[tor-bugs] #9754 [Tor]: Tor 0.2.4.17-rc crashed with failed assertion
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Sep 27 13:10:20 UTC 2013
#9754: Tor 0.2.4.17-rc crashed with failed assertion
------------------------------+--------------------------------
Reporter: communicator | Owner:
Type: defect | Status: needs_information
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version: Tor: unspecified
Resolution: | Keywords: tor-relay
Actual Points: | Parent ID:
Points: |
------------------------------+--------------------------------
Comment (by andrea):
Hmmm. It's not entirely clear to me if that crash is happening at the
call to cmux->policy->free_circ_data or in that function but screwing up
the stack. That pointer looks okay, and the parameters look possibly okay
[1]. The only thing in ewma_free_circ_data() that depends on anything
else to not crash is tor_free(), so perhaps this could be a heap
corruption bug.
Running it under valgrind is probably very helpful; it would also be nice
to have a copy of the core dump, tor binary and torrc.
[1] But the circuit id in the hash entry (2147613735) doesn't match the
one in circ (2147556202), and the magic number in circ indicates it's an
or_circuit_t. This is probably the cmux for that circuit's reverse
direction, but it'd be nice to see the circuit as an or_circuit_t to
verify that p_circ_id is 2147613735.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9754#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list