Debian Bug report logs -
#819287
[ifupdown] ifquery crashes with segfault during boot on Ubuntu 15.10
Reported by: Imre Deak <imre.deak@gmail.com>
Date: Sat, 26 Mar 2016 03:09:02 UTC
Severity: normal
Found in version 0.7.54ubuntu1.3
Fixed in version ifupdown/0.8.11
Done: Guus Sliepen <guus@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Guus Sliepen <guus@debian.org>:
Bug#819287; Package ifupdown.
(Sat, 26 Mar 2016 03:09:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Imre Deak <imre.deak@gmail.com>:
New Bug report received and forwarded. Copy sent to Guus Sliepen <guus@debian.org>.
(Sat, 26 Mar 2016 03:09:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: ifupdown
Version: 0.7.54ubuntu1.3
The following crash is easily reproducible on Ubuntu/15.10:
"[ 2.091111] ifquery[617]: segfault at 0 ip 00007f84bb722327 sp 00007ffde43a0488 error 4 in libc-2.21.so[7f84bb5dd000+1c0000]"
Checking the corresponding core dump shows the problem:
$ gdb --core /var/crash/ifquery-617-11.core /sbin/ifquery
...
Core was generated by `ifquery --state eno1'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 __strncmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:235
235 ../sysdeps/x86_64/multiarch/strcmp-sse42.S: No such file or directory.
(gdb) bt
#0 __strncmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:235
#1 0x0000000000403381 in main (argc=<optimized out>, argv=<optimized out>) at main.c:630
(gdb) l
230 in ../sysdeps/x86_64/multiarch/strcmp-sse42.S
(gdb) f 1
#1 0x0000000000403381 in main (argc=<optimized out>, argv=<optimized out>) at main.c:630
warning: Source file is more recent than executable.
630 if (strncmp(target_iface[j], up_ifaces[i], l) == 0) {
(gdb) l
625 for (int j = 0; j < n_target_ifaces; j++) {
626 size_t l = strlen(target_iface[j]);
627 bool found = false;
628
629 for (int i = 0; i < n_up_ifaces; i++) {
630 if (strncmp(target_iface[j], up_ifaces[i], l) == 0) {
631 if (up_ifaces[i][l] == '=') {
632 puts(up_ifaces[i]);
633 found = true;
634 break;
(gdb) p n_target_ifaces
$1 = 1
(gdb) p j
$2 = 0
(gdb) p target_iface[j]
$3 = 0x7ffde43a1f7a "eno1"
(gdb) p n_up_ifaces
$4 = 4
(gdb) p i
$5 = 0
(gdb) p up_ifaces[i]
$6 = 0x0
(gdb) p l
$7 = 4
So read_all_state() leaves uninitialized values in up_ifaces and
n_up_ifaces if the interface state file doesn't exist which leads to
strnmp segfaulting due to the invalid pointer passed to it. On my Ubuntu
15.10 system the state file doesn't exist yet when ifquery runs and so I
hit this problem easily. There doesn't seem to be any further issues
related to this though, the state file gets created eventually and the
network comes up fine.
I attached a patch that fixes this and gets rid of the boot time
segfault.
--Imre
[0001-Fix-read_all_state-when-no-statefile-exists.patch (text/x-diff, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Guus Sliepen <guus@debian.org>:
Bug#819287; Package ifupdown.
(Sat, 26 Mar 2016 10:39:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Imre Deak <imre.deak@gmail.com>:
Extra info received and forwarded to list. Copy sent to Guus Sliepen <guus@debian.org>.
(Sat, 26 Mar 2016 10:39:05 GMT) (full text, mbox, link).
Message #10 received at 819287@bugs.debian.org (full text, mbox, reply):
This same issue was tracked already in Ubuntu Launchpad, I added a link
to this bug over there:
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1416793?comments=all
Reply sent
to Guus Sliepen <guus@debian.org>:
You have taken responsibility.
(Thu, 21 Apr 2016 16:57:13 GMT) (full text, mbox, link).
Notification sent
to Imre Deak <imre.deak@gmail.com>:
Bug acknowledged by developer.
(Thu, 21 Apr 2016 16:57:13 GMT) (full text, mbox, link).
Message #15 received at 819287-close@bugs.debian.org (full text, mbox, reply):
Source: ifupdown
Source-Version: 0.8.11
We believe that the bug you reported is fixed in the latest version of
ifupdown, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 819287@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guus Sliepen <guus@debian.org> (supplier of updated ifupdown package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 21 Apr 2016 18:22:20 +0200
Source: ifupdown
Binary: ifupdown
Architecture: source amd64
Version: 0.8.11
Distribution: unstable
Urgency: medium
Maintainer: Guus Sliepen <guus@debian.org>
Changed-By: Guus Sliepen <guus@debian.org>
Description:
ifupdown - high level tools to configure network interfaces
Closes: 814312 819287
Changes:
ifupdown (0.8.11) unstable; urgency=medium
.
[ Wido den Hollander ]
* Wait properly for Link-Local Address to go through DAD.
.
[ Imre Deak ]
* Fix read_all_state when no state file exists. Closes: 819287
.
[ Arthur Gautier ]
* Implement link naming (ip link set alias)
.
[ Martin Pitt <martin.pitt@ubuntu.com> ]
* Add autopkgtest for "allow-hotplug" interfaces. Closes: #814312
.
[ Guus Sliepen ]
* Bump Standards-Version.
Checksums-Sha1:
fa2cd04f10e44baba9dafaac7fd49df84ee6ce7e 1563 ifupdown_0.8.11.dsc
39781555409162abc11727080540343f688473f2 70660 ifupdown_0.8.11.tar.xz
b6afa991f80bdad8a0e66f4aa59cbbf4e5afbb0a 62030 ifupdown-dbgsym_0.8.11_amd64.deb
d1e4435b9e626f868f56f6b2faac0388b561bc74 74146 ifupdown_0.8.11_amd64.deb
Checksums-Sha256:
59866431e582f03bc4e084cda5a71938bf75ddd62a1548c22fa5f7c3d734fdc8 1563 ifupdown_0.8.11.dsc
031bde2faec65e1c962476eba19718f0918ca7e058882cd06e032e4f95e88e87 70660 ifupdown_0.8.11.tar.xz
517d61d112d4a847642fb2a4a1a69c36832198f7a3fbf4c84a8114512021f4ef 62030 ifupdown-dbgsym_0.8.11_amd64.deb
e89368b40d96d86c24a64aad0ee13a4f684817d6c2d087bc50fabf25096e0724 74146 ifupdown_0.8.11_amd64.deb
Files:
b861f42bbeec9c5c374b456ed024b363 1563 admin important ifupdown_0.8.11.dsc
a21aa737a374c58ccde119bb9f9beac8 70660 admin important ifupdown_0.8.11.tar.xz
29d972339fedb51d1b3ed359b6b29a94 62030 debug extra ifupdown-dbgsym_0.8.11_amd64.deb
df9c61b760af2edb61629c85c6daee37 74146 admin important ifupdown_0.8.11_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXGP7BAAoJED9JDeuHHvn6FJEP/R6o5dwRzoacA2HI87dE28j5
eTS9YctbtUnKTrSmZGTo7N9CtAgAAY8zKWNTVzRq69Ll45CyLyxqUUKsTXRlnsO5
G3HgW132yEu6qPj6b5jnyscJRoU/1KW49Z79q3r+lDuxsiQ6RqK3IaTqe/5/sMf2
zMYFhTLg+OtGjMwrPZ/E9iFI6uaTOhCE/Wzhd+eskyi1uJMgwI6YkgS3HG2ukqJV
bhp74Y4w2BvzsdBjE4/0Ke9Xbd66dcQOi/+CXADsqNMXAKND+HvSPL9rjZOB/5ur
Ueo8FAUxYZVVh/XKXjzRXKQ5MbTDLcPpbmZ/fixdcwRW30bk3ofJAVxKOCJjnnb/
YUtmlHa2ETdzzI3lbiec4X9xDnnabtbQt3F91IUb5mAsa0QfjDseiWfK598ZDjnn
ACvTTwlMNFbBFUf+pG/3AmCHRlmWFlB6NDKK3Cz/9X9Nus5IEnnMw7fV9DbWu9IM
VaTxnrO12KPBlgTwI4PfG1VWhDodjGPpBlmv5VE7BwxIG3nNapkoCpPKRPVfGbuF
dN4Q+UdDVfpIIcR8Ebtapq9SW/XIjOhDHfRlZ3SJUCWKAyRtRMjJ/DMMDU29FMGJ
OxAKmzBtbCZNK97qS4mqARRnJholYTQi8b3VJx65DUu/RliTHYicjWR9CmcBMSsP
2Jvo68jm+b/kYW34/U0m
=G72G
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 20 May 2016 07:35:14 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Thu Aug 8 02:53:53 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.