[tor-bugs] #18286 [Tor]: tor 0.2.8.1-alpha-dev - dumping core on test, tor binary dumps core as well

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 5 20:43:55 UTC 2016


#18286: tor 0.2.8.1-alpha-dev - dumping core on test, tor binary dumps core as well
------------------------------------------+--------------------------------
 Reporter:  yancm                         |          Owner:  yawning
     Type:  defect                        |         Status:  closed
 Priority:  Very High                     |      Milestone:  Tor:
Component:  Tor                           |  0.2.8.x-final
 Severity:  Critical                      |        Version:  Tor:
 Keywords:  crash must-fix-before-028-rc  |  0.2.8.1-alpha
Parent ID:                                |     Resolution:  fixed
 Reviewer:                                |  Actual Points:
                                          |         Points:
                                          |        Sponsor:
------------------------------------------+--------------------------------

Comment (by yancm):

 Well, it compiles for me but crashes in openssl code as before...i did
 compile openssl with debug symbols, as well as tor.
 openssl config : ./config --debug  no-shared
 [...]
 1.1.0-pre5-dev passed all tests:
 All tests successful.
 Files=75, Tests=393, 269 wallclock secs ( 1.55 usr  0.21 sys + 219.72 cusr
 41.79 csys = 263.27 CPU)
 Result: PASS

 in my tor directory...
 tor config : ./configure CFLAGS="-O0 -ggdb" --with-libevent-dir=/usr/local
 --enable-static-openssl=1 --with-openssl-dir=/usr/local/ssl

 started with gmake clean and build was complete...
 then
 # gmake test
 gmake  all-am
 gmake[1]: Entering directory '/usr/local/src/tor'
 gmake[1]: Leaving directory '/usr/local/src/tor'
 ./src/test/test
 Memory fault (core dumped)
 Makefile:7219: recipe for target 'test' failed
 gmake: *** [test] Error 139
 # gdb ./src/test/test test.core
 GNU gdb (GDB) 7.3.1
 Reading symbols from /usr/local/src/tor/src/test/test...done.
 [New process 1]

 warning: Corrupted shared library list

 warning: Corrupted shared library list
 Core was generated by `test'.
 Program terminated with signal 11, Segmentation fault.
 #0  0x00500a15 in dasync_rsa_priv_enc (flen=-1145047792, from=0xbfbfebf8
 "", to=0xbbbf322b <Address 0xbbbf322b out of bounds>, rsa=0x3,
 padding=-1077941256) at engines/e_dasync.c:563
 563         return RSA_PKCS1_OpenSSL()->rsa_priv_enc(flen, from, to, rsa,
 padding);
 (gdb) bt
 #0  0x00500a15 in dasync_rsa_priv_enc (flen=-1145047792, from=0xbfbfebf8
 "", to=0xbbbf322b <Address 0xbbbf322b out of bounds>, rsa=0x3,
 padding=-1077941256) at engines/e_dasync.c:563
 #1  0xbb8e290a in ?? ()
 #2  0xbbbff510 in ?? ()
 #3  0xbbbf322b in ?? ()
 #4  0x00000003 in ?? ()
 #5  0xbfbfebf8 in ?? ()
 #6  0x00000000 in ?? ()
 (gdb) print flen
 $1 = -1145047792
 (gdb) print *flen
 $2 = 70676
 (gdb) print from
 $3 = (const unsigned char *) 0xbfbfebf8 ""
 (gdb) print *from
 $4 = 0 '\000'
 (gdb) print to
 $5 = (unsigned char *) 0xbbbf322b <Address 0xbbbf322b out of bounds>
 (gdb) print *to
 Cannot access memory at address 0xbbbf322b
 (gdb) print rsa
 $6 = (RSA *) 0x3
 (gdb) print *rsa
 Cannot access memory at address 0x3
 (gdb) print padding
 $7 = -1077941256
 (gdb) print *padding
 $8 = 0
 (gdb) frame
 #0  0x00500a15 in dasync_rsa_priv_enc (flen=-1145047792, from=0xbfbfebf8
 "", to=0xbbbf322b <Address 0xbbbf322b out of bounds>, rsa=0x3,
 padding=-1077941256) at engines/e_dasync.c:563
 563         return RSA_PKCS1_OpenSSL()->rsa_priv_enc(flen, from, to, rsa,
 padding);

 I'm quite rusty on my gdb...some pointers would be helpful.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18286#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list