View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002084GNUnetexit daemonpublic2012-01-19 12:422012-02-28 11:05
ReporterBart Polot Assigned ToChristian Grothoff  
PrioritynormalSeveritycrashReproducibilityhave not tried
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.9.2Fixed in Version0.9.2 
Summary0002084: exit daemon crashes on incoming traffic
DescriptionJan 19 12:04:35-465033 gnunet-daemon-exit-32046 DEBUG Received inbound tunnel from `CF6H'
Jan 19 12:04:35-466881 gnunet-daemon-exit-32046 DEBUG mesh: new incoming tunnel B0000000
Jan 19 12:04:35-467606 mesh-api-32046 DEBUG mesh: message processed
Jan 19 12:04:41-256135 mesh-api-32046 DEBUG mesh: received a message type 261 from MESH
Jan 19 12:04:41-257062 gnunet-daemon-exit-32046 DEBUG mesh: Got a data message!
Jan 19 12:04:41-264916 gnunet-daemon-exit-32046 DEBUG Received data from CF6H for starting TCP stream to 8.8.8.8:80
==32046== Invalid read of size 1
==32046== at 0x40302F: setup_state_record (gnunet-daemon-exit.c:974)
==32046== by 0x405832: receive_tcp_remote (gnunet-daemon-exit.c:1462)
==32046== by 0x5698326: msg_received (mesh_api.c:957)
==32046== by 0x54507C9: receive_task (client.c:551)
==32046== by 0x5479FA3: GNUNET_SCHEDULER_run (scheduler.c:684)
==32046== by 0x5474873: GNUNET_PROGRAM_run (program.c:250)
==32046== by 0x401D96: main (gnunet-daemon-exit.c:2321)
==32046== Address 0x14 is not stack'd, malloc'd or (recently) free'd
==32046==
==32046==
==32046== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==32046== Access not within mapped region at address 0x14
==32046== at 0x40302F: setup_state_record (gnunet-daemon-exit.c:974)
==32046== by 0x405832: receive_tcp_remote (gnunet-daemon-exit.c:1462)
==32046== by 0x5698326: msg_received (mesh_api.c:957)
==32046== by 0x54507C9: receive_task (client.c:551)
==32046== by 0x5479FA3: GNUNET_SCHEDULER_run (scheduler.c:684)
==32046== by 0x5474873: GNUNET_PROGRAM_run (program.c:250)
==32046== by 0x401D96: main (gnunet-daemon-exit.c:2321)
==32046== If you believe this happened as a result of a stack
==32046== overflow in your program's main thread (unlikely but
==32046== possible), you can try to increase the size of the
==32046== main thread stack using the --main-stacksize= flag.
==32046== The main thread stack size used in this run was 8388608.
==32046==
==32046== HEAP SUMMARY:
==32046== in use at exit: 1,595,653 bytes in 1,032 blocks
==32046== total heap usage: 1,453 allocs, 421 frees, 1,673,704 bytes allocated
==32046==
==32046== LEAK SUMMARY:
==32046== definitely lost: 0 bytes in 0 blocks
==32046== indirectly lost: 0 bytes in 0 blocks
==32046== possibly lost: 0 bytes in 0 blocks
==32046== still reachable: 1,595,653 bytes in 1,032 blocks
==32046== suppressed: 0 bytes in 0 blocks
==32046== Rerun with --leak-check=full to see details of leaked memory
==32046==
==32046== For counts of detected and suppressed errors, rerun with: -v
==32046== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
EOF on stdin
Segmentation fault
Steps To ReproduceStart mesh service
Start exit daemon
Start VPN service
[bart@ranger ~/tmpd/gtest]$ gnunet-vpn -t -i 8.8.8.8
10.11.74.205
[bart@ranger ~/tmpd/gtest]$ wget 10.11.74.205
Additional Information(gdb) bt full
#0 setup_state_record (state=0x6b83ce0) at gnunet-daemon-exit.c:974
        key = {bits = {4278189744, 7, 40, 48, 4278189728, 7, 4278189536, 7, 4278190064, 7,
            112737620, 0, 90779584, 0, 4278189744, 7}}
        s = <optimized out>
        __FUNCTION__ = "setup_state_record"
#1 0x0000000000405833 in receive_tcp_remote (cls=<optimized out>, tunnel=<optimized out>,
    tunnel_ctx=<optimized out>, sender=0x7feffff90, message=0x7feffffd0, atsi=<optimized out>)
    at gnunet-daemon-exit.c:1462
        state = 0x6b83ce0
        start = 0x7feffffd0
        pkt_len = 20
        v4 = <optimized out>
        v6 = <optimized out>
        payload = 0x7fefffff0
        af = <optimized out>
        __FUNCTION__ = "receive_tcp_remote"
#2 0x0000000005698327 in process_incoming_data (message=<optimized out>, h=0x6b82130)
    at mesh_api.c:957
        atsi = {type = 0, value = 0}
        payload = 0x7feffffd0
        handler = <optimized out>
        ucast = <optimized out>
        t = 0x6b834b0
        peer = 0x7feffff90
        to_orig = <optimized out>
        type = 197
        mcast = <optimized out>
        i = <optimized out>
#3 msg_received (cls=0x6b82130, msg=<optimized out>) at mesh_api.c:1013
        h = 0x6b82130
        __FUNCTION__ = "msg_received"
#4 0x00000000054507ca in receive_task (cls=0x6b824d0, tc=<optimized out>) at client.c:551
        sock = 0x6b824d0
        handler = 0x56979a0 <msg_received>
        cmsg = 0x6b8a810
        handler_cls = 0x6b82130
        mbuf = 0x7feffff80 ""
        msg = 0x7feffff80
        __FUNCTION__ = "receive_task"
#5 0x0000000005479fa4 in run_ready (ws=0x6a00700, rs=0x6a00630) at scheduler.c:684
        p = <optimized out>
        pos = <optimized out>
        tc = {reason = GNUNET_SCHEDULER_REASON_TIMEOUT, read_ready = 0x6a00630,
          write_ready = 0x6a00700}
#6 GNUNET_SCHEDULER_run (task=<optimized out>, task_cls=<optimized out>) at scheduler.c:874
        rs = 0x6a00630
        ws = <optimized out>
        timeout = <optimized out>
        ret = <optimized out>
        shc_int = 0x6a00830
        shc_term = 0x6a00920
        shc_quit = 0x6a00b00
        shc_hup = 0x6a00bf0
        shc_pipe = 0x6a00a10
        last_tr = 66
        busy_wait_warning = 0
        pr = <optimized out>
        c = 0 '\000'
        __FUNCTION__ = "GNUNET_SCHEDULER_run"
#7 0x0000000005474874 in GNUNET_PROGRAM_run (argc=5, argv=0x7ff000418,
    binaryName=0x407eaf "gnunet-daemon-exit", binaryHelp=<optimized out>,
    options=<optimized out>, task=0x401e90 <run>, task_cls=0x0) at program.c:250
        cc = {args = 0x7ff000440, cfgfile = 0x69dc5c0 "/home/bart/.gnunet/gnunet.conf",
          task = 0x401e90 <run>, task_cls = 0x0, cfg = 0x69daa00}
        path = <optimized out>
        loglev = 0x69dc570 "DEBUG"
        logfile = 0x0
        ret = 5
        cnt = <optimized out>
        skew_offset = 34342962192
        skew_variance = 67189717
        clock_offset = <optimized out>
        cfg = 0x69daa00
        defoptions = {{shortName = 99 'c', name = 0x54883e7 "config",
            argumentHelp = 0x54883ee "FILENAME",
            description = 0x5488498 "use configuration file FILENAME", require_argument = 1,
            processor = 0x546d330 <GNUNET_GETOPT_set_string>, scls = 0x7ff000288}, {
            shortName = 104 'h', name = 0x5488402 "help", argumentHelp = 0x0,
            description = 0x54883f7 "print this help", require_argument = 0,
            processor = 0x546cfb0 <GNUNET_GETOPT_format_help_>, scls = 0x408808}, {
            shortName = 76 'L', name = 0x5488407 "log", argumentHelp = 0x548840b "LOGLEVEL",
            description = 0x54884b8 "configure logging to use LOGLEVEL", require_argument = 1,
            processor = 0x546d330 <GNUNET_GETOPT_set_string>, scls = 0x7ff0002b0}, {
            shortName = 108 'l', name = 0x5488414 "logfile", argumentHelp = 0x5485c1e "LOGFILE",
            description = 0x54884e0 "configure logging to write logs to LOGFILE",
            require_argument = 1, processor = 0x546d330 <GNUNET_GETOPT_set_string>,
            scls = 0x7ff0002b8}, {shortName = 118 'v', name = 0x548841c "version",
            argumentHelp = 0x0, description = 0x5488424 "print the version number",
            require_argument = 0, processor = 0x546cf80 <GNUNET_GETOPT_print_version_>,
            scls = 0x548843d}}
        allopts = 0x69dc1d0
        gargs = 0x5 <Address 0x5 out of bounds>
        lpfx = 0x69dc3c0 "gnunet-daemon-exit"
        spc = <optimized out>
#8 0x0000000000401d97 in main (argc=<optimized out>, argv=<optimized out>)
    at gnunet-daemon-exit.c:2321
        options = {{shortName = 0 '\000', name = 0x0, argumentHelp = 0x0, description = 0x0,
            require_argument = 0, processor = 0, scls = 0x0}}
TagsNo tags attached.

Activities

Bart Polot

2012-01-19 12:43

manager   ~0005294

(gdb) p *state
$1 = {tunnel = 0x6b834b0, heap_node = 0x0, state_key = {bits = {0 <repeats 16 times>}},
  serv = 0x0, head = 0x0, tail = 0x0, th = 0x0, ri = {remote_address = {af = 2, address = {
        ipv4 = {s_addr = 134744072}, ipv6 = {__in6_u = {
            __u6_addr8 = "\b\b\b\b", '\000' <repeats 11 times>, __u6_addr16 = {2056, 2056, 0, 0,
              0, 0, 0, 0}, __u6_addr32 = {134744072, 0, 0, 0}}}}, proto = 6 '\006', port = 80},
    local_address = {af = 0, address = {ipv4 = {s_addr = 0}, ipv6 = {__in6_u = {
            __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
            __u6_addr32 = {0, 0, 0, 0}}}}, proto = 0 '\000', port = 0}}}

Christian Grothoff

2012-01-19 18:49

manager   ~0005301

Fixed in SVN 19267.

Issue History

Date Modified Username Field Change
2012-01-19 12:42 Bart Polot New Issue
2012-01-19 12:42 Bart Polot Status new => assigned
2012-01-19 12:42 Bart Polot Assigned To => Christian Grothoff
2012-01-19 12:42 Bart Polot Severity minor => crash
2012-01-19 12:42 Bart Polot Additional Information Updated
2012-01-19 12:43 Bart Polot Note Added: 0005294
2012-01-19 18:49 Christian Grothoff Note Added: 0005301
2012-01-19 18:49 Christian Grothoff Status assigned => resolved
2012-01-19 18:49 Christian Grothoff Fixed in Version => 0.9.2
2012-01-19 18:49 Christian Grothoff Resolution open => fixed
2012-01-19 18:49 Christian Grothoff Product Version => Git master
2012-01-19 18:49 Christian Grothoff Target Version => 0.9.2
2012-02-28 11:05 Christian Grothoff Status resolved => closed