segfault in rtnl_link_sriov_parse_vflist during __rtnl_link_alloc_cache #126
Comments
thom311
pushed a commit
that referenced
this issue
Jan 17, 2017
vf_vlan_info was incorrectly indexed with "len" (the length in bytes of the entire vfinfo_list rather than list_len (the index of the current end of the vf_vlan_info array) #126 http://lists.infradead.org/pipermail/libnl/2017-January/002270.html Fixes: 5d6e43e Signed-off-by: Thomas Haller <thaller@redhat.com>
thom311
added a commit
that referenced
this issue
Jan 17, 2017
#126 http://lists.infradead.org/pipermail/libnl/2017-January/002270.html Signed-off-by: Thomas Haller <thaller@redhat.com>
|
fixed. Thanks for reporting! |
chenyt9
pushed a commit
to MotorolaMobilityLLC/external-libnl-headers
that referenced
this issue
May 6, 2022
vf_vlan_info was incorrectly indexed with "len" (the length in bytes of the entire vfinfo_list rather than list_len (the index of the current end of the vf_vlan_info array) thom311/libnl#126 http://lists.infradead.org/pipermail/libnl/2017-January/002270.html Fixes: 5d6e43e Signed-off-by: Thomas Haller <thaller@redhat.com>
chenyt9
pushed a commit
to MotorolaMobilityLLC/external-libnl-headers
that referenced
this issue
May 6, 2022
thom311/libnl#126 http://lists.infradead.org/pipermail/libnl/2017-January/002270.html Signed-off-by: Thomas Haller <thaller@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After upgrading to libnl3 3.29-1 on Fedora 25, I get the following crash reliably when I try to run any program that calls netcf's netlink_init() (e.g. libvirtd, or "ncftool list") on a machine with an SRIOV network adapter (in my case an Intel 82576, which uses the igb driver and has 2 x 7 VFs):
Program received signal SIGBUS, Bus error.
rtnl_link_sriov_parse_vflist (link=link@entry=0x55555583ce00,
tb=tb@entry=0x7fffffffd7e0) at route/link/sriov.c:571
571 vf_vlan_info[len] = nla_data(nla_list);
Missing separate debuginfos, use: dnf debuginfo-install libselinux-2.5-13.fc25.x86_64 ncurses-libs-6.0-6.20160709.fc25.x86_64 pcre-8.40-1.fc25.x86_64 xz-libs-5.2.2-2.fc24.x86_64
(gdb) where
#0 rtnl_link_sriov_parse_vflist (link=link@entry=0x55555583ce00,
tb=tb@entry=0x7fffffffd7e0) at route/link/sriov.c:571
#1 0x00007ffff610048d in link_msg_parser (ops=,
who=, n=0x555555843900, pp=0x7fffffffdb00)
at route/link.c:631
#2 0x00007ffff5eca6e3 in nl_cache_parse (ops=0x7ffff634e920 <rtnl_link_ops>,
who=0x55555583c328, nlh=0x555555843900, params=0x7fffffffdb00)
at cache.c:994
#3 0x00007ffff5eca72b in update_msg_parser (msg=,
arg=) at cache.c:670
#4 0x00007ffff5ed0c3c in nl_cb_call (msg=,
type=, cb=)
at ../include/netlink-private/netlink.h:146
#5 recvmsgs (cb=0x55555583c230, sk=0x55555583bf70) at nl.c:1004
#6 nl_recvmsgs_report (sk=sk@entry=0x55555583bf70, cb=cb@entry=0x55555583c230)
at nl.c:1055
#7 0x00007ffff5ed1069 in nl_recvmsgs (sk=sk@entry=0x55555583bf70,
cb=cb@entry=0x55555583c230) at nl.c:1079
#8 0x00007ffff5ec9acb in __cache_pickup (sk=sk@entry=0x55555583bf70,
cache=cache@entry=0x55555583a8d0, param=param@entry=0x7fffffffdb00)
at cache.c:703
#9 0x00007ffff5eca65d in __nl_cache_pickup (checkdup=0, cache=0x55555583a8d0,
sk=0x55555583bf70) at cache.c:750
---Type to continue, or q to quit---
#10 nl_cache_pickup (sk=sk@entry=0x55555583bf70,
cache=cache@entry=0x55555583a8d0) at cache.c:783
#11 0x00007ffff5eca891 in nl_cache_refill (sk=sk@entry=0x55555583bf70,
cache=cache@entry=0x55555583a8d0) at cache.c:1063
#12 0x00007ffff60fee55 in rtnl_link_alloc_cache_flags (sk=0x55555583bf70,
family=family@entry=0, result=result@entry=0x7fffffffdbb0,
flags=flags@entry=0) at route/link.c:1230
#13 0x00007ffff60feea7 in rtnl_link_alloc_cache (sk=,
family=family@entry=0, result=result@entry=0x7fffffffdbb0)
at route/link.c:1265
#14 0x00007ffff7bcc52f in __rtnl_link_alloc_cache (sk=)
at dutil_linux.c:80
#15 netlink_init (ncf=ncf@entry=0x55555575d410) at dutil_linux.c:692
#16 0x00007ffff7bcd707 in drv_init (ncf=0x55555575d410) at drv_redhat.c:399
#17 0x00005555555560f9 in main (argc=2, argv=0x7fffffffde58) at ncftool.c:851
The text was updated successfully, but these errors were encountered: