pkg/43183: net/trickle crashes on NetBSD

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/43183: net/trickle crashes on NetBSD
From: Pierre Pronchery <khorben%defora.org@localhost>
Date: Tue, 20 Apr 2010 13:10:01 +0000 (UTC)

>Number:         43183
>Category:       pkg
>Synopsis:       net/trickle loops infinitely while hijacking calls to libc's 
>socket() on NetBSD
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Apr 20 13:10:00 +0000 2010
>Originator:     Pierre Pronchery
>Release:        NetBSD 5.0_STABLE pkgsrc-2009Q4
>Organization:
>Environment:
System: NetBSD kwarx.defora.lan 5.0_STABLE NetBSD 5.0_STABLE (GENERIC) #0: Tue 
Feb 16 12:20:09 CET 2010 
khorben%kwarx.defora.lan@localhost:/usr/obj/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:

Trying to shape my SSH-based transfers using trickle on NetBSD 5.0 
(pkgsrc-2009Q4), I ran into the following problem:

$ trickle -d 30 -u 30 scp -r [...]
trickle: Could not reach trickled, working independently: No such file or 
directory
Segmentation fault
$ gdb scp scp.core
Core was generated by `scp'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f7ffdc02085 in __socket30 ()
   from /usr/pkg/lib/trickle/trickle-overload.so
(gdb) frame 10000
#10000 0x00007f7ffdc0208b in __socket30 ()
   from /usr/pkg/lib/trickle/trickle-overload.so
...you get the idea.

As it seems, NetBSD's libc socket() function is a wrapper, actually reaching 
the syscall by calling __socket30(). This tricks trickle into an infinite, 
recursive loop, eventually crashing upon the first call to socket().

>How-To-Repeat:
Try to use trickle on NetBSD, it crashes.
>Fix:
Change net/trickle/patches/patch-aa to the following:

$NetBSD: patch-aa,v 1.2 2006/03/23 15:55:53 joerg Exp $

--- trickle-overload.c.orig     2003-06-02 23:13:28.000000000 +0000
+++ trickle-overload.c
@@ -191,7 +191,12 @@ trickle_init(void)
 
        GETADDR(write);
 
+#ifdef __NetBSD__
+       if ((libc_socket = dlsym(dh, "__socket30")) == NULL)
+               errx(0, "[trickle] Failed to get socket() address");
+#else
        GETADDR(socket);
+#endif
 /*     GETADDR(setsockopt); */
        GETADDR(close);
 
@@ -476,7 +481,7 @@ select(int nfds, fd_set *rfds, fd_set *w
 #if defined(__linux__) || (defined(__svr4__) && defined(__sun__))
 int
 poll(struct pollfd *fds, nfds_t nfds, int __timeout)
-#elif defined(__FreeBSD__)
+#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || 
defined(__DragonFly__)
 int
 poll(struct pollfd *fds, unsigned int nfds, int __timeout)
 #else

Prev by Date: Re: pkg/42886 (archivers/bsdtar-2.8.0 fails to compile on Solaris 10)
Next by Date: Re: pkg/43183: net/trickle crashes on NetBSD
Previous by Thread: Re: pkg/31916 (Better checks in bsd.pkg.mk if pkg_create happens to core dump during install)
Next by Thread: Re: pkg/43183: net/trickle crashes on NetBSD
Indexes:

Home | Main Index | Thread Index | Old Index