Source: ndpi Version: 2.2-1 Severity: important User: debian-...@lists.debian.org Usertags: alignment
Hi! I've been doing a full rebuild of the Debian archive, building all source packages targeting armel and armhf using arm64 hardware. We are planning in future to move all of our 32-bit armel/armhf builds to using arm64 machines, so this rebuild is to identify packages that might have problems with this configuration. A feature of the arm64 kernel is that it does *not* support fixing up code with broken alignment, so code that might have built and run OK on our older armel/armhf build machines due to kernel fixups will now fail. When building your package, I've found a bus error (aka alignment fault). The full log is online at https://www.einval.com/debian/arm/rebuild-logs/armel/FAIL/ndpi_2.2-1_armel.log for reference I've done a quick bit of debugging to find the source of the bug. Here's a gdb stacktrace and variable printout to demonstrate the problem. (sid-armel)steve@mjolnir:~/debian/build/ndpi/ndpi-2.2$ gdb example/.libs/ndpiReader tests/core ... Reading symbols from example/.libs/ndpiReader...done. [New LWP 14707] [New LWP 14693] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1". Core was generated by `/home/steve/debian/build/ndpi/ndpi-2.2/example/.libs/ndpiReader -p ../example/p'. Program terminated with signal SIGBUS, Bus error. #0 0xf7e36d64 in ndpi_connection_tracking (ndpi_struct=ndpi_struct@entry=0x1a17148, flow=flow@entry=0xf7202748) at ndpi_main.c:3168 3168 if(iphv6 != NULL && NDPI_COMPARE_IPV6_ADDRESS_STRUCTS(&iphv6->ip6_src, [Current thread is 1 (Thread 0xf7b8f460 (LWP 14707))] (gdb) list 3163 } else { 3164 if(iph != NULL && iph->saddr < iph->daddr) 3165 packet->packet_direction = 1; 3166 3167 #ifdef NDPI_DETECTION_SUPPORT_IPV6 3168 if(iphv6 != NULL && NDPI_COMPARE_IPV6_ADDRESS_STRUCTS(&iphv6->ip6_src, 3169 &iphv6->ip6_dst) != 0) 3170 packet->packet_direction = 1; 3171 #endif 3172 } (gdb) p packet $1 = (struct ndpi_packet_struct *) 0xf7202970 (gdb) p iphv6 $2 = (const struct ndpi_ipv6hdr *) 0xf7201b36 (gdb) p *iphv6 $3 = {ip6_ctlun = {ip6_un1 = {ip6_un1_flow = 1964575072, ip6_un1_plen = 14592, ip6_un1_nxt = 17 '\021', ip6_un1_hlim = 255 '\377'}, ip6_un2_vfc = 96 '`'}, ip6_src = {u6_addr = { u6_addr8 = "\376\200\000\000\000\000\000\000\030\234\303\033\022\230\002$", u6_addr16 = {33022, 0, 0, 0, 39960, 7107, 38930, 9218}, u6_addr32 = {33022, 0, 465804312, 604149778}}}, ip6_dst = {u6_addr = { u6_addr8 = "\377\002", '\000' <repeats 13 times>, "\373", u6_addr16 = {767, 0, 0, 0, 0, 0, 0, 64256}, u6_addr32 = {767, 0, 0, 4211081216}}}} (gdb) p iphv6->ip6_src $4 = {u6_addr = {u6_addr8 = "\376\200\000\000\000\000\000\000\030\234\303\033\022\230\002$", u6_addr16 = {33022, 0, 0, 0, 39960, 7107, 38930, 9218}, u6_addr32 = {33022, 0, 465804312, 604149778}}} (gdb) p &iphv6->ip6_src $5 = (struct ndpi_in6_addr *) 0xf7201b3e Looking at the NDPI_COMPARE_IPV6_ADDRESS_STRUCTS macro in src/include/ndpi_define.h, it's doing comparisons of network addresses by simply casting (u_int64_t *) over bits of the data in turn. When the input to that macro is not appropriately aligned, that's not safe. -- System Information: Debian Release: 9.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
