Bug 78955 - ifconfig crashes after too many traffic
ifconfig crashes after too many traffic
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: net-tools (Show other bugs)
8.0
alpha Linux
high Severity medium
: ---
: ---
Assigned To: Phil Knirsch
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-12-03 17:08 EST by Oliver Falk
Modified: 2015-03-04 20:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-08-19 08:44:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Oliver Falk 2002-12-03 17:08:13 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
If too many bytes have been transfered, there seems to be a buffer overflow in 
ifconfig (but only in the RPM-version!!!)

Version-Release number of selected component (if applicable): 1.60--7


How reproducible:
Always

Steps to Reproduce:
1. Produce more than 100 GB Traffic (I expect...)
2. bash# ifconfig -a

Actual Results:  [root@fw root]# ifconfig -a
Segmentation fault

Expected Results:  [root@fw net-tools-1.60]# ./ifconfig -a
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          inet addr:XXX.XXX.XXX.XXX  Bcast:XXX.XXX.XXX.XXX  
Mask:XXX.XXX.XXX.XXX
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:239419827 errors:123 dropped:0 overruns:0 frame:0
          TX packets:226957786 errors:2444516 dropped:0 overruns:3 
carrier:2444557
          collisions:1780833 txqueuelen:100
          RX bytes:132598045310 (126455.3 Mb)  TX bytes:107059649422 (102100.0 
Mb)
          Interrupt:29 Base address:0x1000

eth1      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          inet addr:XXX.XXX.XXX.XXX  Bcast:XXX.XXX.XXX.XXX  
Mask:XXX.XXX.XXX.XXX
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:224415069 errors:118 dropped:0 overruns:0 frame:0
          TX packets:229028834 errors:149 dropped:0 overruns:2 carrier:306
          collisions:0 txqueuelen:100
          RX bytes:108550382191 (103521.7 Mb)  TX bytes:129922769167 (123904.0 
Mb)
          Interrupt:30 Base address:0x2000

Additional info:

I used net-tools 1.60-7 from the RedHat Sources (Psyche) and recompiled it on 
our Alpha-Server wich is used as firewall/gateway. ifconfig normally worked 
perfect, but not with this lot of traffic... BUT: If I take a fresh tarball of 
net-tools and recompile it, I do not get the segfault. See example 
in "Expected Results".
So there must be something wrong with the rpm; I haven't found it yet. :o(

Here is also an output of /proc/net/dev
[root@fw net-tools-1.60]# cat /proc/net/dev
Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    
packets errs drop fifo colls carrier compressed
    lo: 9711371   49084    0    0    0     0          0         0  9711371   
49084    0    0    0     0       0          0
  eth0:132605720519 239440733  123    0    0     0          0         0 
107080310826 226980848 2444668    0    3 1781040 2444709          0
  eth1:108570963314 224437257  118    0    0     0          0         0 
129930219412 229048308  149    0    2     0     306          0
Comment 1 Oliver Falk 2003-01-13 06:50:27 EST
Here are to diff's I just made. After using the new files (config.{h,make}) it 
works for me.

diff net-tools-1.60-config.h net-tools-1.60-config.h.Oliver
31c31
< #define HAVE_AFINET6 1
---
> #define HAVE_AFINET6 0
36c36
< #define HAVE_AFROSE 1
---
> #define HAVE_AFROSE 0
38c38
< #define HAVE_AFECONET 1
---
> #define HAVE_AFECONET 0
40c40
< #define HAVE_AFASH 1
---
> #define HAVE_AFASH 0
55c55
< #define HAVE_HWROSE 1
---
> #define HAVE_HWROSE 0
59,63c59,63
< #define HAVE_HWSIT 1
< #define HAVE_HWFDDI 1
< #define HAVE_HWHIPPI 1
< #define HAVE_HWASH 1
< #define HAVE_HWHDLCLAPB 1
---
> #define HAVE_HWSIT 0
> #define HAVE_HWFDDI 0
> #define HAVE_HWHIPPI 0
> #define HAVE_HWASH 0
> #define HAVE_HWHDLCLAPB 0
65c65
< #define HAVE_HWEC 1
---
> #define HAVE_HWEC 0

diff net-tools-1.60-config.make net-tools-1.60-config.make.Oliver
4c4
< HAVE_AFINET6=1
---
> # HAVE_AFINET6=0
9c9
< HAVE_AFROSE=1
---
> # HAVE_AFROSE=0
11c11
< HAVE_AFECONET=1
---
> # HAVE_AFECONET=0
13c13
< HAVE_AFASH=1
---
> # HAVE_AFASH=0
22c22
< HAVE_HWROSE=1
---
> # HAVE_HWROSE=0
26,30c26,30
< HAVE_HWSIT=1
< HAVE_HWFDDI=1
< HAVE_HWHIPPI=1
< HAVE_HWASH=1
< HAVE_HWHDLCLAPB=1
---
> # HAVE_HWSIT=0
> # HAVE_HWFDDI=0
> # HAVE_HWHIPPI=0
> # HAVE_HWASH=0
> # HAVE_HWHDLCLAPB=0
32c32
< HAVE_HWEC=1
---
> # HAVE_HWEC=0

Any comments from you, "pknirsch"?
Comment 2 Oliver Falk 2003-01-13 06:57:45 EST
I have another machine (well another Alpha again) where the same problem 
occured.
The machines ifconfig -a Output after installing my "new" net-tools package:
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          inet addr:XXX.XXX.XXX.XXX  Bcast:XXX.XXX.XXX.XXX Mask:XXX.XXX.XXX.XXX
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:72358149 errors:28 dropped:0 overruns:0 frame:0
          TX packets:36171170 errors:9 dropped:0 overruns:2 carrier:16
          collisions:0 txqueuelen:100
          RX bytes:102247215433 (97510.5 Mb)  TX bytes:2569220176 (2450.1 Mb)
          Interrupt:29 Base address:0x8000

So it seams, that the problem occurs early than 100 GB...
Comment 3 Phil Knirsch 2003-02-11 08:48:56 EST
So basically by disabeling tons of stuff it works for you. Unfortunately we want
e.g. IPv6 support etc, so i'll have to dig a little into what really needs to be
disabled and what really makes it crash.

If you could reproduce the bug with a gdb output and attach that here that would
problably help a lot to identify where it crashes and why. Just disabling all
those options is not an option (no pun intended :-).

Thanks,

Read ya, Phil
Comment 4 Oliver Falk 2003-02-19 05:33:15 EST
I'm not a gdb-guru :-)

(gdb) exec-file ./ifconfig -a
(gdb) run
Starting program: /usr/src/redhat/BUILD/net-tools-1.60/ifconfig

Program received signal SIGILL, Illegal instruction.
warning: Hit beginning of text section without finding
warning: enclosing function for address 0x11fffe244
This warning occurs if you are debugging a function without any symbols
(for example, in a stripped executable).  In that case, you may wish to
increase the size of the search with the `set heuristic-fence-post' command.

Otherwise, you told GDB there was a function where there isn't one, or
(more likely) you have encountered a bug in GDB.
0x11fffe244 in ?? ()

I hope it helps a bit...

Phil, if you need more information, please tell me what steps I have to do... 
And I'll send you the results.
Comment 5 Oliver Falk 2003-07-25 11:30:07 EDT
Hi Phil!

Now it's over... Not even my recompiled ifconfig version works... 
But /proc/net/dev shows me now a lot more traffic!

[root@fw root]# cat /proc/net/dev
Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    
packets errs drop fifo colls carrier compressed
    lo:20954110  104348    0    0    0     0          0         0 20954110  
104348    0    0    0     0       0          0
  eth0:1007641778197 1662925358  123    0    0     0          0         0 
889609213610 1605652949 20694566    0    4 13864685 20694606          0
  eth1:859146373244 1564344858  126    0    0     8          0         0 
963838248065 1557213761  153    0    6     0     306          0

ifconfig has been compiled with DEBUG... gdb shows this:
(gdb) run
Starting program: /root/net-tools-1.60/ifconfig
Reading symbols from /lib/libc.so.6.1...done.
Reading symbols from /lib/ld-linux.so.2...done.
Reading in symbols for dl-debug.c...done.
Reading in symbols for rtld.c...done.
Reading in symbols for dl-init.c...done.

Program received signal SIGSEGV, Segmentation fault.
warning: Hit heuristic-fence-post without finding
warning: enclosing function for address 0x120003840
This warning occurs if you are debugging a function without any symbols
(for example, in a stripped executable).  In that case, you may wish to
increase the size of the search with the `set heuristic-fence-post' command.

Otherwise, you told GDB there was a function where there isn't one, or
(more likely) you have encountered a bug in GDB.
0x120003840 in ?? ()
Comment 6 Oliver Falk 2003-07-25 12:25:00 EDT
It seems I found a solution... I took out "-O2" from Makefile and now it 
works! You can find a SRPM here:

http://filelister.linux-kernel.at/downloads/packages/SRPMS/net-tools-1.60-
9.src.rpm

For me it's done...
Comment 7 Oliver Falk 2003-07-25 12:26:46 EDT
OK, the URL was too long, here is a short version:
http://t.linux-kernel.at/s.pl?1b.
Comment 8 Phil Knirsch 2003-08-19 08:44:19 EDT
OK, i'm removing the -O2 for alpha now, too.

Thanks for the debugging! :-)

Read ya, Phil
Comment 9 Oliver Falk 2004-06-08 10:16:56 EDT
Please use -O2 for alpha. I had problems with no -0 as well.
Comment 10 Oliver Falk 2004-06-08 10:17:25 EDT
Arg. -O0 I meant.....

Note You need to log in before you can comment on or make changes to this bug.