Opened 5 years ago

Closed 5 years ago

#11609 closed defect (fixed)

Tor crash on start when Sandbox enabled

Reported by: alphawolf Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.5.x-final
Component: Core Tor/Tor Version: Tor: 0.2.5.4-alpha
Severity: Keywords: sandbox
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

System:
Debian Jessie (Xen Guest)
$ uname -a
Linux tor 3.13-1-amd64 #1 SMP Debian 3.13.7-1 (2014-03-25) x86_64 GNU/Linux
2 vcpus (Core2Quad Q9550)
512 MB RAM + 512 MB swap
libseccomp-dev: v2.1.1-1

./configure:
./configure CFLAGS="-g -pg -Wall" --disable-asciidoc --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-tor-user=debian-tor --with-tor-group=debian-tor

Stack trace and torrc to be attached...

Child Tickets

Attachments (3)

stack-trace.txt (2.5 KB) - added by alphawolf 5 years ago.
stack trace.. and more.
torrc (1.0 KB) - added by alphawolf 5 years ago.
combined torrc
11609.patch (405 bytes) - added by nickm 5 years ago.

Download all attachments as: .zip

Change History (16)

Changed 5 years ago by alphawolf

Attachment: stack-trace.txt added

stack trace.. and more.

Changed 5 years ago by alphawolf

Attachment: torrc added

combined torrc

comment:1 Changed 5 years ago by nickm

Summary: Tor crash on start when Sandbox enabledTor crash on start when Sandbox enabled with profiling.

I think this is crashing because you're profiling... (I say that because it's happening inside moncontrol, which is a profiling-related function).

I wonder how to fix this combination (Sandbox+profiling), and whether we should support it in 0.2.5. The crash is probably reproducible, at least, which should put a fix within reach.

comment:2 Changed 5 years ago by alphawolf

Status: newneeds_information

I'm actually having trouble reproducing this on another vm (VirtualBox on another host), even after copying over torrc with minimal changes and using the same ./configure options. I'll need to spin up another VM on the Xen host to limit variables. Maybe the hypervisor doesn't want to play nice. I'll give more info when I'm able to reproduce.

comment:3 Changed 5 years ago by alphawolf

Status: needs_informationnew
Summary: Tor crash on start when Sandbox enabled with profiling.Tor crash on start when Sandbox enabled

Alright, I was able to reproduce the problem in both the Xen guest and the VirtualBox guest. It doesn't appear to be related to any of the CFLAGS, or indeed any options passed to ./configure at all (I tried many combos). It only seems to happen if I start Tor using Debian's /etc/init.d/tor start. If I call it directly @ /usr/bin/tor it does not generate a stack trace.

I thought perhaps it was something in how I built it from source, but this problem can be reproduced with the deb packages from the tor experimental repo as well, on a fresh install of Debian Jessie. As soon as Sandbox 1 is enabled, any attempt to start tor using $ /etc/init.d/tor start or $ service tor start results in a stack trace. Calling the binary directly starts without crash.

comment:4 Changed 5 years ago by nickm

Hm. I wonder, what does the init.d script do that starting Tor from the command line does not? And which of those things matters?

comment:5 Changed 5 years ago by nickm

Milestone: Tor: 0.2.5.x-final

comment:6 Changed 5 years ago by nickm

Owner: set to nickm
Status: newassigned

comment:7 Changed 5 years ago by alphawolf

Line 149 of /etc/init.d/tor calls check_config.

If I comment out that line, tor will start with sandbox enabled. Uncomment, and it crashes.  That function (?) consists of:

check_config () {
        if ! $DAEMON $VERIFY_ARGS > /dev/null; then
                log_failure_msg "Checking if $NAME configuration is valid"
                $DAEMON $VERIFY_ARGS >&2
                exit 1
        fi
}

I've located it... someone else will have to figure out the "why".

comment:8 Changed 5 years ago by nickm

Can you tell me what the stack trace looks like in this case (without profiling)?

comment:9 Changed 5 years ago by alphawolf

This is on the fresh install. Everything as-shipped except enabling Sandbox in torrc:

# /etc/init.d/tor start

============================================================ T= 1398992076
(Sandbox) Caught a bad syscall attempt (syscall ioctl)
/usr/bin/tor(+0x124c3a)[0x7fb5d3b40c3a]
/lib/x86_64-linux-gnu/libc.so.6(tcgetattr+0x19)[0x7fb5d2143d49]
/lib/x86_64-linux-gnu/libc.so.6(tcgetattr+0x19)[0x7fb5d2143d49]
/lib/x86_64-linux-gnu/libc.so.6(isatty+0xc)[0x7fb5d214053c]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_doallocate+0x104)[0x7fb5d20cf314]
/lib/x86_64-linux-gnu/libc.so.6(_IO_doallocbuf+0x2c)[0x7fb5d20dbdec]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_overflow+0x198)[0x7fb5d20db2d8]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_xsputn+0xa1)[0x7fb5d20da5d1]
/lib/x86_64-linux-gnu/libc.so.6(_IO_puts+0xa0)[0x7fb5d20d16b0]
/usr/bin/tor(tor_main+0x129e)[0x7fb5d3a54e5e]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7fb5d2087b45]
/usr/bin/tor(+0x32d0b)[0x7fb5d3a4ed0b]
[FAIL] Checking if tor configuration is valid ... failed!
May 01 20:54:36.776 [notice] Tor v0.2.5.4-alpha (git-af996adebf1f0225) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1g and Zlib 1.2.8.
May 01 20:54:36.776 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
May 01 20:54:36.776 [notice] This version is not a stable Tor release. Expect more bugs than usual.
May 01 20:54:36.776 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
May 01 20:54:36.776 [notice] Read configuration file "/etc/tor/torrc".

============================================================ T= 1398992076
(Sandbox) Caught a bad syscall attempt (syscall ioctl)
/usr/bin/tor(+0x124c3a)[0x7fdff7fd7c3a]
/lib/x86_64-linux-gnu/libc.so.6(tcgetattr+0x19)[0x7fdff65dad49]
/lib/x86_64-linux-gnu/libc.so.6(tcgetattr+0x19)[0x7fdff65dad49]
/lib/x86_64-linux-gnu/libc.so.6(isatty+0xc)[0x7fdff65d753c]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_doallocate+0x104)[0x7fdff6566314]
/lib/x86_64-linux-gnu/libc.so.6(_IO_doallocbuf+0x2c)[0x7fdff6572dec]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_overflow+0x198)[0x7fdff65722d8]
/lib/x86_64-linux-gnu/libc.so.6(_IO_file_xsputn+0xa1)[0x7fdff65715d1]
/lib/x86_64-linux-gnu/libc.so.6(_IO_puts+0xa0)[0x7fdff65686b0]
/usr/bin/tor(tor_main+0x129e)[0x7fdff7eebe5e]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7fdff651eb45]
/usr/bin/tor(+0x32d0b)[0x7fdff7ee5d0b]

Changed 5 years ago by nickm

Attachment: 11609.patch added

comment:10 Changed 5 years ago by nickm

Status: assignedneeds_review

If you can try a patch, I have an idea that the one I just attached might fix --verify-config. It only applies the sandbox in the case where we're about to run Tor.

comment:11 Changed 5 years ago by alphawolf

Confirmed; patch fixes issue both with and without profiling.

comment:12 Changed 5 years ago by nickm

Fix applied as 5d496963b4a98512711bd4cbc5565535d89e7845; thanks!

comment:13 Changed 5 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed
Note: See TracTickets for help on using tickets.