Bug 125958 - traceroute6 segfaults when packet length is too large
Summary: traceroute6 segfaults when packet length is too large
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: iputils   
(Show other bugs)
Version: 2
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Radek Vokal
QA Contact: Mike McLean
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-06-14 15:51 UTC by Per Steinar Iversen
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-01-31 09:14:04 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Per Steinar Iversen 2004-06-14 15:51:00 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040116

Description of problem:
traceroute6 segfaults if the packet length is set too large:

Here is a test on the local network::

# traceroute6 www.it.hio.no 1440
traceroute to www.it.hio.no (2001:700:700:1:2c0:9fff:fe35:281e) from
2001:700:700:1:202:b3ff:fe8f:6379, 30 hops max, 1440 byte packets
 1  www.it.hio.no (2001:700:700:1:2c0:9fff:fe35:281e)  1.076 ms  4.147
ms  3.293 ms

# traceroute6 www.it.hio.no 1441
traceroute to www.it.hio.no (2001:700:700:1:2c0:9fff:fe35:281e) from
2001:700:700:1:202:b3ff:fe8f:6379, 30 hops max, 1441 byte packets
Segmentation fault

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:02:B3:8F:63:79
          inet addr:158.36.161.50  Bcast:158.36.161.255 
Mask:255.255.255.0
          inet6 addr: 2001:700:700:1:202:b3ff:fe8f:6379/64 Scope:Global
          inet6 addr: fe80::202:b3ff:fe8f:6379/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:430 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1385 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:103211 (100.7 Kb)  TX bytes:214463 (209.4 Kb)
 
# uname -a
Linux lumi.hio.no 2.6.6-1.427 #1 Thu Jun 10 09:33:46 EDT 2004 i686
i686 i386 GNU/Linux

Anything above 1440 bytes fails to work.



Version-Release number of selected component (if applicable):
iputils-20020927-13

How reproducible:
Always

Steps to Reproduce:
1. Use traceroute6 with a packet length above 1440
2. Get a segmentation fault
3.
    

Actual Results:  Segmentation fault.

Expected Results:  Something more clever.

Additional info:

Comment 1 Per Steinar Iversen 2004-06-15 09:35:58 UTC
Some experiments show that the magic limit is always 56-60 bytes less
than the MTU of the network interface.

Comment 3 John 2004-12-08 08:15:18 UTC
Works on same iptools version, same host, kernel 2.6.8-1.521 with packet size up
to 60000.

Comment 4 Radek Vokal 2005-01-30 16:33:19 UTC
I didn't manage to reproduce it here. Works fine with kernel-2.6.10
and latests iputils. Having here the core dump file from segfault
would be nice. 

Comment 5 Per Steinar Iversen 2005-01-31 08:16:59 UTC
I believe this problem was really this one, bug 126021

At least the problem went away when the kernel fragmentation bug was
fixed.


Comment 6 Radek Vokal 2005-01-31 09:14:04 UTC
Ok, closing this bug as currentrelease .. 


Note You need to log in before you can comment on or make changes to this bug.