[Olsr-dev] OLSRv2 Segfault

Henning Rogge (spam-protected)
Fri Dec 27 19:47:53 CET 2013 

Hi,

thank you for the bugreport, I would like to dig a little bit deeper
into this problem (maybe writing an automatic test-case afterwards).

Can you post the whole stacktrace from GDB first? That would allow to
identify if the error happens during the creation of a Hello or a TC.

Henning Rogge

On Fri, Dec 27, 2013 at 11:10 AM, Vigneswaran R <(spam-protected)> wrote:
> Hello,
>
> I am running olsrd2 on a few (qemu) virtual machines. On one of the virtual
> machines, olsrd2 segfaults within a few seconds. I am invoking OLSRd2 in the
> following manner,
>
>     ./olsrd2 --set interface[eth0].bindto=10.0.0.0/8 --set
> interface[eth1].bindto=10.0.0.0/8 --set interface[eth2].bindto=10.0.0.0/8
>
> Traced the error using gdb to some extent. Please see the following patch
> for context.
>
> In general, addr_start->_block_end becomes NULL just before exiting from the
> do..while loop. However, in some cases, addr_start->_block_end becomes NULL
> before the do..while loop meeting the exit criteria (addr_end == last_addr).
> So, the loop continues and trying to de-reference NULL pointer causing
> segfault.
>
> --- a/oonf_api/src-api/rfc5444/rfc5444_msg_generator.c    2013-12-19
> 18:27:48.471467295 +0530
> +++ b/oonf_api/src-api/rfc5444/rfc5444_msg_generator.c    2013-12-27
> 14:15:14.000000000 +0530
> @@ -1180,7 +1180,7 @@
>      tlvblock_length[0] = (ptr - tlvblock_length - 2) >> 8;
>      tlvblock_length[1] = (ptr - tlvblock_length - 2) & 255;
>      addr_start = list_next_element(addr_end, _addr_node);
> -  } while (addr_end != last_addr);
> +  } while (addr_end != last_addr && addr_start->_block_end != NULL);
>
>    /* store size of address(tlv) data */
>    msg->_bin_addr_size = ptr - start;
>
>
> I am using the latest oonf_api (last commit:
> 2355db6a460abe10cc7096842b3b10686c68012c) and olsrd2 (last commit:
> 23051120419372a175ddb08fa8a3bb8d7d709f1e) repositories.
>
> The Interface details are,
>
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
> UP qlen 1000
>     link/ether de:ad:be:ef:5a:38 brd ff:ff:ff:ff:ff:ff
>     inet 10.5.11.1/8 brd 10.255.255.255 scope global eth0
>     inet6 fe80::dcad:beff:feef:5a38/64 scope link
>        valid_lft forever preferred_lft forever
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
> UP qlen 1000
>     link/ether de:ad:be:ef:0d:2f brd ff:ff:ff:ff:ff:ff
>     inet 10.5.11.2/8 brd 10.255.255.255 scope global eth1
>     inet6 fe80::dcad:beff:feef:d2f/64 scope link
>        valid_lft forever preferred_lft forever
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
> UP qlen 1000
>     link/ether de:ad:be:ef:5a:39 brd ff:ff:ff:ff:ff:ff
>     inet 10.5.11.3/8 brd 10.255.255.255 scope global eth2
>     inet6 fe80::dcad:beff:feef:5a39/64 scope link
>        valid_lft forever preferred_lft forever
>
>
> Regards,
> Vignesh
>
> --
> Olsr-dev mailing list
> (spam-protected)
> https://lists.olsr.org/mailman/listinfo/olsr-dev

More information about the Olsr-dev mailing list