 0x005d2650 in ?? () #16 0x00636a44 in _int_free (av=0x312ac, mem=0xffffff) at malloc.c:4210 #17 0x0807f962 in ?? () #18 0x000312ac in ?? () #19 0x00ffffff in ?? () #20 0x00000000 in ?? ()
Great! Thanks!
Could it please run again (under gdb) and attach info about local variables? (type "info locals" in gdb when it crashes)
(gdb) r Starting program: /usr/sbin/tcpdump Program received signal SIGSEGV, Segmentation fault. 0x00307613 in _nss_nis_getservent_r (serv=0x6ff324, buffer=0x9d16d70 "\n", buflen=1024, errnop=0xb7f72a80) at nss_nis/nis-service.c:196 196 if (__builtin_expect (intern.offset >= bucket->size, 0)) (gdb) info locals No locals.
This sounds like a duplicate of #203237.
Yep, it really looks like a dupe of #203237... *** This bug has been marked as a duplicate of 203237 ***