HIPL

hipconf rst and hipd crash

Bug #789298 reported by Miika Komu
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
HIPL
Fix Committed
High
Unassigned

Bug Description

The current trunk (5946) crashes with the following:

trigger base exchange (by other means than hipconf add map - which seems broken too)
hipconf rst all

gdb reports the error as follows:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7894732 in lh_free () from /lib/libcrypto.so.0.9.8
(gdb) bt
#0 0x00007ffff7894732 in lh_free () from /lib/libcrypto.so.0.9.8
#1 0x000000000043c247 in lmod_run_functions_on_state (state=0x675130, list=0x665ba0) at lib/core/modularization.c:203
#2 0x000000000043c27e in lmod_uninit_state (state=0x6751f4) at lib/core/modularization.c:329
#3 0x000000000040f1f0 in hip_hadb_delete_state (ha=0x6737f0) at hipd/hadb.c:889
#4 hip_del_peer_info_entry (ha=0x6737f0) at hipd/hadb.c:931
#5 0x0000000000408c5e in hip_close_ack_handle_packet (packet_type=<value optimised out>, ha_state=<value optimised out>, ctx=0x7fffffffea10) at hipd/close.c:482
#6 0x00000000004217ad in hip_run_handle_functions (packet_type=<value optimised out>, ha_state=8, ctx=0x7fffffffea10) at hipd/pkt_handling.c:161
#7 0x000000000041937a in hip_receive_control_packet (ctx=0x7fffffffea10) at hipd/input.c:577
#8 0x0000000000419659 in hip_receive_udp_control_packet (ctx=0x6751f4) at hipd/input.c:643
#9 0x0000000000411734 in hip_run_socket_handles (read_fdset=0x7fffffffe980, ctx=0x7fffffffea10) at hipd/hip_socket.c:307
#10 0x00000000004124f9 in hipd_main (argc=<value optimised out>, argv=<value optimised out>) at hipd/hipd.c:403

Related branches

lp:hipl
Miika Komu (miika-iki)
Changed in hipl:
importance: Undecided → High
Revision history for this message
Miika Komu (miika-iki) wrote :

A quick test showed that this bug is a result of the following commit:

revno: 5938 [merge]
committer: Stefan Götz <email address hidden>
branch nick: hipl
timestamp: Mon 2011-05-23 19:02:42 +0200
message:
  Merge the delist branch.
  Branch: https://code.launchpad.net/~stefan.goetz/hipl/delist
  Merge proposal: https://code.launchpad.net/~stefan.goetz/hipl/delist/+merge/60724

  Remove some uses of the various linked list implementations from HIPL.
modified:
  firewall/firewall_control.c
  firewall/user_ipsec_api.c
  firewall/user_ipsec_fw_msg.c
  firewall/user_ipsec_fw_msg.h
  firewall/user_ipsec_sadb.c
  firewall/user_ipsec_sadb.h
  hipd/cookie.c
  hipd/hadb.c
  hipd/hit_to_ip.c
  modules/update/hipd/update.c
  modules/update/hipd/update.h
  modules/update/hipd/update_param_handling.c

Revision history for this message
Stefan Götz (stefan.goetz-deactivatedaccount) wrote :

I can reproduce this issue. I'll have a closer look at it given that my commit caused this.

Changed in hipl:
status: New → Confirmed
assignee: nobody → Stefan Götz (stefan.goetz)
Revision history for this message
Stefan Götz (stefan.goetz-deactivatedaccount) wrote :

In revno 5938, a hash table disguised as a list was replaced by an array. In one place, I forgot to replace the hash table handling code which was then erroneously invoked on the array which leads to the described crash and bug. Can someone confirm that the attached patch fixes this resolves this issue?

Changed in hipl:
status: Confirmed → In Progress
Revision history for this message
Miika Komu (miika-iki) wrote :

Confirmed, please commit and close the bug.

Changed in hipl:
status: In Progress → Confirmed
Revision history for this message
David Martin (martin-lp) wrote :

Well, if anything that's a good reason for thorough code reviews.
The segfault is produced in code that I wrote and I should have spotted the possible issue in Stefan's merge proposal. Shame on me for not reading through it this time. I'll do my best to change this in the future.

PS: Here's another confirm that your patch fixes the issue, Stefan.

Revision history for this message
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : Re: [Bug 789298] Re: hipconf rst and hipd crash

Thanks. Anyone please feel free to commit the patch, I might not get
around to it until Wednesday evening, sorry.

Stefan

Miika Komu (miika-iki)
Changed in hipl:
status: Confirmed → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.