[Bug 238496] net/bird: SIGSEGV after unexpected self-originated LSA
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Jun 11 12:38:43 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238496
Bug ID: 238496
Summary: net/bird: SIGSEGV after unexpected self-originated LSA
Product: Ports & Packages
Version: Latest
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: olivier at freebsd.org
Reporter: pbd at pbd.name
Flags: maintainer-feedback?(olivier at freebsd.org)
Assignee: olivier at freebsd.org
Bird 1.6.6_1 crashes, most likely after receiving an unexpected
self-originated LSA, as log says:
17:08:06 xxx bird: Received unexpected self-originated LSA
17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 192.168.144.12, Rt:
192.168.144.12, Seq: 80000001, Age: 3600
17:08:06 xxx bird: Received unexpected self-originated LSA
17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 169.254.1.0, Rt:
192.168.144.12, Seq: 80000001, Age: 3600
17:08:07 xxx kernel: pid 2091 (bird), uid 0: exited on signal 11 (core dumped)
The backtrace is:
--- snip ---
# gdb bird bird.core-pkg
...
Core was generated by `/usr/local/sbin/bird -c router.bird4.conf'.
Program terminated with signal 11, Segmentation fault.
#0 0x0000000000429c90 in ospf_rt_notify (P=0x80126e320, tbl=<value optimized
out>,
n=0x8012202a0, new=<value optimized out>, old=<value optimized out>,
ea=0xc)
at ../../../proto/ospf/topology.c:1281
1281 u32 tag = ea_get_int(ea, EA_OSPF_TAG, 0);
(gdb) backtrace full
#0 0x0000000000429c90 in ospf_rt_notify (P=0x80126e320, tbl=<value optimized
out>,
n=0x8012202a0, new=<value optimized out>, old=<value optimized out>,
ea=0xc)
at ../../../proto/ospf/topology.c:1281
p = (struct ospf_proto *) 0x80126e320
a = (rta *) 0x80123ca28
m1 = 19006112
m2 = <value optimized out>
metric = 32767
fwd = <value optimized out>
tag = <value optimized out>
oa = <value optimized out>
ebit = <value optimized out>
nf = <value optimized out>
#1 0x000000000042b414 in ospf_rx_hook (sk=0x80126e320, len=<value optimized
out>)
at ../../../proto/ospf/packet.c:418
err_val = <value optimized out>
ifa = (struct ospf_iface *) 0x7fffffffe890
p = (struct ospf_proto *) 0x8012203e0
pkt = (struct ospf_packet *) 0x80126e320
plen = <value optimized out>
err_dsc = <value optimized out>
areaid = <value optimized out>
rid = <value optimized out>
instance_id = <value optimized out>
n = (struct ospf_neighbor *) 0x80126e320
#2 0x0000000000429632 in ospf_update_lsadb (p=0x0) at
../../../proto/ospf/topology.c:483
real_age = <value optimized out>
en = (struct top_hash_entry *) 0x80122d190
nxt = (struct top_hash_entry *) 0x0
#3 0x000000000044b3df in krt_do_scan () at krt-sock.c:886
krt_bufmin = 6793000
krt_buffer_owner = (struct proto *) 0x0
krt_buffer = (byte *) 0x677578 "ð{g"
krt_table_cf = 0x67a700
krt_buflen = 6793008
kif_proto = (struct kif_proto *) 0x67a940
krt_max_tables = 0
#4 0x0000000000451604 in number (str=0x429632 "À\017\204J\002",
num=34378797456, base=1,
size=-1062711132, precision=0, type=19059136, remains=<value optimized
out>)
at printf.c:65
tmp = 0x7fffffffe960 "\001"
digits = 0x0
sign = Cannot access memory at address 0x0
Current language: auto; currently minimal
--- snip ---
I was not able to reproduce the crash in bird 1.6.6 compiled manually from
sources, i. e. without the FreeBSD patches to the bird (see bug #232231).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list