Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#89 route_replies causing segfault

closed
Psychon
Modules (21)
5
2010-08-18
2010-06-09
Anonymous
No

route_replies is a very useful module but occasionally causes znc to segfault. This seems to be caused by clients disconnecting from znc at a bad time? This is certainly the typical case for me. There was a bug open for this already but it became stale:

https://sourceforge.net/tracker/index.php?func=detail&aid=2980995&group_id=115828&atid=672821

Errors appear in /var/log/messages such as:

Jun 9 08:39:39 fnx kernel: [1012500.262291] znc[1240]: segfault at 0 ip 00e3557f sp bfb14ac0 error 4 in route_replies.so[e2f000+a000]

Discussion

  • Psychon
    Psychon
    2010-06-09

    How often does this happen? Would it be feasible to run znc under gdb (perhaps in screen)?

    Commands needed would be something like this (the 'handle SIGPIPE nostop' part is important to stop gdb from being annoying):
    $ gdb znc
    handle SIGPIPE nostop
    run

    Looking at route_replies' source code I can't spot anything where clients disconnecting at a bad time would cause a segfault, sorry.

    Cheers

     
  • flakes
    flakes
    2010-06-11

    Would be great to know your ZNC version, Marc. Thanks!

     
  • Psychon
    Psychon
    2010-08-16

    • status: open --> pending
     
  • TMX
    TMX
    2010-08-18

    I've managed to replicate this issue. Does indeed seem to be caused by a client disconnecting at an inopportune time.

    I still have gdb running in a screen session, so if you need any more information, please contact me and I'll get it for you.

    ZNC version is 0.92, clients were Linkinus for iPad, and mIRC 7.1.

     
  • TMX
    TMX
    2010-08-18

    Session Start: Wed Aug 18 01:07:29 2010
    Session Ident: *route_replies
    [01:07] Session Ident: *route_replies (Saphyr, TMX) (route_replies@znc.in)
    [01:07] <*route_replies> This module hit a timeout which is possibly a bug.
    [01:07] <*route_replies> Use "silent yes" to disable this message.
    [01:07] <*route_replies> Last request: ISON ds9.uk.irc.saphyr.co.uk NickServ Drained
    [01:07] <*route_replies> Expected replies:
    Session Close: Wed Aug 18 01:08:19 2010

     
  • TMX
    TMX
    2010-08-18

    (TMX) ZNC -> IRC [PONG :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ds9.uk.irc.saphyr.co.uk]
    (TMX) CLI -> ZNC [PONG :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ZNC]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (TMXBot) CLI -> ZNC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (facebook) IRC -> ZNC [PING :PinglBee]
    (facebook) ZNC -> IRC [PONG :PinglBee]
    (facebook) ZNC -> CLI [PING :PinglBee]
    (TMX) ZNC -> CLI [PING :ZNC]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> CLI [PING :ZNC]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (facebook) CLI -> ZNC [ISON danielleemmavass]
    (facebook) ZNC -> IRC [ISON danielleemmavass]
    (TMX) CLI -> ZNC [ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (TMX) ZNC -> IRC [ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (facebook) IRC -> ZNC [:ds9.internal.omega.org.uk 303 TMX :]
    (facebook) ZNC -> CLI [:ds9.internal.omega.org.uk 303 TMX :]
    USR::TMX == Disconnected()
    USR::facebook == Disconnected()
    (TMX) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk 303 TMX :NickServ Drained ]
    (TMX) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk 303 TMX :NickServ Drained ]
    (wlm) IRC -> ZNC [PING :PinglBee]
    (wlm) ZNC -> IRC [PONG :PinglBee]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (TMXBot) CLI -> ZNC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :This module hit a timeout which is possibly a bug.]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Use "silent yes" to disable this message.]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Last request: ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Expected replies: ]

    Program received signal SIGSEGV, Segmentation fault.
    0xb7b1556f in CRouteRepliesMod::Timeout() ()
    from /home/znc/znc/lib/znc/route_replies.so

     
  • TMX
    TMX
    2010-08-18

    (gdb) bt full
    #0 0xb7b1556f in CRouteRepliesMod::Timeout() ()
    from /home/znc/znc/lib/znc/route_replies.so
    No symbol table info available.
    #1 0xb7b12860 in CRouteTimeout::RunJob() ()
    from /home/znc/znc/lib/znc/route_replies.so
    No symbol table info available.
    #2 0x08072bce in CCron::run(long&) ()
    No symbol table info available.
    #3 0x08095d08 in TSocketManager<CZNCSock>::Cron() ()
    No symbol table info available.
    #4 0x08098238 in TSocketManager<CZNCSock>::Loop() ()
    No symbol table info available.
    #5 0x0808a617 in CZNC::Loop() ()
    No symbol table info available.
    #6 0x080672e4 in main ()
    No symbol table info available.

     
  • Psychon
    Psychon
    2010-08-18

    • assigned_to: prozacx --> psychon
    • status: pending --> closed
     
  • Psychon
    Psychon
    2010-08-18

    Thanks for that verbose info, it was really helpful and I managed to track this down.
    As a work-around, you can enable silent timeouts on all users. This NULL pointer dereference happens while trying to generate the timeout message.

    Fixed in r2102 (and r2103 fixes that one again).