Hello bird-team, I have a bird v1.6.4. configuration that works fine. A certain set of actions leads to a segfault and a crash of the bird binary. I have configured and built bird 1.6.4. with IPv6 support that runs on a box with a i686 linux with kernel v4.14.75. My bird configuration: ### bird6.conf: protocol device { scan time 10; } protocol direct C_main { interface "*"; preference 255; check link; } protocol kernel K_main { preference 255; scan time 20; export all; learn; } include "*.conff"; ### ospfv3.conff in the same directory: debug protocols all; log syslog { info, remote, warning, error, auth, fatal, bug }; protocol ospf O_main { preference 145; instance id 0; area 172.16.0.0 { interface "vti0" { dead 120; hello 30; cost 1; priority 1; type pointopoint; neighbors { fe80::e68:3ff:fe26:5130; }; }; interface "eth1" { dead 40; hello 10; cost 1; priority 1; type broadcast; stub yes; }; }; import filter { accept; }; export filter { reject; }; } ### The following actions lead to a crash of bird6: EEPD[~]# /sbin/bird6 -P /var/run/bird6.pid -c /var/etc/bird6/bird6.conf Oct 24 14:23:08 EEPD info bird6 [ 4684]: Started EEPD[~]# ps | grep bird6 4930 root 1500 S /sbin/bird6 -P /var/run/bird6.pid -c /var/etc/bird6/bird6.conf 4932 root 1284 S grep bird6 EEPD[~]# EEPD[~]# ip -6 link add vti0 type vti6 local fd00::38 remote fd00::1b ikey 2 okey 2; EEPD[~]# ip -6 link set vti0 up; EEPD[~]# ifconfig vti0 mtu 1422 Oct 24 14:23:17 EEPD err bird6 [ 4684]: KIF: Received address message for unknown interface 33 Oct 24 14:23:20 EEPD err bird6 [ 4684]: O_main: Socket error on vti0: Invalid argument Oct 24 14:23:20 EEPD info kernel: [ 4684]: segfault at 58e ip b7eed103 sp bf9acad8 error 4 in libuClibc-1.0.30.so[b7ebd000+72000] EEPD[~]# EEPD[~]# ps | grep bird6 4988 root 1284 S grep bird6 EEPD[~]# ### Further testing - bird does NOT crash if the contents of bird6.conf and ospfv3.conf are placed in a single file without inclusion. - bird does NOT crash if the call 'ifconfig vti0 mtu 1422' is executed before 'ip -6 link set vti0 up'. Hope this information helps. Best Regards Alex
Hi. Try to assemble uClibc and bird with debug symbols, and try to analyze core dump. Also it'll be good to run bird (better- to use debug version) in valgrind - it'll show all suspicious cases (like access across array borders, use of uninitialized variables and so on). On 24.10.2018 18:05, Alexander Velkov wrote:
Hello bird-team,
I have a bird v1.6.4. configuration that works fine. A certain set of actions leads to a segfault and a crash of the bird binary.
I have configured and built bird 1.6.4. with IPv6 support that runs on a box with a i686 linux with kernel v4.14.75. My bird configuration:
### bird6.conf:
protocol device { scan time 10; }
protocol direct C_main { interface "*"; preference 255; check link; }
protocol kernel K_main { preference 255; scan time 20; export all; learn; }
include "*.conff";
### ospfv3.conff in the same directory:
debug protocols all; log syslog { info, remote, warning, error, auth, fatal, bug };
protocol ospf O_main { preference 145; instance id 0;
area 172.16.0.0 {
interface "vti0" { dead 120; hello 30; cost 1; priority 1; type pointopoint;
neighbors { fe80::e68:3ff:fe26:5130; }; };
interface "eth1" { dead 40; hello 10; cost 1; priority 1; type broadcast; stub yes; }; };
import filter { accept; }; export filter { reject; }; }
### The following actions lead to a crash of bird6:
EEPD[~]# /sbin/bird6 -P /var/run/bird6.pid -c /var/etc/bird6/bird6.conf
Oct 24 14:23:08 EEPD info bird6 [ 4684]: Started
EEPD[~]# ps | grep bird6 4930 root 1500 S /sbin/bird6 -P /var/run/bird6.pid -c /var/etc/bird6/bird6.conf 4932 root 1284 S grep bird6
EEPD[~]# EEPD[~]# ip -6 link add vti0 type vti6 local fd00::38 remote fd00::1b ikey 2 okey 2; EEPD[~]# ip -6 link set vti0 up; EEPD[~]# ifconfig vti0 mtu 1422
Oct 24 14:23:17 EEPD err bird6 [ 4684]: KIF: Received address message for unknown interface 33 Oct 24 14:23:20 EEPD err bird6 [ 4684]: O_main: Socket error on vti0: Invalid argument Oct 24 14:23:20 EEPD info kernel: [ 4684]: segfault at 58e ip b7eed103 sp bf9acad8 error 4 in libuClibc-1.0.30.so <http://libuClibc-1.0.30.so>[b7ebd000+72000]
EEPD[~]# EEPD[~]# ps | grep bird6 4988 root 1284 S grep bird6 EEPD[~]#
### Further testing
- bird does NOT crash if the contents of bird6.conf and ospfv3.conf are placed in a single file without inclusion. - bird does NOT crash if the call 'ifconfig vti0 mtu 1422' is executed before 'ip -6 link set vti0 up'.
Hope this information helps.
Best Regards Alex
On Wed, Oct 24, 2018 at 05:05:10PM +0200, Alexander Velkov wrote:
Hello bird-team, I have a bird v1.6.4. configuration that works fine. A certain set of actions leads to a segfault and a crash of the bird binary.
Hi Thanks for the elaborate bugreport, i can reproduce the bug the attached patch should fix it. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hi Ondrej, thanks for the quick reply! I'm happy the information was helpful and enough to track-down the bug, else I would have done what Andrew suggested and that would have needed much more time. I tested the patch you sent and it works perfectly! Thanks for the great support! Best regards Alex On Thu, Oct 25, 2018 at 5:05 PM Ondrej Zajicek <santiago@crfreenet.org> wrote:
On Wed, Oct 24, 2018 at 05:05:10PM +0200, Alexander Velkov wrote:
Hello bird-team, I have a bird v1.6.4. configuration that works fine. A certain set of actions leads to a segfault and a crash of the bird binary.
Hi
Thanks for the elaborate bugreport, i can reproduce the bug the attached patch should fix it.
-- Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (3)
-
Alexander Velkov -
Andrew -
Ondrej Zajicek