From owner-freebsd-ports-bugs@freebsd.org Tue Jun 11 12:38:43 2019 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9BE5915B9B7F for ; Tue, 11 Jun 2019 12:38:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 318898A112 for ; Tue, 11 Jun 2019 12:38:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id DCEDD15B9B6D; Tue, 11 Jun 2019 12:38:42 +0000 (UTC) Delivered-To: ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B7FFB15B9B63 for ; Tue, 11 Jun 2019 12:38:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 506B58A10D for ; Tue, 11 Jun 2019 12:38:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 779D517CA8 for ; Tue, 11 Jun 2019 12:38:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x5BCcftc012761 for ; Tue, 11 Jun 2019 12:38:41 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x5BCcf4U012754 for ports-bugs@FreeBSD.org; Tue, 11 Jun 2019 12:38:41 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 238496] net/bird: SIGSEGV after unexpected self-originated LSA Date: Tue, 11 Jun 2019 12:38:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: pbd@pbd.name X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: olivier@freebsd.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jun 2019 12:38:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238496 Bug ID: 238496 Summary: net/bird: SIGSEGV after unexpected self-originated LSA Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: olivier@freebsd.org Reporter: pbd@pbd.name Flags: maintainer-feedback?(olivier@freebsd.org) Assignee: olivier@freebsd.org Bird 1.6.6_1 crashes, most likely after receiving an unexpected self-originated LSA, as log says:=20 17:08:06 xxx bird: Received unexpected self-originated LSA 17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 192.168.144.12, Rt: 192.168.144.12, Seq: 80000001, Age: 3600 17:08:06 xxx bird: Received unexpected self-originated LSA 17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 169.254.1.0, Rt: 192.168.144.12, Seq: 80000001, Age: 3600 17:08:07 xxx kernel: pid 2091 (bird), uid 0: exited on signal 11 (core dump= ed) The backtrace is: --- snip --- # gdb bird bird.core-pkg=20 ... Core was generated by `/usr/local/sbin/bird -c router.bird4.conf'. Program terminated with signal 11, Segmentation fault. #0 0x0000000000429c90 in ospf_rt_notify (P=3D0x80126e320, tbl=3D,=20 n=3D0x8012202a0, new=3D, old=3D, ea=3D0xc) at ../../../proto/ospf/topology.c:1281 1281 u32 tag =3D ea_get_int(ea, EA_OSPF_TAG, 0); (gdb) backtrace full #0 0x0000000000429c90 in ospf_rt_notify (P=3D0x80126e320, tbl=3D,=20 n=3D0x8012202a0, new=3D, old=3D, ea=3D0xc) at ../../../proto/ospf/topology.c:1281 p =3D (struct ospf_proto *) 0x80126e320 a =3D (rta *) 0x80123ca28 m1 =3D 19006112 m2 =3D metric =3D 32767 fwd =3D tag =3D oa =3D ebit =3D nf =3D #1 0x000000000042b414 in ospf_rx_hook (sk=3D0x80126e320, len=3D) at ../../../proto/ospf/packet.c:418 err_val =3D ifa =3D (struct ospf_iface *) 0x7fffffffe890 p =3D (struct ospf_proto *) 0x8012203e0 pkt =3D (struct ospf_packet *) 0x80126e320 plen =3D err_dsc =3D areaid =3D rid =3D instance_id =3D n =3D (struct ospf_neighbor *) 0x80126e320 #2 0x0000000000429632 in ospf_update_lsadb (p=3D0x0) at ../../../proto/ospf/topology.c:483 real_age =3D en =3D (struct top_hash_entry *) 0x80122d190 nxt =3D (struct top_hash_entry *) 0x0 #3 0x000000000044b3df in krt_do_scan () at krt-sock.c:886 krt_bufmin =3D 6793000 krt_buffer_owner =3D (struct proto *) 0x0 krt_buffer =3D (byte *) 0x677578 "=C3=B0{g" krt_table_cf =3D 0x67a700 krt_buflen =3D 6793008 kif_proto =3D (struct kif_proto *) 0x67a940 krt_max_tables =3D 0 #4 0x0000000000451604 in number (str=3D0x429632 "=C3=80\017\204J\002", num=3D34378797456, base=3D1,=20 size=3D-1062711132, precision=3D0, type=3D19059136, remains=3D) at printf.c:65 tmp =3D 0x7fffffffe960 "\001" digits =3D 0x0 sign =3D Cannot access memory at address 0x0 Current language: auto; currently minimal --- snip --- I was not able to reproduce the crash in bird 1.6.6 compiled manually from sources, i. e. without the FreeBSD patches to the bird (see bug #232231). --=20 You are receiving this mail because: You are the assignee for the bug.=