invalid comma cause segfault for nl-tctree-list, tbf.c

Denys Fedoryschenko denys at visp.net.lb
Sat Nov 14 13:59:49 EST 2009


Hi

I notice segfault while running nl-tctree-list for tbf qdisc.

Patch that fix this typo is attached.

Here is backtrace of segfault (as proof of bug)
(gdb) bt full
#0  0xb7e6113d in vfprintf () from /lib/libc.so.6
No symbol table info available.
#1  0xb7fa8f77 in dump_one (parms=0x804b0c0, fmt=0xb7fd4588 "    
peak-rate %.2f%s/s (%.0f%s) bucket-size %.1f%s cell-size %.1f%s", 
args=0xbffffa78 "vE\375\267") at utils.c:719
No locals.
#2  0xb7fa9083 in nl_dump_line (parms=0x804b0c0, fmt=0xb7fd4588 "    
peak-rate %.2f%s/s (%.0f%s) bucket-size %.1f%s cell-size %.1f%s") at 
utils.c:758
        args = 0xbffffa78 "vE\375\267"
#3  0xb7fd1620 in tbf_dump_details (qdisc=0x80626c0, p=0x804b0c0) at 
route/sch/tbf.c:142
        pru = 0xb7faaf4a "KiB"
        pr = 156.25
        prbu = 0xb7faaf5a "Mbit"
        bsu = 0xb7faaf5f "Kbit"
        clu = 0xb7faaf64 "bit"
        prb = 1.220703125
        bs = 23.0703125
        cl = 8
        tbf = 0x80628e0
#4  0xb7fc4c08 in qdisc_dump_details (arg=0x80626c0, p=0x804b0c0) at 
route/qdisc_obj.c:85
        qdisc = 0x80626c0
        qops = 0xb7fdeba0
#5  0xb7fa962c in dump_from_ops (obj=0x80626c0, params=0x804b0c0) at 
utils.c:933
        type = 1
        __PRETTY_FUNCTION__ = "dump_from_ops"
#6  0xb7fa71bf in nl_object_dump (obj=0x80626c0, params=0x804b0c0) at 
object.c:248
No locals.
#7  0x08049024 in print_qdisc (obj=0x80626c0, arg=0x6) at nl-tctree-list.c:68
        qdisc = 0x80626c0
        cls_cache = 0xb7ff5de0
        parent = 131072
#8  0x08048f7c in print_class (obj=0x8087528, arg=0x4) at nl-tctree-list.c:49
        leaf = 0x80626c0
        class = 0x8087528
        cls_cache = 0x0
        parent = 65537
#9  0xb7fa2834 in nl_cache_foreach_filter (cache=0x804dab8, filter=0x804c238, 
cb=0x8048f14 <print_class>, arg=0x4) at cache.c:823
        obj = 0x8087528
        tmp = 0x80875d8
        ops = 0xb7fdd640
        __PRETTY_FUNCTION__ = "nl_cache_foreach_filter"
#10 0xb7fc4d73 in rtnl_qdisc_foreach_child (qdisc=0x8062770, cache=0x804dab8, 
cb=0x8048f14 <print_class>, arg=0x4) at route/qdisc_obj.c:147
        filter = 0x804c238
#11 0x08049041 in print_qdisc (obj=0x8062770, arg=0x2) at nl-tctree-list.c:70
        qdisc = 0x8062770
        cls_cache = 0x8062770
        parent = 65536
#12 0x08049129 in print_link (obj=0x804de88, arg=0x0) at nl-tctree-list.c:94
        link = 0x804de88
        qdisc = 0x8062770
#13 0xb7fa2834 in nl_cache_foreach_filter (cache=0x804c218, filter=0x0, 
cb=0x8049097 <print_link>, arg=0x0) at cache.c:823
        obj = 0x804de88
        tmp = 0x804dff0
        ops = 0xb7fdd820
        __PRETTY_FUNCTION__ = "nl_cache_foreach_filter"
#14 0xb7fa2772 in nl_cache_foreach (cache=0x804c218, cb=0x8049097 
<print_link>, arg=0x0) at cache.c:794
No locals.
#15 0x0804927c in main (argc=1, argv=0xbffffdf4) at nl-tctree-list.c:144
        link_cache = 0x804c218
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tbf.patch
Type: text/x-diff
Size: 403 bytes
Desc: not available
URL: <http://bombadil.infradead.org/pipermail/libnl/attachments/20091114/bb0796c2/attachment.bin>


More information about the libnl mailing list