[tor-bugs] #28612 [Core Tor/Tor]: Tor start via Windows service fails

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 3 07:50:56 UTC 2018 

#28612: Tor start via Windows service fails
--------------------------------+------------------------------------
 Reporter:  Vort                |          Owner:  (none)
     Type:  defect              |         Status:  new
 Priority:  Medium              |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor        |        Version:  Tor: 0.3.5.5-alpha
 Severity:  Normal              |     Resolution:
 Keywords:  windows nt-service  |  Actual Points:
Parent ID:                      |         Points:
 Reviewer:                      |        Sponsor:
--------------------------------+------------------------------------
Changes (by Vort):

 * status:  needs_information => new


Comment:

 With fresh build `cpuworker_queue_work` bug popped out again.
 Let's switch to it. Here is the trace with `__asm__("int3");` added:
 {{{
 Thread 4 received signal SIGTRAP, Trace/breakpoint trap.
 [Switching to Thread 64900.0x1181c]
 cpuworker_queue_work (priority=priority at entry=WQ_PRI_LOW,
     fn=fn at entry=0x47b020 <consensus_diff_worker_threadfn>,
     reply_fn=reply_fn at entry=0x47cd30 <consensus_diff_worker_replyfn>,
     arg=arg at entry=0x285b530) at src/core/mainloop/cpuworker.c:502
 502       tor_assert(threadpool);
 (gdb) bt
 #0  cpuworker_queue_work (priority=priority at entry=WQ_PRI_LOW,
     fn=fn at entry=0x47b020 <consensus_diff_worker_threadfn>,
     reply_fn=reply_fn at entry=0x47cd30 <consensus_diff_worker_replyfn>,
     arg=arg at entry=0x285b530) at src/core/mainloop/cpuworker.c:502
 #1  0x000000000047d7ef in consensus_diff_queue_diff_work
 (diff_to=0x139ab10,
     diff_from=0x1405930) at src/feature/dircache/consdiffmgr.c:1718
 #2  consdiffmgr_rescan_flavor_ (flavor=FLAV_MICRODESC)
     at src/feature/dircache/consdiffmgr.c:1013
 #3  consdiffmgr_rescan () at src/feature/dircache/consdiffmgr.c:1127
 #4  0x00000000621d4b30 in ?? () from D:\Tor\libevent-2-1-6.dll
 #5  0x00000000621d5504 in ?? () from D:\Tor\libevent-2-1-6.dll
 #6  0x00000000004149bf in run_main_loop_once ()
     at src/core/mainloop/mainloop.c:2926
 #7  run_main_loop_until_done () at src/core/mainloop/mainloop.c:2988
 #8  do_main_loop () at src/core/mainloop/mainloop.c:2883
 #9  0x00000000004f4916 in nt_service_body (argc=<optimized out>,
     argv=<optimized out>) at src/app/main/ntmain.c:301
 #10 0x000007fefdb1a82d in SECHOST!RegisterServiceCtrlHandlerExA ()
    from C:\Windows\SYSTEM32\sechost.dll
 #11 0x00000000778759cd in KERNEL32!BaseThreadInitThunk ()
    from C:\Windows\system32\kernel32.dll
 #12 0x00000000779d385d in ntdll!RtlUserThreadStart ()
    from C:\Windows\SYSTEM32\ntdll.dll
 #13 0x0000000000000000 in ?? ()
 Backtrace stopped: previous frame inner to this frame (corrupt stack?)
 (gdb) p threadpool
 $1 = (threadpool_t *) 0x0
 (gdb)
 }}}

 What I see is that `threadpool` should be initialized in `cpu_init`
 function.
 Which is called from `run_tor_main_loop` function.

 But it have no chance to be executed because `do_main_loop` is already
 fired by `nt_service_body`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28612#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list