#17 core dump on new packet: "double free or corruption"

open
nobody
core (19)
5
2014-08-18
2009-04-24
No

seagull craches with stdout:
*** glibc detected *** double free or corruption (out): 0x09178a08 ***
on new received packet.

# gdb seagull /opt/seagull/radius-env/run/core.19184
Core was generated by `seagull -conf conf.xml -dico dict.xml -scen auth.xml -log ../logs/auth.log -lle'.
Program terminated with signal 6, Aborted.
[New process 19184]
[New process 19188]
[New process 19187]
[New process 19186]
[New process 19185]
#0 0x001587a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) bt
#0 0x001587a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1 0x0019e815 in raise () from /lib/tls/libc.so.6
#2 0x001a0279 in abort () from /lib/tls/libc.so.6
#3 0x001d2cca in __libc_message () from /lib/tls/libc.so.6
#4 0x001d955f in _int_free () from /lib/tls/libc.so.6
#5 0x001d993a in free () from /lib/tls/libc.so.6
#6 0x0814e625 in C_CallContext::reset_memory ()
#7 0x0814fa59 in C_CallContext::init ()
#8 0x081523e7 in C_CallControl::makeCallContextAvailable ()
#9 0x08153db4 in C_CallControl::execute_scenario_cmd ()
#10 0x08153cd8 in C_CallControl::messageSendControl ()
#11 0x08154107 in C_CallControl::TaskProcedure ()
#12 0x080ba1f3 in C_TaskControl::run_task_once ()
#13 0x0815bfce in C_ReadControl::TaskProcedure ()
#14 0x080ba42f in C_TaskControl::run ()
#15 0x080bc8a4 in C_Generator::TaskProcedure ()
#16 0x080ba314 in C_TaskControl::run_all_once ()
#17 0x080c78f9 in main_tool ()
#18 0x080c79bc in main ()

Discussion

  • Vladimir Yakunin

    auth.xml

     
  • Vladimir Yakunin

    conf.xml

     
  • Vladimir Yakunin

    dict.xml

     
  • Vladimir Yakunin

    last messages in log file:

    2009-04-24.14:27:45.498|M|Send [[Access-Accept
    |M|[Code] = [ 2]
    |M|[Identifier] = [ 13]
    |M|[Length] = [ 0]
    |M|[Authenticator] = [
    |M|fa a4 b4 51 90 e6 0b d1 8f 70 b0 1e b7 76 0d 33
    |M|]
    |M| [Session-Timeout
    |M| (Attr-Type = 27)] = [86400]
    |M| [Service-Type
    |M| (Attr-Type = 6)] = [2]
    |M|]]
    2009-04-24.14:27:45.498|B|Buffer sent size [32]
    |B|02 0d 00 20 fa a4 b4 51 90 e6 0b d1 8f 70 b0 1e
    |B|b7 76 0d 33 1b 06 00 01 51 80 06 06 00 00 00 02
    2009-04-24.14:27:45.498|V|Scenario Traffic passed call-id [ 51 75 69 64 77 61 79 30 32 30 30 30 30 30 30 30 30 30 30 30 30 65 37 61 62 34 38 30 33 39 37 31 39]