search

troglobit / pim6sd

PIM for IPv6 sparse mode daemon
Other
21 stars 8 forks source link

segfault after ~5 seconds if an interface has no carrier #6

Closed T-X closed 5 years ago

T-X commented 5 years ago

With current master (c3e2cab46665ea) I get a segfault after about 5 seconds if one of the two interfaces I have enabled in the pim6.conf has no carrier.

My pim6sd.conf looks like this:

default_phyint_status disable;
phyint ip6gre1 enable;
phyint pim-veth0 enable;

And "ip address *" like this:

$ ip a show dev ip6gre1
134: ip6gre1@NONE: (POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP) mtu 1448 qdisc noqueue state UNKNOWN group default qlen 1000
    link/gre6 2001:67c:2d50:0:7e76:35ff:fe14:e6d7 peer 2001:67c:2ed8:0:217:f2ff:fe93:66c9
    inet6 fd5c:725:2841::2/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::2c72:92ff:fe13:7098/64 scope link
       valid_lft forever preferred_lft forever
$ ip a show dev pim-veth0
128: pim-veth0@if127: (NO-CARRIER,BROADCAST,MULTICAST,UP) mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
    link/ether 32:dc:c7:8a:ac:2d brd ff:ff:ff:ff:ff:ff link-netns pim6test0

(\< and > replaced with "()")

pim-veth0 has NO-CARRIER because I haven't set the interface pim-veth1, which sits in a different network namespace, up yet.

gdb output:

$ gdb --args ./src/pim6sd -n -f pim6sd.conf
GNU gdb (Debian 8.2.1-2) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
    .

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./src/pim6sd...done.
(gdb) run
Starting program: /home/linus/dev-priv/pim6sd/src/pim6sd -n -f pim6sd.conf
pim6sd: 16:40:37.907 warning - setsockopt(IPV6_ROUTER_ALERT): Protocol not available
pim6sd: 16:40:37.908 warning - Not registering detected interface lo: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface wwp0s20f0u6: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface wlp61s0: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface wlp61s0: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface wlp61s0: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface br0: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap0: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap1: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap25: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap5: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap2: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap15: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap3: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap4: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap10: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap20: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap16: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap17: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap26: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap18: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap27: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap19: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap28: Operation not permitted
pim6sd: 16:40:37.908 warning - Not registering detected interface vmtap29: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap6: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap7: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap8: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap9: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap11: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap12: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap13: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap14: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap21: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap22: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap23: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmtap24: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmbr0: Operation not permitted
pim6sd: 16:40:37.909 warning - Not registering detected interface vmbr1: Operation not permitted

Program received signal SIGSEGV, Segmentation fault.
0x0000555555575840 in start_vif (vifi=vifi@entry=1) at vif.c:370
370                     v->uv_querier->al_addr = v->uv_linklocal->pa_addr;
(gdb) bt
#0  0x0000555555575840 in start_vif (vifi=vifi@entry=1) at vif.c:370
#1  0x00005555555765e0 in check_vif_state () at vif.c:679
#2  0x0000555555572ab3 in age_vifs () at timer.c:224
#3  0x0000555555560a19 in timer (i=) at main.c:695
#4  0x00005555555571da in age_callout_queue (elapsed_time=) at callout.c:130
#5  0x0000555555556cad in main (argc=, argv=) at main.c:642
(gdb) bt full
#0  0x0000555555575840 in start_vif (vifi=vifi@entry=1) at vif.c:370
        v = 0x555555589200 
#1  0x00005555555765e0 in check_vif_state () at vif.c:679
        checking_vifs = 1
        v = 0x555555589200 
        ifr = {ifr_ifrn = {ifrn_name = "pim-veth0\000\000\000\000\000\000"}, ifr_ifru = {ifru_addr = {sa_family = 4099, sa_data = "\000\000\000\000\000\000\064gWUUU\000"}, ifru_dstaddr = {sa_family = 4099,
              sa_data = "\000\000\000\000\000\000\064gWUUU\000"}, ifru_broadaddr = {sa_family = 4099, sa_data = "\000\000\000\000\000\000\064gWUUU\000"}, ifru_netmask = {sa_family = 4099,
              sa_data = "\000\000\000\000\000\000\064gWUUU\000"}, ifru_hwaddr = {sa_family = 4099, sa_data = "\000\000\000\000\000\000\064gWUUU\000"}, ifru_flags = 4099, ifru_ivalue = 4099, ifru_mtu = 4099,
            ifru_map = {mem_start = 4099, mem_end = 93824992372532, base_addr = 3432, irq = 0 '\000', dma = 0 '\000', port = 0 '\000'}, ifru_slave = "\003\020\000\000\000\000\000\000\064gWUUU\000",
            ifru_newname = "\003\020\000\000\000\000\000\000\064gWUUU\000", ifru_data = 0x1003 }}
        vifi = 1
#2  0x0000555555572ab3 in age_vifs () at timer.c:224
        vifi = 
        v = 
        next_nbr = 
        curr_nbr = 
#3  0x0000555555560a19 in timer (i=) at main.c:695
No locals.
#4  0x00005555555571da in age_callout_queue (elapsed_time=) at callout.c:130
        ptr = 0x55555558fe40
        expQ = 0x55555558fe40
#5  0x0000555555556cad in main (argc=, argv=) at main.c:642
        dummy = 0
        dummysigalrm = 14
        fp = 
        tv = {tv_sec = 0, tv_usec = 487896}
        difftime = {tv_sec = 1, tv_usec = 178997}
        curtime = {tv_sec = 1556980843, tv_usec = 88486}
        lasttime = {tv_sec = 1556980843, tv_usec = 88486}
        timeout = 
        rfds = {fds_bits = {16, 0 }}
        readers = {fds_bits = {48, 0 }}
        nfds = 6
        n = 
        i = 
        secs = 
        sa = {__sigaction_handler = {sa_handler = 0x555555560a50 , sa_sigaction = 0x555555560a50 }, sa_mask = {__val = {0 }}, sa_flags = 0, sa_restorer = 0x0}
        d = 
        c = 
        tmpd = 
(gdb)
T-X commented 5 years ago

Actually, it does not seem to be the NO-CARRIER per se. It's just that setting pim-veth1 in the network namespace UP fixes it. If I set pim-veth1 DOWN again in the network namespace, so pim-veth0 becoming NO-CARRIER again, then the segfault does not reappear.

So to reproduce I need to delete and recreate the veth pair. Like:

$ ip link del pim-veth0
$ ip link add pim-veth0 type veth peer name pim-veth1
$ ip link set netns pim6test0 dev pim-veth1
$ ip link set up dev pim-veth0
[not setting pim-veth1 up here]
$ ./src/pim6sd -n -f pim6sd.conf
[5sec]
... segmentation fault
troglobit commented 5 years ago

Seems it bites the dust when the interface doesn't have a link-local address. I've added some checks for this in 10c64e3 to prevent segfaulting. Hope that helps!