kern/56894: if_lagg.c crashes on alignment-picky architectures

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/56894: if_lagg.c crashes on alignment-picky architectures
From: tgl%sss.pgh.pa.us@localhost
Date: Mon, 20 Jun 2022 01:30:01 +0000 (UTC)

>Number:         56894
>Category:       kern
>Synopsis:       if_lagg.c crashes on alignment-picky architectures
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jun 20 01:30:00 +0000 2022
>Originator:     Tom Lane
>Release:        HEAD/202206150250Z
>Organization:
PostgreSQL Global Development Group
>Environment:
NetBSD sss2.sss.pgh.pa.us 9.99.97 NetBSD 9.99.97 (SD0) #0: Wed Jun 15 15:24:17 EDT 2022  tgl%nuc1.sss.pgh.pa.us@localhost:/home/tgl/netbsd-H-202206150250Z/obj.hppa/sys/arch/hppa/compile/SD0 hppa
>Description:
if_lagg.c:947 does this:

	flowlabel = ip6->ip6_flow & IPV6_FLOWLABEL_MASK;

ip6_flow refers to an int32 field, but the *ip6 struct is not necessarily aligned on a 4-byte boundary.  On machines that are picky about such things, that leads to crashes in the

net/if_lagg/t_lagg:lagg_lacp_vlan_ipv6
net/if_lagg/t_lagg:lagg_lacp_vlanl2tp_ipv6

tests.
>How-To-Repeat:
Run /usr/tests tests on HPPA, or another alignment-picky architecture.
>Fix:
memcpy'ing the field into a suitably-aligned value would do the trick here.  I do not know if there are more hazards elsewhere in the file, but both of the aforementioned tests crash exactly here.

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: kern/56894: if_lagg.c crashes on alignment-picky architectures
Previous by Thread: Re: install/56893 (Adding a NetBSD partition to existing GPT partitions fails in sysinst)
Next by Thread: Re: kern/56894: if_lagg.c crashes on alignment-picky architectures
Indexes:

Home | Main Index | Thread Index | Old Index