Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#3274 closed defect (user disappeared)

segmentation fault when setting "StrictNodes 1" in torrc

Reported by: mr-4 Owned by:
Priority: High Milestone: Tor: 0.2.2.x-final
Component: Core Tor/Tor Version: Tor: 0.2.2.27-beta
Severity: Keywords: tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

version 2.2.27-beta

When I set "StrictNodes 1" in torrc I get this:

May 23 22:56:15 test1 Tor[6418]: You have asked to exclude certain relays from all positions in your circuits. Expect hidden services and other Tor features to be broken in unpredictable ways.
May 23 22:56:15 test1 kernel: [160149.317366] tor[6418]: segfault at 0 ip 0052c3d1 sp bfc1e1bc error 4 in libc-2.12.2.so[4b5000+184000]

After which tor dies! My machine is i686 (P2) using .35 version of the Linux kernel (tor is compiled/built from source).

Child Tickets

Change History (14)

comment:1 Changed 8 years ago by Sebastian

Which other configuration options did you set? I'm mostly interested in the other *Nodes options. Feel free to leave out which nodes you're actually ignoring/using

comment:2 Changed 8 years ago by nickm

Milestone: Tor: 0.2.2.x-final
Priority: criticalmajor
Version: Tor: 0.2.2.27-beta

Just the address of the segfault alone doesn't tell us much, and I'm not able to reproduce this myself. Can you get a stack trace?

comment:3 Changed 8 years ago by nickm

Hello? I'd like to fix this, but I can't do anything without more information.

comment:4 Changed 8 years ago by tornewbie

IDK if my report can help , but I had a segfault too after adding a node to the ExcludeExitNodes list and then reloading tor :

tor[2207]: segfault at 0 ip b730fcc1 sp bfe020fc error 4 in libc-2.13.so[b729d000+153000]

  • Tor 0.2.3.1-alpha-dev (git-cb7fff193e2749f2)
  • openssl 1.0.0d
  • libevent 2.0.10

tor self compiled with -O3 , --enable-openbsd-malloc , hardening flags , gcc version 4.6.1 20110521 (prerelease) (Debian 4.6.0-8) , debian sid x32

comment:5 Changed 8 years ago by Sebastian

I still can't confirm this. Can you try to either get a stack trace or maybe compile with -O2?

comment:6 Changed 8 years ago by nickm

Right; it's the stack trace that would be most helpful here. Would you like instructions for that?

comment:7 in reply to:  6 Changed 8 years ago by mr-4

Replying to nickm:

Right; it's the stack trace that would be most helpful here. Would you like instructions for that?

Yes, please!

One thing I should also clarify, which I forgot to do when submitted this report - I added the two new options introduced recently: ControlSocketsGroupWritable 0 and StrictNodes 1 (these were absent before) then did "killall -HUP tor" - I did not stop and restart tor. When tor bailed out I did "rm -rf /var/lib/tor/* && service tor start" - all was OK then. Hope this helps!

comment:8 Changed 8 years ago by nickm

ok. So the idea is to make Tor produce a core dump file when it crashes, then use gdb to extract a stack trace from that core dump.

It's easiest to get a core dump if you're not running it as a service: if you can this crash from the command line, that'll be easiest. To get a core dump, run "ulimit -c unlimited" in bash before you start Tor. (That's "unlimit coredumpsize" if you use tcsh.) Then after Tor crashes, it should produce a core file. Don't send us the core file -- it has keys and sensitive data in it. Just run "gdb TOR CORE" where TOR is the path to your Tor executable, and CORE is a path to the core file. gdb will load the core. To get a stack trace, say "bt". gdb will print a back trace. Copy this verbatim into the bug report.

comment:9 Changed 8 years ago by mr-4

The problem is, Nick, I am running tor on a low-end machine, which has no dev tools of any kind installed (it is part of my dmz) and has hardened kernel and other such tools - I do not normally run tor outside dmz.

What I could do, though, is install the debug package of tor (instead of the "normal" package) - would that be of any help to you?

comment:10 Changed 8 years ago by mr-4

I've just tried to reproduce this again by doing exactly the same thing I did when I first got this error, but I can't (tried doing this 4 times) - tor reloads normally. I haven't changed anything on that system since then. I don't know what to suggest really!

comment:11 in reply to:  9 Changed 8 years ago by asn

Replying to mr-4:

The problem is, Nick, I am running tor on a low-end machine, which has no dev tools of any kind installed (it is part of my dmz) and has hardened kernel and other such tools - I do not normally run tor outside dmz.

What I could do, though, is install the debug package of tor (instead of the "normal" package) - would that be of any help to you?

I'm afraid that you must have gdb installed to follow nickm's instructions.

If you don't want to install it, you might be 'lucky' and your Linux distro might have gdb installed by default.

comment:12 Changed 8 years ago by Sebastian

Resolution: user disappeared
Status: newclosed

Closing this as user disappeared. Without any kind of debug info and nobody else reproducing, it seems likely that we can't fix this. Please reopen if it keeps happening and there's some more input

comment:13 Changed 7 years ago by nickm

Keywords: tor-client added

comment:14 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.