Opened 7 months ago

Closed 6 months ago

Last modified 6 months ago

#32841 closed defect (fixed)

sandbox error on 0.4.2.x

Reported by: weasel Owned by:
Priority: High Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor Version: Tor: 0.4.2.5
Severity: Normal Keywords: network-health regression crash sandbox
Cc: gk, teor Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

0.4.2.x has (apparently introduced) a sandbox issue. This did not happen on 0.4.1.6 before.

Currently it seems to happen every time at midnight (the hup might come from logrotate)

Dec 17 23:55:04.000 [notice] Uploaded signature(s) to dirserver 171.25.193.9:443
Dec 17 23:57:30.000 [notice] Time to fetch any signatures that we're missing.
Dec 18 00:00:00.000 [notice] Time to publish the consensus and discard old votes
Dec 18 00:00:00.000 [notice] Published ns consensus
Dec 18 00:00:01.000 [notice] Published microdesc consensus
Dec 18 00:00:04.000 [notice] Received reload signal (hup). Reloading config and resetting internal state.
Dec 18 00:00:04.000 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Dec 18 00:00:04.000 [notice] Read configuration file "/etc/tor/torrc".

============================================================ T= 1576627205
(Sandbox) Caught a bad syscall attempt (syscall dup)
/usr/bin/tor(+0x1fc9fa)[0x565130b7a9fa]
/lib/x86_64-linux-gnu/libc.so.6(dup+0x7)[0x7f46a89a0bc7]
/lib/x86_64-linux-gnu/libc.so.6(dup+0x7)[0x7f46a89a0bc7]
/usr/bin/tor(tor_log_update_sigsafe_err_fds+0x18b)[0x565130b8e99b]
/usr/bin/tor(set_options+0x3c0)[0x565130b0af80]
/usr/bin/tor(options_init_from_string+0x17d)[0x565130b0d3dd]
/usr/bin/tor(options_init_from_torrc+0x404)[0x565130b0da74]
/usr/bin/tor(+0x5f961)[0x5651309dd961]
/usr/lib/x86_64-linux-gnu/libevent-2.1.so.6(+0x22a6c)[0x7f46a8ff8a6c]
/usr/lib/x86_64-linux-gnu/libevent-2.1.so.6(event_base_loop+0x5a7)[0x7f46a8ff9537]
/usr/bin/tor(do_main_loop+0xff)[0x5651309f23af]
/usr/bin/tor(tor_run_main+0x1105)[0x5651309dfd55]
/usr/bin/tor(tor_main+0x3a)[0x5651309dd23a]
/usr/bin/tor(main+0x19)[0x5651309dcdf9]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb)[0x7f46a88da09b]
/usr/bin/tor(_start+0x2a)[0x5651309dce4a]

and

Dec 20 00:00:00.000 [notice] Published microdesc consensus
Dec 20 00:00:05.000 [notice] Received reload signal (hup). Reloading config and resetting internal state.
Dec 20 00:00:05.000 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Dec 20 00:00:05.000 [notice] Read configuration file "/etc/tor/torrc".

============================================================ T= 1576800005
(Sandbox) Caught a bad syscall attempt (syscall dup)
/usr/bin/tor(+0x1fc9fa)[0x55ffd52439fa]
/lib/x86_64-linux-gnu/libc.so.6(dup+0x7)[0x7fcb63423bc7]
/lib/x86_64-linux-gnu/libc.so.6(dup+0x7)[0x7fcb63423bc7]
/usr/bin/tor(tor_log_update_sigsafe_err_fds+0x18b)[0x55ffd525799b]
/usr/bin/tor(set_options+0x3c0)[0x55ffd51d3f80]
/usr/bin/tor(options_init_from_string+0x17d)[0x55ffd51d63dd]
/usr/bin/tor(options_init_from_torrc+0x404)[0x55ffd51d6a74]
/usr/bin/tor(+0x5f961)[0x55ffd50a6961]
/usr/lib/x86_64-linux-gnu/libevent-2.1.so.6(+0x22a6c)[0x7fcb63a7ba6c]
/usr/lib/x86_64-linux-gnu/libevent-2.1.so.6(event_base_loop+0x5a7)[0x7fcb63a7c537]
/usr/bin/tor(do_main_loop+0xff)[0x55ffd50bb3af]
/usr/bin/tor(tor_run_main+0x1105)[0x55ffd50a8d55]
/usr/bin/tor(tor_main+0x3a)[0x55ffd50a623a]
/usr/bin/tor(main+0x19)[0x55ffd50a5df9]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb)[0x7fcb6335d09b]
/usr/bin/tor(_start+0x2a)[0x55ffd50a5e4a]

Child Tickets

Change History (10)

comment:1 Changed 6 months ago by arma

Cc: gk added
Keywords: network-health added

comment:2 Changed 6 months ago by nickm

Keywords: regression crawsh sandbox added

comment:3 Changed 6 months ago by nickm

Keywords: crash added; crawsh removed

comment:6 Changed 6 months ago by nickm

Cc: teor added

This looks good to me, though I don't yet see why people are reporting this bug as "new in 0.4.2.x" if it's really new in 0.4.1.x.

comment:7 Changed 6 months ago by weasel

The bug did not manifest on 0.4.1.6.

comment:8 Changed 6 months ago by pege

This looks good to me, though I don't yet see why people are reporting this bug as "new in 0.4.2.x" if it's really new in 0.4.1.x.

Probably because the issue was only introduced in 0.4.1.7 and most people are still running 0.4.1.6 or upgraded directly to 0.4.2.5.

Versions having the call to dup():

$ git tag --contains a22fbab9
tor-0.4.1.7
tor-0.4.2.1-alpha
tor-0.4.2.2-alpha
tor-0.4.2.3-alpha
tor-0.4.2.4-rc
tor-0.4.2.5
tor-0.4.3.0-alpha-dev

comment:9 Changed 6 months ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Ah, makes sense. Merged this to maint-0.4.1 and forward, after tweaking the changes file to make "make check-changes" pass.

comment:10 Changed 6 months ago by nickm

(Also, thanks for the patch!)

Note: See TracTickets for help on using tickets.