netbsd-bugs: bin/12070: dhcpd seg faults receiving DHCPREQUEST

Subject: bin/12070: dhcpd seg faults receiving DHCPREQUEST
To: None <gnats-bugs@gnats.netbsd.org>
From: None <gendalia@iastate.edu>
List: netbsd-bugs
Date: 01/28/2001 13:53:20
>Number:         12070
>Category:       bin
>Synopsis:       dhcpd seg faults receiving DHCPREQUEST
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jan 28 13:56:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Tracy Di Marco White
>Release:        1.5.1_ALPHA
>Organization:
>Environment:
System: NetBSD lyra 1.5.1_ALPHA NetBSD 1.5.1_ALPHA (LYRA) #2: Sun Jan 28 11:27:07 CST 2001 root@lyra:/usr/src/sys/arch/i386/compile/LYRA i386


>Description:

dhcpd dies after DHCPDISCOVER & DHCPOFFER, as it's receiving DHCPREQUEST.
It has worked occasionally, but it is much more consistently dumping core.
Complete kdump output available at
http://www.public.iastate.edu/~gendalia/dhcpd.kdump.out.txt
likely pertinent bits included here:
  5132 dhcpd    CALL  gettimeofday(0xbfbfb750,0)
  5132 dhcpd    RET   gettimeofday 0
  5132 dhcpd    CALL  sendto(0x3,0xbfbfbbb0,0x47,0,0,0)
  5132 dhcpd    GIO   fd 3 wrote 71 bytes
       "<30>Jan 26 21:01:24 dhcpd: DHCPDISCOVER from 00:80:3f:f5:26:07 via tlp\
        0"
  5132 dhcpd    RET   sendto 71/0x47
  5132 dhcpd    CALL  gettimeofday(0xbfbfb11c,0)
  5132 dhcpd    RET   gettimeofday 0
  5132 dhcpd    CALL  sendto(0x3,0xbfbfb57c,0x52,0,0,0)
  5132 dhcpd    GIO   fd 3 wrote 82 bytes
       "<30>Jan 26 21:01:24 dhcpd: DHCPOFFER on 192.168.69.7 to 00:80:3f:f5:26\
        :07 via tlp0"
  5132 dhcpd    RET   sendto 82/0x52
  5132 dhcpd    CALL  writev(0x6,0xbfbfbcbc,0x3)
  5132 dhcpd    GIO   fd 6 wrote 14 bytes
       "\0\M^@?\M-u&\a\0@\^E\M-#\M-!C\b\0"
  5132 dhcpd    GIO   fd 6 wrote 28 bytes
       "E\^P\^AH\0\0\0\0\^P\^Q\M^]\M-Z\M-@\M-(Ec\M-@\M-(E\a\0C\0D\^A4\M-%\M-/"
  5132 dhcpd    GIO   fd 6 wrote 300 bytes
       "\^B\^A\^F\0\^Nn\M-t,\0\0\0\0\0\0\0\0\M-@\M-(E\a\M-@\M-(Ec\0\0\0\0\0\
        \M^@?\M-u&\a\0\0\0\0\0\0\0\0\0\0lyra\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0c\M^BSc5\
        \^A\^B6\^D\M-@\M-(Ec3\^D\0\^AQ\M^@\^A\^D\M^?\M^?\M^?\0\^\\^D\M-@\M-(E\
        \M^?\^C\^D\M-@\M-(E\M-~\^F\b\M-Ol \^A\M-L\M^SP\^E\M^?\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0"
  5132 dhcpd    RET   writev 342/0x156
  5132 dhcpd    CALL  read(0x6,0x812f000,0x2000)
  5132 dhcpd    RET   read -1 errno 35 Resource temporarily unavailable
  5132 dhcpd    CALL  recvfrom(0x5,0xbfbfd3ac,0x604,0,0xbfbfd39c,0xbfbfd398)
  5132 dhcpd    GIO   fd 5 read 300 bytes
       "\^A\^A\^F\0\^Nn\M-t,\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\M^@?\
        \M-u&\a\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0c\M^BSc5\
        \^A\^A7\a\^A\^\\^B\^C\^O\^F\f\M^?\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
  5132 dhcpd    RET   recvfrom 300/0x12c
  5132 dhcpd    CALL  select(0x8,0xbfbfda5c,0xbfbfda3c,0xbfbfda1c,0)
  5132 dhcpd    RET   select 2
  5132 dhcpd    CALL  gettimeofday(0xbfbfda14,0)
  5132 dhcpd    RET   gettimeofday 0
  5132 dhcpd    CALL  read(0x6,0x812f000,0x2000)
  5132 dhcpd    GIO   fd 6 read 360 bytes
       "\^D:r:\M-b\M-h  \0V\^A\0\0V\^A\0\0\^R\0\M^?\M^?\M^?\M^?\M^?\M^?\0\M^@?\
        \M-u&\a\b\0E\^P\^AH\0\0\0\0\^P\^Q\M-)\M^V\0\0\0\0\M^?\M^?\M^?\M^?\0D\0\
        C\^A4\M-.6\^A\^A\^F\0\^Nn\M-t,\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\M^@?\M-u&\a\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0c\
        \M^BSc5\^A\^C6\^D\M-@\M-(Ec2\^D\M-@\M-(E\a7\a\^A\^\\^B\^C\^O\^F\f\M^?\
        \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
  5132 dhcpd    RET   read 360/0x168
  5132 dhcpd    CALL  gettimeofday(0xbfbfb728,0)
  5132 dhcpd    RET   gettimeofday 0
  5132 dhcpd    CALL  sendto(0x3,0xbfbfbb88,0x57,0,0,0)
  5132 dhcpd    GIO   fd 3 wrote 87 bytes
       "<30>Jan 26 21:01:24 dhcpd: DHCPREQUEST for 192.168.69.7 from 00:80:3f:\
        f5:26:07 via tlp0"
  5132 dhcpd    RET   sendto 87/0x57
  5132 dhcpd    PSIG  SIGSEGV SIG_DFL
  5132 dhcpd    NAMI  "dhcpd.core"


>How-To-Repeat:
start dhcpd, have a client machine run dhclient against it.
>Fix:
upgrade to dhcp 3.0b2pl16
>Release-Note:
>Audit-Trail:
>Unformatted: