[tor-bugs] #19128 [Core Tor/Tor]: Bug: src/common/crypto.c:3039: memwipe: Assertion sz < SIZE_T_CEILING failed; aborting.

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue May 24 19:12:59 UTC 2016 

#19128: Bug: src/common/crypto.c:3039: memwipe: Assertion sz < SIZE_T_CEILING
failed; aborting.
-------------------------------+------------------------------------
 Reporter:  toralf             |          Owner:  nickm
     Type:  defect             |         Status:  needs_information
 Priority:  High               |      Milestone:  Tor: 0.2.8.x-final
Component:  Core Tor/Tor       |        Version:  Tor: 0.2.8.2-alpha
 Severity:  Blocker            |     Resolution:
 Keywords:  TorCoreTeam201605  |  Actual Points:
Parent ID:                     |         Points:
 Reviewer:                     |        Sponsor:
-------------------------------+------------------------------------

Comment (by toralf):

 The issue appeared again after about 20h (expected due to the lower
 bandwidth now).
 Unfortunately I missed to add the "-ex bt" to the gdb command line,
 therefore I just got a
 {{{
 Program received signal SIGFPE, Arithmetic exception.
 0x00000313c6d855e1 in tls1_enc (s=0x79e1d5f710, send=1) at t1_enc.c:849
 849 t1_enc.c: No such file or directory.
 }}}
 related to this of debug.log
 {{{
 May 24 19:06:35.000 [debug] conn_write_callback(): socket 622 wants to
 write.

 ============================================================ T= 1464109596
 Tor 0.2.8.2-alpha-dev (git-684babee8491c3e9) died: Caught signal 8
 /usr/bin/tor(+0x1435c9)[0x79dd1c35c9]
 /usr/lib64/libssl.so.1.0.0(tls1_enc+0x1c1)[0x313c6d855e1]
 /usr/lib64/libssl.so.1.0.0(tls1_enc+0x1c1)[0x313c6d855e1]
 /usr/lib64/libssl.so.1.0.0(+0x320fa)[0x313c6d760fa]
 /usr/lib64/libssl.so.1.0.0(ssl3_write_bytes+0xe5)[0x313c6d76555]
 /usr/bin/tor(tor_tls_write+0xa3)[0x79dd1ef7e3]
 /usr/bin/tor(flush_buf_tls+0xbb)[0x79dd128d3b]
 /usr/bin/tor(+0xf2e52)[0x79dd172e52]
 /usr/bin/tor(connection_handle_write+0x43)[0x79dd173813]
 /usr/bin/tor(+0x3fe41)[0x79dd0bfe41]
 /usr/lib64/libevent-2.0.so.5(event_base_loop+0x799)[0x313c6fd4319]
 /usr/bin/tor(do_main_loop+0x235)[0x79dd0c10c5]
 /usr/bin/tor(tor_main+0x1b35)[0x79dd0c4745]
 /usr/bin/tor(main+0x2b)[0x79dd0bc6ab]
 /lib64/libc.so.6(__libc_start_main+0x114)[0x313c5cce734]
 /usr/bin/tor(_start+0x29)[0x79dd0bc6f9]
 }}}
 I do have the debug.log here and can send it via email if needed.
 Currently I do have the following gdb running :
 {{{
 rm nohup.out; nohup gdb -q -p `pgrep tor` -ex "handle SIGPIPE nostop
 ignore noprint" -ex "handle SIGHUP nostop" -ex cont -ex bt &
 }}}
 Hope to get a better result within the enxt day or so.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19128#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list