[Olsr-dev] OSLRd2 segmentation fault
Gabriel
(spam-protected)
Thu Apr 21 04:34:32 CEST 2016
Hi, I've fixed the bug on MIPS platform.
Using gdb I found out that the instruction causing the SEGFAULT was in
olsrv2_routing.c at line 598:
memcpy(&rtentry->last_originator, last_originator,
sizeof(*last_originator));
After the the SEGFAULT I printed the variable "last_originator" in gdb
and it was null.
I
Now I can't reproduce anymore the SEGFAULT on MIPS6, so I have to assume
is fixed.
I've attached the patch.
Regarding OpenWRT on ar7xxx I can't recompile the deamon on the fly, so
now I'm not able to debug it.
I played a little bit with the configurations and I think the bug get
triggered when the neighbor filter out ipv4 originators with this
configuration:
[olsrv2]
originator -0.0.0.0/0
originator -::1/128
originator default_accept
Thanks, Gabriel
On 20/04/2016 23:11, Gabriel wrote:
>
>
> On 20/04/2016 20:03, Henning Rogge wrote:
>> On Wed, Apr 20, 2016 at 8:01 PM, Gabriel <(spam-protected)> wrote:
>>> I'm running 0.9.2 on openwrt(ar7xxx) and 0.11.2
>>> on debian(MIPS64)
>>
>> Please update to 0.11.2 (or 0.11.3) on both systems...
>>
>> if you want to use 0.11.3 for OpenWRT you can use my own Routing Feed
>> (I expect 0.11.3 to appear in the official one in the next days).
>>
>> https://github.com/HRogge/packages
>>
>> Henning
>>
>
>
> I've updated to 0.11.3 on OpenWRT. The Edgerouter is still running 0.11.2
>
> The daemons behave in the same way as before.
>
> This are the last lines of strace on the Openwrt router:
>
> writev(3, [{"20:35:32.694 DEBUG(olsrv2_routin"..., 130}, {NULL, 0}], 2)
> = 130
> clock_gettime(CLOCK_REALTIME, {1461177332, 700907012}) = 0
> munmap(0x77942000, 27) = 0
> open("/etc/TZ", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_CLOEXEC) = 26
> fstat64(26, {st_mode=S_IFREG|0644, st_size=27, ...}) = 0
> mmap2(NULL, 27, PROT_READ, MAP_SHARED, 26, 0) = 0x77942000
> close(26) = 0
> writev(3, [{"20:35:32.700 DEBUG(class) s\n 215"..., 84}, {NULL, 0}], 2) = 84
> clock_gettime(CLOCK_REALTIME, {1461177332, 706464758}) = 0
> munmap(0x77942000, 27) = 0
> open("/etc/TZ", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_CLOEXEC) = 26
> fstat64(26, {st_mode=S_IFREG|0644, st_size=27, ...}) = 0
> mmap2(NULL, 27, PROT_READ, MAP_SHARED, 26, 0) = 0x77942000
> close(26) = 0
> writev(3, [{"20:35:32.706 DEBUG(olsrv2_routin"..., 125}, {NULL, 0}], 2)
> = 125
> --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
> +++ killed by SIGSEGV +++
> Segmentation fault
>
>
>
>
> This are the last lines of strace on EdgeRouter:
>
> write(2, "21:00:29.394 DEBUG(olsrv2_routin"..., 15621:00:29.394
> DEBUG(olsrv2_routing) src-plugins/olsrv2/olsrv2/olsrv2_routing.c 589:
> Initialize route entry dst 172.19.64.1 [0.0.0.0/0] with pathcost
> 16776960) = 156
> write(2, "\n", 1
> ) = 1
> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> +++ killed by SIGSEGV +++
> Segmentation fault
>
>
>
>
> Just making some hypothesis... but maybe the bug is correlated to the
> olsr1's one.
>
> I checked the code at olsrdv2_routing.c:589 :
>
> OONF_DEBUG(LOG_OLSRV2_ROUTING, "Initialize route entry dst %s [%s] with
> pathcost %u",
> netaddr_to_string(&nbuf1, &rtentry->route.p.key.dst),
> netaddr_to_string(&nbuf2, &rtentry->route.p.key.src),
> pathcost);
>
>
> This is the code at src/link_set.c:361 in OLSRD1
>
> OLSR_PRINTF(1, "Set linkloss multiplier for %s on %s to %d\n",
> olsr_ip_to_string(&buf, &entry->neighbor_iface_addr),
> cfg_inter->name, val);
>
>
>
> They looks kinda similar to me.
>
>
> Next thing I'm gonna do is to try to reproduce these bugs on another
> EdgeRouter.
>
>
> Gabriel
>
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Check-if-memory-location-is-empty-before-copying-it.patch
Type: text/x-patch
Size: 1018 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160421/78954050/attachment.bin>
More information about the Olsr-dev
mailing list