RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1467547 - ping '-i 0 -c' can lockup in endless loop when sendto/recvmsg get ENOBUFS/EAGAIN
Summary: ping '-i 0 -c' can lockup in endless loop when sendto/recvmsg get ENOBUFS/EAGAIN
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: iputils
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jan Macku
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: 1549689
TreeView+ depends on / blocked
 
Reported: 2017-07-04 07:46 UTC by hui.han
Modified: 2021-01-15 07:39 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-01-15 07:39:15 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description hui.han 2017-07-04 07:46:18 UTC 
Description of problem:
ping can lockup itself in the endless loop regardless that before that it
successfully process other echo requests and count option '-c' was specified.
.

How reproducible:
on EL7.3 (Linux 3.10.0-514.2.2.el7.x86_64)
This script can reproduce the issue:
.
  ip1="fd00:a::1"
  ip2="fd00:a::2"
  m="64"
.
  ip netns add ns1
  ip link add name veth1 type veth peer name veth2
  ip link set dev veth1 netns ns1
  ip netns exec ns1 ip link set dev veth1 up
  ip link set dev veth2 up
  ip netns exec ns1 ip address add $ip1/$m dev veth1
  ip add add $ip2/$m dev veth2
.
  ping6 -I veth2 -s 10 -i 0 $ip1 -c 30
.
if not using netns in the above script, we can still get the errors but ping
finishes in that case.

Version-Release number of selected component (if applicable):
IPUTILS-20160308-8.EL7.X86_64


Steps to Reproduce:
None

Actual results:
Ping6 hang

Expected results:
Ping6 is OK.


Additional info:

Analysis:

The iputils exception handing function has not set
a default time value for the struct 'itimerval it'.
in this case the tv_sec is set as 0,the setitimer
will take no effect for that value. And the system
will not send a signal to itself to terminate the
application.
.
int __schedule_exit(int next)
{
static unsigned long waittime;
struct itimerval it;
.
if (waittime)
return next;
.
if (nreceived) {
waittime = 2 * tmax;
if (waittime < 1000*interval)
waittime = 1000*interval;
} else
waittime = lingertime*1000;
.
if (next < 0 || next < waittime/1000)
next = waittime/1000;
.
it.it_interval.tv_sec = 0;
it.it_interval.tv_usec = 0;
it.it_value.tv_sec = waittime/1000000;
it.it_value.tv_usec = waittime%1000000;
setitimer(ITIMER_REAL, &it, NULL);
return next;
}
To fix it, add below code.

diff --git a/ping_common.c b/ping_common.c
--- a/ping_common.c
+++ b/ping_common.c
@@ -274,6 +274,8 @@ int __schedule_exit(int next)
        it.it_interval.tv_usec = 0;
        it.it_value.tv_sec = waittime/1000000;
        it.it_value.tv_usec = waittime%1000000;
+    if (waittime == 0)
+        waittime = 1000; /*set a default value for waittime*/  
        setitimer(ITIMER_REAL, &it, NULL);
        return next;
 }
(END)
Comment 4 RHEL Program Management 2021-01-15 07:39:15 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.
Note You need to log in before you can comment on or make changes to this bug.