NetBSD Problem Report #52656
From bouyer@antioche.eu.org Wed Oct 25 19:26:32 2017
Return-Path: <bouyer@antioche.eu.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id A1BF37A1D3
for <gnats-bugs@gnats.NetBSD.org>; Wed, 25 Oct 2017 19:26:32 +0000 (UTC)
Message-Id: <20171025192627.93B4E295E@rochebonne.antioche.eu.org>
Date: Wed, 25 Oct 2017 21:26:27 +0200 (CEST)
From: bouyer@antioche.eu.org
Reply-To: bouyer@antioche.eu.org
To: gnats-bugs@NetBSD.org
Subject: dhcpcd dumps core on carrier down/up
X-Send-Pr-Version: 3.95
>Number: 52656
>Category: bin
>Synopsis: dhcpcd dumps core on carrier down/up
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: roy
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Oct 25 19:30:00 +0000 2017
>Closed-Date: Sat Jan 20 10:49:11 +0000 2018
>Last-Modified: Sat Jan 20 10:49:11 +0000 2018
>Originator: Manuel Bouyer
>Release: NetBSD 8.0_BETA
>Organization:
>Environment:
System: NetBSD chartplotter 8.0_BETA NetBSD 8.0_BETA (CHARTPLOTTER) #4: Mon Oct 16 17:21:57 CEST 2017 bouyer@bop.soc.lip6.fr:/dsk/l1/misc/bouyer/tmp/earmv7hf/obj/dsk/l1/misc/bouyer/netbsd-8/src/sys/arch/evbarm/compile/CHARTPLOTTER evbarm
Architecture: earmv7hf
Machine: evbarm
>Description:
On an ipv6-enabled network, this device stays up but the network
cable can be disconnected for several hours.
On reconnect, dhcpcd dumps core.
I tracked it down to ifp being NULL in ipv6_addaddr1() at line 675.
This looks expected as this is the exit condition of the loop
before.
Changing it to ap->iface->name, as in the patch below, prevents the
NULL dereference. On cable connect the messages are:
Oct 25 20:36:32 chartplotter dhcpcd[9821]: axe0: carrier acquired
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: 2001:7a8:242c:0:412d:f5ec:a38c:ded7/64: lifetime overflow
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: expired address 2001:7a8:242c:0:412d:f5ec:a38c:ded7/64
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: deleting route to 2001:7a8:242c::/64
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: IAID 86:f1:6b:4d
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: adding route to 2001:7a8:242c::/64
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: soliciting a DHCP lease
Oct 25 20:36:33 chartplotter dhcpcd[9821]: axe0: offered 10.0.2.12 from 10.0.0.254
>How-To-Repeat:
disconnect and reconnect several hours later the ethernet cable
on my IPv6-enabled network (maybe any network ?)
>Fix:
this patch gives me the expected behavior. From my understanding
of the code it should be correct but I'll let Roy double-check it.
Index: dist/src/ipv6.c
===================================================================
RCS file: /cvsroot/src/external/bsd/dhcpcd/dist/src/ipv6.c,v
retrieving revision 1.1.1.3
diff -u -p -u -r1.1.1.3 ipv6.c
--- dist/src/ipv6.c 10 May 2017 11:00:37 -0000 1.1.1.3
+++ dist/src/ipv6.c 25 Oct 2017 19:19:59 -0000
@@ -672,7 +672,7 @@ ipv6_addaddr1(struct ipv6_addr *ap, cons
/* This should never happen. */
if (ap->prefix_vltime > vltime) {
logerrx("%s: %s: lifetime overflow",
- ifp->name, ap->saddr);
+ ap->iface->name, ap->saddr);
ap->prefix_vltime = ap->prefix_pltime = 0;
}
}
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: bin-bug-people->roy
Responsible-Changed-By: bouyer@NetBSD.org
Responsible-Changed-When: Wed, 25 Oct 2017 19:35:45 +0000
Responsible-Changed-Why:
Over to dhcpcd author
From: Roy Marples <roy@marples.name>
To: gnats-bugs@NetBSD.org, roy@NetBSD.org, netbsd-bugs@netbsd.org,
bouyer@NetBSD.org, bouyer@antioche.eu.org
Cc:
Subject: Re: bin/52656 (dhcpcd dumps core on carrier down/up)
Date: Thu, 26 Oct 2017 05:21:13 +0100
This should already be fixed in r1.1.1.4
From: Manuel Bouyer <bouyer@antioche.eu.org>
To: Roy Marples <roy@marples.name>
Cc: gnats-bugs@NetBSD.org, roy@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/52656 (dhcpcd dumps core on carrier down/up)
Date: Thu, 26 Oct 2017 11:30:21 +0200
On Thu, Oct 26, 2017 at 05:21:13AM +0100, Roy Marples wrote:
> This should already be fixed in r1.1.1.4
netbsd-8 still has 1.1.1.3 is seems ...
This needs a pullup request.
--
Manuel Bouyer <bouyer@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
State-Changed-From-To: open->closed
State-Changed-By: roy@NetBSD.org
State-Changed-When: Sat, 20 Jan 2018 10:49:11 +0000
State-Changed-Why:
dhcpcd-7.0.0 was pulled up to -8 in ticket #478
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.