From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/12859 Path: news.gmane.org!.POSTED!not-for-mail From: Matej Kupljen Newsgroups: gmane.linux.lib.musl.general Subject: Endless loop in netlink_msg_to_ifaddr Date: Wed, 30 May 2018 11:57:03 +0200 Message-ID: Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="0000000000000f8e06056d6960ad" X-Trace: blaine.gmane.org 1527674240 31399 195.159.176.226 (30 May 2018 09:57:20 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 30 May 2018 09:57:20 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-12875-gllmg-musl=m.gmane.org@lists.openwall.com Wed May 30 11:57:16 2018 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1fNxr1-00084h-Er for gllmg-musl@m.gmane.org; Wed, 30 May 2018 11:57:15 +0200 Original-Received: (qmail 22498 invoked by uid 550); 30 May 2018 09:59:22 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 20053 invoked from network); 30 May 2018 09:57:26 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=sQgRpVhrxY4luQu6Gk2G/OPvCLYv3uGrbMc13bQa82c=; b=G5mSYfUK9pUcOmpilgD0sTUQKVdCmkSh/XOFK/I7vwRWAnjUx9PaRENMyc/aQQnRCk lzJ+GeTwXg3kPWpQ5aoPBd98IL4I/nrKvrs3TNYTK5QozNiRPttvpA8EeUmAuK+KdGWo nBXfpCsGDG7nz8ZWl+z6sXGEzpTr9lVc2V+XB2QMXObk7b4D6RDC7/+lAwHHpq+BY6rz sVLVzFWOBM3JDpa5tJkIonwQTWniNySSPEUmfdTdRWwnjhywne3LhM+Coj8XwudRKysQ tV0aLSshpEfLagaN6adeBpxz6aqYmEpDPCF6A85FBHsHGW4tKptopuAdgv8FDAri7g+C uScg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=sQgRpVhrxY4luQu6Gk2G/OPvCLYv3uGrbMc13bQa82c=; b=qRGgcIl7/bxg8halVJ7ZC9i8njF2NZvHRziflxspvVlDpGzcjfkgKAKw+Ns7ZnFnGz kHXbOKyMwIIMNX+vt05IN1rz7XcbnE6HPwVM/fBXaSEMEoNogrguKQxbYZf55PbS1uQ0 zg9yEmnxzD15WmZyau6rxA2RzIvyg1gWh9gPaScO3O7bM616oV3fhNPJjbR25DGAwYP/ 3WhMHlE78lsVJgzW4+h/bwiNDS1TiZBkgwecaG7QrbSZXnHypQTXwxXseAibqcIWICkF 2fgxgEtbEeZ6VCkFTbgYQHcKMZQ/hB54ehfa1FtCVsX+SyehE9fNMaDtvjBLhKS+5Dpp oJWA== X-Gm-Message-State: ALKqPwcsuBP4c1ZsdJ8bchZXFiKHZlOVZO0wCIDsO7v6C6MwbTIPudS9 rVUjQTnG8bgTa1qvDqmqd+XSmvuZTA2Xh0fDCr56Gw== X-Google-Smtp-Source: ADUXVKJC4i0gjVIQDGV0PLv5qNa1lTY00OzPC4vbZ5b9rxJqueK5iFAPRmbyPG5jPWM4dwJWMf2lHCxtU74RkqSVlgM= X-Received: by 2002:a17:902:b7c4:: with SMTP id v4-v6mr2228387plz.188.1527674234177; Wed, 30 May 2018 02:57:14 -0700 (PDT) Xref: news.gmane.org gmane.linux.lib.musl.general:12859 Archived-At: --0000000000000f8e06056d6960ad Content-Type: text/plain; charset="UTF-8" Hi all, I am using OpenWRT device with MUSL C library version 1.1.19 and I am running custom binary on it. I noticed that during testing my program started using 99% CPU. I build OpenWRT myself so I have all the sources. I attached the gdbserver and checked what is going on. What I found is that it executes this code: static int netlink_msg_to_ifaddr(void *pctx, struct nlmsghdr *h) { struct ifaddrs_ctx *ctx = pctx; struct ifaddrs_storage *ifs, *ifs0; struct ifinfomsg *ifi = NLMSG_DATA(h); struct ifaddrmsg *ifa = NLMSG_DATA(h); struct rtattr *rta; int stats_len = 0; if (h->nlmsg_type == RTM_NEWLINK) { for (rta = NLMSG_RTA(h, sizeof(*ifi)); NLMSG_RTAOK(rta, h); rta = RTA_NEXT(rta)) { if (rta->rta_type != IFLA_STATS) continue; stats_len = RTA_DATALEN(rta); break; } } else { for (ifs0 = ctx->hash[ifa->ifa_index % IFADDRS_HASH_SIZE]; ifs0; ifs0 = ifs0->hash_next) if (ifs0->index == ifa->ifa_index) break; if (!ifs0) return 0; } >From my GDB session: (gdb) p *ctx $10 = {first = 0xe1b0b0, last = 0xe1b1c0, hash = {0x0, 0xe1b0b0, 0xe1b1c0, 0x0 }} (gdb) p *h $11 = {nlmsg_len = 1496, nlmsg_type = 16, nlmsg_flags = 2, nlmsg_seq = 1, nlmsg_pid = 3143810850} (gdb) p *ifi $12 = {ifi_family = 0 '\000', __ifi_pad = 0 '\000', ifi_type = 1, ifi_index = 3, ifi_flags = 69699, ifi_change = 0} (gdb) p *ifa $13 = {ifa_family = 0 '\000', ifa_prefixlen = 0 '\000', ifa_flags = 0 '\000', ifa_scope = 1 '\001', ifa_index = 3 (gdb) p *rta $14 = {rta_len = 0, rta_type = 41} As you can see the first message in netlink reply has a rta_len set to zero so the list is never traversed, only the first message is received every time. I am not sure if this is the correct response from netlink, however the program is stucked here. Any ideas? Please CC me in reply. Thanks and BR, Matej --0000000000000f8e06056d6960ad Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi all,

I am using OpenWRT device with = MUSL C library version 1.1.19 and I am running custom binary on it. I notic= ed that during testing my program started using 99% CPU.
I build = OpenWRT myself so I have all the sources. I attached the gdbserver and chec= ked what is going on.

What I found is that it exec= utes this code:

static int netlink_msg_to_ifa= ddr(void *pctx, struct nlmsghdr *h)
{
struct ifaddrs_ctx *ctx =3D pctx;
struct ifaddrs_storage *ifs, *ifs0;
struct ifinfomsg *ifi =3D NLMSG_= DATA(h);
struct ifaddrmsg= *ifa =3D NLMSG_DATA(h);
= struct rtattr *rta;
int s= tats_len =3D 0;

<= /span>if (h->nlmsg_type =3D=3D RTM_NEWLINK) {
for (rta =3D NLMSG_RTA(h, sizeof(*ifi)); NLMSG_RTA= OK(rta, h); rta =3D RTA_NEXT(rta)) {
if (rta->rta_type !=3D IFLA_STATS) continue;
stats_len =3D RTA_DATALEN(rta);
break;
}
= } else {
for (if= s0 =3D ctx->hash[ifa->ifa_index % IFADDRS_HASH_SIZE]; ifs0; ifs0 =3D = ifs0->hash_next)
if = (ifs0->index =3D=3D ifa->ifa_index)
break;
if (!ifs0) return 0;
}=

From my GDB session:
(gdb) p= *ctx
$10 =3D {first =3D 0xe1b0b0, last =3D 0xe1b1c0, hash =3D {0= x0, 0xe1b0b0, 0xe1b1c0, 0x0 <repeats 61 times>}}
(gdb) p *h=
$11 =3D {nlmsg_len =3D 1496, nlmsg_type =3D 16, nlmsg_flags =3D = 2, nlmsg_seq =3D 1, nlmsg_pid =3D 3143810850}
(gdb) p *ifi
<= div>$12 =3D {ifi_family =3D 0 '\000', __ifi_pad =3D 0 '\000'= ;, ifi_type =3D 1, ifi_index =3D 3, ifi_flags =3D 69699, ifi_change =3D 0}<= /div>
(gdb) p *ifa
$13 =3D {ifa_family =3D 0 '\000', = ifa_prefixlen =3D 0 '\000', ifa_flags =3D 0 '\000', ifa_sco= pe =3D 1 '\001', ifa_index =3D 3
(gdb) p *rta
$= 14 =3D {rta_len =3D 0, rta_type =3D 41}

As y= ou can see the first message in netlink reply has a rta_len set to zero so = the list is never traversed, only the first message is received every time.=

I am not sure if this is the correct response fro= m netlink, however the program is stucked here.

An= y ideas?
Please CC me in reply.

Thanks a= nd BR,
Matej

--0000000000000f8e06056d6960ad--