NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/56894: if_lagg.c crashes on alignment-picky architectures
>Number: 56894
>Category: kern
>Synopsis: if_lagg.c crashes on alignment-picky architectures
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Jun 20 01:30:00 +0000 2022
>Originator: Tom Lane
>Release: HEAD/202206150250Z
>Organization:
PostgreSQL Global Development Group
>Environment:
NetBSD sss2.sss.pgh.pa.us 9.99.97 NetBSD 9.99.97 (SD0) #0: Wed Jun 15 15:24:17 EDT 2022 tgl%nuc1.sss.pgh.pa.us@localhost:/home/tgl/netbsd-H-202206150250Z/obj.hppa/sys/arch/hppa/compile/SD0 hppa
>Description:
if_lagg.c:947 does this:
flowlabel = ip6->ip6_flow & IPV6_FLOWLABEL_MASK;
ip6_flow refers to an int32 field, but the *ip6 struct is not necessarily aligned on a 4-byte boundary. On machines that are picky about such things, that leads to crashes in the
net/if_lagg/t_lagg:lagg_lacp_vlan_ipv6
net/if_lagg/t_lagg:lagg_lacp_vlanl2tp_ipv6
tests.
>How-To-Repeat:
Run /usr/tests tests on HPPA, or another alignment-picky architecture.
>Fix:
memcpy'ing the field into a suitably-aligned value would do the trick here. I do not know if there are more hazards elsewhere in the file, but both of the aforementioned tests crash exactly here.
Home |
Main Index |
Thread Index |
Old Index