Hello again,
I narrowed the bug down to the kernel protocol. The config for debugging
is as follows:
--- snip ---
log syslog all;
router id 10.33.0.0;
protocol device {
scan time 15;
}
filter myrange {
if net ~ fd22:9c28:6cf6::/48 then accept;
reject;
};
protocol kernel {
# scan time 10;
ipv6 {
export all;
};
# learn;
}
protocol ospf v3 MyOSPF {
ipv6 {
import filter myrange;
export filter myrange;
};
area 0 {
networks {
fd22:9c28:6cf6::/48;
};
interface "eth0.1000" {
hello 2;
dead 5;
cost 10;
};
};
}
--- snap ---
If I remove the comment on "scan" or "learn" in the "protocol kernel"
section, I get the segfault.
Thanks for the code so far,
Lorenz
Am 26.04.19 um 13:39 schrieb Maria Jan Matejka:
> On 4/26/19 1:08 PM, lor...@irmhil.de wrote:
>> Hello,
>>
>> after a "make clean", "./configure" and "make" I got this compile-time
>> warning:
>>
>> --- snip ---
>>
>> sysdep/unix/io.c: In function ‘times_init’:
>> sysdep/unix/io.c:135:45: warning: comparison is always false due to limited
>> range of data type [-Wtype-limits]
>> if ((ts.tv_sec < 0) || (((s64) ts.tv_sec) > ((s64) 1 << 40)))
>> ^
>> --- snap ---
>>
>>
>> But unfortunately the segmentation fault is still there. Is there anything I
>> can do?
> Thank you for investigation; anyway I have no clue what may be happening.
> I'll try to install a local QEMU host to simulate this and then I'll return
> to you off-list if I don't happen to find any problem that may be related to
> this.
>
> Sadly, this seems too much to be some strange use-after-free (which may be
> caused
> by some architecture-specific misbehaviour) which I'm probably unable to debug
> only from core.
>
> Thank you
> Maria
>
>>
>> --- snip ---
>>
>> Core was generated by `bird -c bird.conf'.
>> Program terminated with signal SIGSEGV, Segmentation fault.
>> #0 ea__find (id=1554, e=0x81000601, e@entry=0x0) at nest/rt-attr.c:389
>> 389 if (e->flags & EALF_BISECT)
>> (gdb) #0 ea__find (id=1554, e=0x81000601, e@entry=0x0) at nest/rt-attr.c:389
>> a = <optimized out>
>> l = <optimized out>
>> r = <optimized out>
>> m = <optimized out>
>> a = <optimized out>
>> l = <optimized out>
>> r = <optimized out>
>> m = <optimized out>
>> #1 ea_find (e=e@entry=0xf1ede200, id=id@entry=1554) at nest/rt-attr.c:426
>> a = <optimized out>
>> #2 0x005267ba in nl_send_route (p=p@entry=0x575748, e=e@entry=0x587170,
>> op=op@entry=1536, dest=<optimized out>, nh=<optimized out>,
>> nh@entry=0x59c664) at sysdep/linux/netlink.c:1269
>> ea = <optimized out>
>> net = 0x588174
>> a = 0x59c630
>> eattrs = <optimized out>
>> bufsize = 284
>> priority = <optimized out>
>> r = 0xbee4f180
>> rsize = 312
>> metrics = {16, 0, 0, 3202675588, 12, 5681780, 5796832, 5800932,
>> 3202675764, 5783224, 5414941, 2147483648, 5797092, 5800932, 3202675764, 0}
>> ews = {eattrs = 0x58e174, ea = 0x52aafb <krt_got_route+574>, visited
>> = {5585652, 5797092, 5796884, 5585808}}
>> #3 0x005271b8 in nl_add_rte (e=0x587170, p=0x575748) at
>> sysdep/linux/netlink.c:1351
>> a = 0x59c630
>> err = 0
>> a = <optimized out>
>> err = <optimized out>
>> nh = <optimized out>
>> #4 krt_replace_rte (p=p@entry=0x575748, n=n@entry=0x588174,
>> new=new@entry=0x587170, old=old@entry=0x5874b0) at
>> sysdep/linux/netlink.c:1387
>> err = 0
>> #5 0x0052a4d2 in krt_prune (p=0x575748) at sysdep/unix/krt.c:751
>> verdict = 2
>> new = <optimized out>
>> old = 0x5874b0
>> rt_free = 0x0
>> fn_ = 0x58817c
>> ff_ = 0x574694
>> count_ = <optimized out>
>> n = <optimized out>
>> t = 0x574330
>> t = <optimized out>
>> fn_ = <optimized out>
>> ff_ = <optimized out>
>> count_ = <optimized out>
>> n = <optimized out>
>> verdict = <optimized out>
>> new = <optimized out>
>> old = <optimized out>
>> rt_free = <optimized out>
>> #6 krt_scan (t=<optimized out>) at sysdep/unix/krt.c:838
>> p = 0x575748
>> q = 0x5758a8
>> #7 0x004f2b86 in timers_fire (loop=loop@entry=0x56b7f0 <main_timeloop>) at
>> lib/timer.c:235
>> ---Type <return> to continue, or q <return> to quit--- base_time =
>> 74049570330
>> t = <optimized out>
>> #8 0x0052976e in io_loop () at sysdep/unix/io.c:2193
>> poll_tout = <optimized out>
>> timeout = <optimized out>
>> nfds = <optimized out>
>> events = 1
>> pout = <optimized out>
>> t = <optimized out>
>> s = <optimized out>
>> n = <optimized out>
>> fdmax = 256
>> pfd = 0x585df0
>> #9 0x004dabc6 in main (argc=<optimized out>, argv=<optimized out>) at
>> sysdep/unix/main.c:884
>> use_uid = <optimized out>
>> use_gid = <optimized out>
>> conf = <optimized out>
>> (gdb) quit
>>
>> --- snap ---
>>
>>
>>
>> Am 26.04.19 um 08:09 schrieb lor...@irmhil.de:
>>> Hello again!
>>>
>>> I'm new to gdb - thank you for your quick advice.
>>>
>>> I ran bird again, about 10 seconds later it segfaulted again and dumped
>>> core.
>>>
>>> Looks like some strange metrics?
>>>
>>> I tried running bird on another ARM v7-box (Odroid XU4, nearly the same
>>> hardware as the Odroid HC-2) on the same network with a similar config.
>>> That bird doesn't crash. Perhaps something happend on compiling or
>>> installing bird, I'll try recompiling and reinstalling it.
>>>
>>> Thanks for any support!
>>>
>>> Lorenz
>>>
>>>
>>> The backtrace is:
>>>
>>> --- snip ---
>>> ...
