#135 colinux slirp daemon keeps crashing

v0.7.x (release)
closed-fixed
nobody
5
2009-02-10
2008-08-17
No

I'm using coLinux (andLinux precisely) to use my favorite torrent app, ktorrent.

Many of the times, coLinux keeps crashing in colinux-slirp-daemon.exe

I'll attach the crash logs.

Discussion

  •  
    Attachments
  • Logged In: YES
    user_id=382018
    Originator: YES

    File Added: colinux-slirp-daemon-crash.txt

     
  • Henry N.
    Henry N.
    2008-08-17

    Logged In: YES
    user_id=579204
    Originator: NO

    Hello Ritesh,

    the files you have send does not help to find the bug. It's a list of files only.

    We need informations about the crash position in the file, an instruction pointer or current cpu register values. One or more hexadecimal address numbers related to the colinux-slirp-net-daemon. Perhaps you would find such in your Windows event logger. Or, from the window, you have seen the crash, open the option "more details".

     
  • Logged In: YES
    user_id=382018
    Originator: YES

    THank you. I tried that. But Windows didn't allow me to copy paste that particular data. I'll see again to figure out how more info can be extracted. From my use, I can say is that colinux-slirp-daemon.exe is at fault. It keeps crashing very often. The crash is triggered especially when heavy network is done (I can't define how heavy. For me it was just a torrent app with 50-60k bandwidth utilization).

    Crashes are ugly and bad. So I moved to native coLinux (I was using andLinux). Now, I've configured my network with WinPCAP in Bridged mode. My setup is now running for 12+ hours without any problems. I'm still using the same applications. Hence, I'm sure it is a bug with colinux-slirp-daemon.exe.

    I'll try to reproduce the bug with the old setup once again and see if I can get the information that you're asking for.

    And btw, thank you very much for coLinux. It is one great application I can give to my Windows colleagues to enjoy Linux.

     
  • Logged In: YES
    user_id=382018
    Originator: YES

    I just looked into Event Viewer. There is nothing logged related to coLinux. :-(

     
    • status: open --> closed
     
  • I want to close this bug report because I moved to Bridge Mode, where I don't see the crash.
    Even in slirp mode, this bug is reproducible under heavy load. While I can't define *heavy*, I don't think a lot of people are seeing this bug. So I'm closing it because I can't follow up on this atm.

     
  • Shai
    Shai
    2009-02-05

    I think this should be re-opened.

    I've caused this to happen several times and it seems that the crash happens at the same point (i.e., same IP, dame call stack, same disassembly location, etc.)

    The reason for this does seem to heavy network related, such as the case running bittorrents.

    My setup is:
    coLinux 0.7.3
    Slirp to connect to the Internet.
    TAP to connect to the host and share files.
    Linux Gentoo.
    Windows XP SP3.

    Call stack:
    COLINUX-SLIRP-NET-DAEMON! 00402b90()
    COLINUX-SLIRP-NET-DAEMON! 004089db()
    COLINUX-SLIRP-NET-DAEMON! 00401d77()
    COLINUX-SLIRP-NET-DAEMON! 0040130d()
    COLINUX-SLIRP-NET-DAEMON! 00401247()
    COLINUX-SLIRP-NET-DAEMON! 00401298()
    KERNEL32! 7c817067()

    Registers:
    EAX = 00000001 EBX = 00000002
    ECX = 77C2C2E3 EDX = 00030608
    ESI = 0051B03C EDI = 005143E0
    EIP = 00402B90 ESP = 0023FA20
    EBP = 0023FA98 EFL = 00000246
    MM0 = 0000000000000000
    MM1 = 0000000000000000
    MM2 = 0000000000000000
    MM3 = 0000000000000000
    MM4 = 0000000000000000
    MM5 = 0000003800000000
    MM6 = 0000000000000000
    MM7 = 004012A000000000
    XMM0 = 00000000000000000000000000000000
    XMM1 = 00000000000000000000000000000000
    XMM2 = 00000000000000000000000000000000
    XMM3 = 00000000000000000000000000000000
    XMM4 = 00000000000000000000000000000000
    XMM5 = 00000000000000000000000000000000
    XMM6 = 00000000000000000000000000000000
    XMM7 = 00000000000000000000000000000000
    CS = 001B DS = 0023 ES = 0023 SS = 0023
    FS = 003B GS = 0000 OV=0 UP=0 EI=1 PL=0
    ZR=1 AC=0 PE=1 CY=0

    0051B046 = ????

    XMM0DL = +0.00000000000000E+000
    XMM0DH = +0.00000000000000E+000
    XMM1DL = +0.00000000000000E+000
    XMM1DH = +0.00000000000000E+000
    XMM2DL = +0.00000000000000E+000
    XMM2DH = +0.00000000000000E+000
    XMM3DL = +0.00000000000000E+000
    XMM3DH = +0.00000000000000E+000
    XMM4DL = +0.00000000000000E+000
    XMM4DH = +0.00000000000000E+000
    XMM5DL = +0.00000000000000E+000
    XMM5DH = +0.00000000000000E+000
    XMM6DL = +0.00000000000000E+000
    XMM6DH = +0.00000000000000E+000
    XMM7DL = +0.00000000000000E+000
    XMM7DH = +0.00000000000000E+000
    XMM00 = +0.00000E+000
    XMM01 = +0.00000E+000
    XMM02 = +0.00000E+000
    XMM03 = +0.00000E+000
    XMM10 = +0.00000E+000
    XMM11 = +0.00000E+000
    XMM12 = +0.00000E+000
    XMM13 = +0.00000E+000
    XMM20 = +0.00000E+000
    XMM21 = +0.00000E+000
    XMM22 = +0.00000E+000
    XMM23 = +0.00000E+000
    XMM30 = +0.00000E+000
    XMM31 = +0.00000E+000
    XMM32 = +0.00000E+000
    XMM33 = +0.00000E+000
    XMM40 = +0.00000E+000
    XMM41 = +0.00000E+000
    XMM42 = +0.00000E+000
    XMM43 = +0.00000E+000
    XMM50 = +0.00000E+000
    XMM51 = +0.00000E+000
    XMM52 = +0.00000E+000
    XMM53 = +0.00000E+000
    XMM60 = +0.00000E+000
    XMM61 = +0.00000E+000
    XMM62 = +0.00000E+000
    XMM63 = +0.00000E+000
    XMM70 = +0.00000E+000
    XMM71 = +0.00000E+000
    XMM72 = +0.00000E+000
    XMM73 = +0.00000E+000 MXCSR = 00001F80
    ST0 = +0.00000000000000000e+0000
    ST1 = +0.00000000000000000e+0000
    ST2 = +0.00000000000000000e+0000
    ST3 = +0.00000000000000000e+0000
    ST4 = +0.00000000000000000e+0000
    ST5 = +0.00000000000000000e+0000
    ST6 = +0.00000000000000000e+0000
    ST7 = +0.00000000000000000e+0000
    CTRL = 037F STAT = 0000 TAGS = FFFF
    EIP = 00000000
    CS = 0000 DS = 0000 EDO = 00000000

    Disassembly (current location is 00402B90, I've added a few lines
    before as well).
    00402B66 je 00402B90
    00402B68 mov ecx,dword ptr [ebp-30h]
    00402B6B cmp word ptr [ecx+8],9
    00402B70 jle 00402D67
    00402B76 mov edi,dword ptr [ebp-30h]
    00402B79 mov eax,dword ptr [edi+8]
    00402B7C sub eax,3
    00402B7F cmp ax,7
    00402B83 jbe 00402D5D
    00402B89 lea esi,[esi]
    ---> 00402B90 movzx eax,word ptr [esi+0Ah]
    00402B94 dec eax
    00402B95 cmp ax,4
    00402B99 ja 00402BA5
    00402B9B cmp byte ptr [esi+28h],1Bh
    00402B9F je 00402D8B
    00402BA5 mov eax,dword ptr [ebp-4Ch]
    00402BA8 test eax,eax
    00402BAA jne 00402BB9
    00402BAC mov ecx,dword ptr [ebp-30h]
    00402BAF test byte ptr [ecx+1Ch],1
    00402BB3 je 004029E2
    00402BB9 mov ebx,dword ptr [ebp-30h]
    00402BBC mov dword ptr [ebp+8],ebx
    00402BBF lea esp,[ebp-0Ch]
    00402BC2 pop ebx
    00402BC3 pop esi
    00402BC4 pop edi
    00402BC5 pop ebp
    00402BC6 jmp 00406460
    00402BCB mov ebx,dword ptr [ebp-30h]
    00402BCE movsx edx,word ptr [ebx+8]
    00402BD2 cmp dx,9
    00402BD6 jg 00402B4E
    00402BDC mov eax,dword ptr [esi+18h]
    00402BDF cmp eax,dword ptr [ebx+6Ch]
    00402BE2 jne 00402BEC
    00402BE4 cmp dword ptr [ebx],ebx
    00402BE6 je 004031AE
    00402BEC mov ebx,dword ptr [ebp-68h]
    00402BEF sub esp,4
    00402BF2 push ebx
    00402BF3 push esi

    The exception is an access violation.
    Thanks,
    - Shai

     
  • Henry N.
    Henry N.
    2009-02-06

    Ok, thanks vshai.

    The stack with labels:
    COLINUX-SLIRP-NET-DAEMON! 00402b90() _tcp_input+0x5f0
    COLINUX-SLIRP-NET-DAEMON! 004089db() _slirp_select_poll+0x11b
    COLINUX-SLIRP-NET-DAEMON! 00401d77() _co_slirp_main+0x237
    COLINUX-SLIRP-NET-DAEMON! 0040130d() _main+0x2d
    COLINUX-SLIRP-NET-DAEMON! 00401247() ___mingw_CRTStartup+0xf7
    COLINUX-SLIRP-NET-DAEMON! 00401298() _mainCRTStartup+0x18

    Here the assembler with source line numbers:
    src/colinux/user/slirp/tcp_input.c:1403
    402b76: 8b 7d d0 mov 0xffffffd0(%ebp),%edi
    402b79: 8b 47 08 mov 0x8(%edi),%eax
    402b7c: 83 e8 03 sub $0x3,%eax
    402b7f: 66 83 f8 07 cmp $0x7,%ax
    402b83: 0f 86 d4 01 00 00 jbe 402d5d <_tcp_input+0x7bd>
    402b89: 8d b4 26 00 00 00 00 lea 0x0(%esi),%esi
    src/colinux/user/slirp/tcp_input.c:1460
    ===> 402b90: 0f b7 46 0a movzwl 0xa(%esi),%eax <===
    402b94: 48 dec %eax
    402b95: 66 83 f8 04 cmp $0x4,%ax
    402b99: 77 0a ja 402ba5 <_tcp_input+0x605>
    402b9b: 80 7e 28 1b cmpb $0x1b,0x28(%esi)
    402b9f: 0f 84 e6 01 00 00 je 402d8b <_tcp_input+0x7eb>
    src/colinux/user/slirp/tcp_input.c:1468
    402ba5: 8b 45 b4 mov 0xffffffb4(%ebp),%eax
    402ba8: 85 c0 test %eax,%eax
    402baa: 75 0d jne 402bb9 <_tcp_input+0x619>
    402bac: 8b 4d d0 mov 0xffffffd0(%ebp),%ecx
    402baf: f6 41 1c 01 testb $0x1,0x1c(%ecx)
    402bb3: 0f 84 29 fe ff ff je 4029e2 <_tcp_input+0x442>
    src/colinux/user/slirp/tcp_input.c:1469

    Here is this source line number 1460 on SF:
    http://colinux.svn.sourceforge.net/viewvc/colinux/branches/devel/src/colinux/user/slirp/tcp_input.c?view=markup#l_1460

     
  • Henry N.
    Henry N.
    2009-02-06

    • labels: --> Crash / BSOD
    • status: closed --> open
     
  • Henry N.
    Henry N.
    2009-02-08

    Thanks Shai Vaingast for the patch. Committed to SVN as revision r1214.

     
  • Henry N.
    Henry N.
    2009-02-10

    • status: open --> closed-fixed
     
  • Henry N.
    Henry N.
    2009-02-10

    Shai reported that is fixed now. So, I close this bug now.