Date: Tue, 11 Jun 2019 12:38:40 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 238496] net/bird: SIGSEGV after unexpected self-originated LSA Message-ID: <bug-238496-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238496 Bug ID: 238496 Summary: net/bird: SIGSEGV after unexpected self-originated LSA Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: olivier@freebsd.org Reporter: pbd@pbd.name Flags: maintainer-feedback?(olivier@freebsd.org) Assignee: olivier@freebsd.org Bird 1.6.6_1 crashes, most likely after receiving an unexpected self-originated LSA, as log says:=20 17:08:06 xxx bird: Received unexpected self-originated LSA 17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 192.168.144.12, Rt: 192.168.144.12, Seq: 80000001, Age: 3600 17:08:06 xxx bird: Received unexpected self-originated LSA 17:08:06 xxx bird: Installing LSA: Type: 2002, Id: 169.254.1.0, Rt: 192.168.144.12, Seq: 80000001, Age: 3600 17:08:07 xxx kernel: pid 2091 (bird), uid 0: exited on signal 11 (core dump= ed) The backtrace is: --- snip --- # gdb bird bird.core-pkg=20 ... Core was generated by `/usr/local/sbin/bird -c router.bird4.conf'. Program terminated with signal 11, Segmentation fault. #0 0x0000000000429c90 in ospf_rt_notify (P=3D0x80126e320, tbl=3D<value opt= imized out>,=20 n=3D0x8012202a0, new=3D<value optimized out>, old=3D<value optimized ou= t>, ea=3D0xc) at ../../../proto/ospf/topology.c:1281 1281 u32 tag =3D ea_get_int(ea, EA_OSPF_TAG, 0); (gdb) backtrace full #0 0x0000000000429c90 in ospf_rt_notify (P=3D0x80126e320, tbl=3D<value opt= imized out>,=20 n=3D0x8012202a0, new=3D<value optimized out>, old=3D<value optimized ou= t>, ea=3D0xc) at ../../../proto/ospf/topology.c:1281 p =3D (struct ospf_proto *) 0x80126e320 a =3D (rta *) 0x80123ca28 m1 =3D 19006112 m2 =3D <value optimized out> metric =3D 32767 fwd =3D <value optimized out> tag =3D <value optimized out> oa =3D <value optimized out> ebit =3D <value optimized out> nf =3D <value optimized out> #1 0x000000000042b414 in ospf_rx_hook (sk=3D0x80126e320, len=3D<value opti= mized out>) at ../../../proto/ospf/packet.c:418 err_val =3D <value optimized out> ifa =3D (struct ospf_iface *) 0x7fffffffe890 p =3D (struct ospf_proto *) 0x8012203e0 pkt =3D (struct ospf_packet *) 0x80126e320 plen =3D <value optimized out> err_dsc =3D <value optimized out> areaid =3D <value optimized out> rid =3D <value optimized out> instance_id =3D <value optimized out> n =3D (struct ospf_neighbor *) 0x80126e320 #2 0x0000000000429632 in ospf_update_lsadb (p=3D0x0) at ../../../proto/ospf/topology.c:483 real_age =3D <value optimized out> en =3D (struct top_hash_entry *) 0x80122d190 nxt =3D (struct top_hash_entry *) 0x0 #3 0x000000000044b3df in krt_do_scan () at krt-sock.c:886 krt_bufmin =3D 6793000 krt_buffer_owner =3D (struct proto *) 0x0 krt_buffer =3D (byte *) 0x677578 "=C3=B0{g" krt_table_cf =3D 0x67a700 krt_buflen =3D 6793008 kif_proto =3D (struct kif_proto *) 0x67a940 krt_max_tables =3D 0 #4 0x0000000000451604 in number (str=3D0x429632 "=C3=80\017\204J\002", num=3D34378797456, base=3D1,=20 size=3D-1062711132, precision=3D0, type=3D19059136, remains=3D<value op= timized out>) at printf.c:65 tmp =3D 0x7fffffffe960 "\001" digits =3D 0x0 sign =3D Cannot access memory at address 0x0 Current language: auto; currently minimal --- snip --- I was not able to reproduce the crash in bird 1.6.6 compiled manually from sources, i. e. without the FreeBSD patches to the bird (see bug #232231). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-238496-7788>