#89 route_replies causing segfault

closed
Psychon
Modules (21)
5
2010-08-18
2010-06-09
Anonymous
No

route_replies is a very useful module but occasionally causes znc to segfault. This seems to be caused by clients disconnecting from znc at a bad time? This is certainly the typical case for me. There was a bug open for this already but it became stale:

https://sourceforge.net/tracker/index.php?func=detail&aid=2980995&group_id=115828&atid=672821

Errors appear in /var/log/messages such as:

Jun 9 08:39:39 fnx kernel: [1012500.262291] znc[1240]: segfault at 0 ip 00e3557f sp bfb14ac0 error 4 in route_replies.so[e2f000+a000]

Discussion

  • Psychon

    Psychon - 2010-06-09

    How often does this happen? Would it be feasible to run znc under gdb (perhaps in screen)?

    Commands needed would be something like this (the 'handle SIGPIPE nostop' part is important to stop gdb from being annoying):
    $ gdb znc
    handle SIGPIPE nostop
    run

    Looking at route_replies' source code I can't spot anything where clients disconnecting at a bad time would cause a segfault, sorry.

    Cheers

     
  • flakes

    flakes - 2010-06-11

    Would be great to know your ZNC version, Marc. Thanks!

     
  • Psychon

    Psychon - 2010-08-16
    • status: open --> pending
     
  • TMX

    TMX - 2010-08-18

    I've managed to replicate this issue. Does indeed seem to be caused by a client disconnecting at an inopportune time.

    I still have gdb running in a screen session, so if you need any more information, please contact me and I'll get it for you.

    ZNC version is 0.92, clients were Linkinus for iPad, and mIRC 7.1.

     
  • TMX

    TMX - 2010-08-18

    Session Start: Wed Aug 18 01:07:29 2010
    Session Ident: *route_replies
    [01:07] Session Ident: *route_replies (Saphyr, TMX) (route_replies@znc.in)
    [01:07] <*route_replies> This module hit a timeout which is possibly a bug.
    [01:07] <*route_replies> Use "silent yes" to disable this message.
    [01:07] <*route_replies> Last request: ISON ds9.uk.irc.saphyr.co.uk NickServ Drained
    [01:07] <*route_replies> Expected replies:
    Session Close: Wed Aug 18 01:08:19 2010

     
  • TMX

    TMX - 2010-08-18

    (TMX) ZNC -> IRC [PONG :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ds9.uk.irc.saphyr.co.uk]
    (TMX) CLI -> ZNC [PONG :ds9.uk.irc.saphyr.co.uk]
    (TMX) ZNC -> CLI [PING :ZNC]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (TMXBot) CLI -> ZNC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (facebook) IRC -> ZNC [PING :PinglBee]
    (facebook) ZNC -> IRC [PONG :PinglBee]
    (facebook) ZNC -> CLI [PING :PinglBee]
    (TMX) ZNC -> CLI [PING :ZNC]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> CLI [PING :ZNC]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (facebook) CLI -> ZNC [ISON danielleemmavass]
    (facebook) ZNC -> IRC [ISON danielleemmavass]
    (TMX) CLI -> ZNC [ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (TMX) ZNC -> IRC [ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (facebook) IRC -> ZNC [:ds9.internal.omega.org.uk 303 TMX :]
    (facebook) ZNC -> CLI [:ds9.internal.omega.org.uk 303 TMX :]
    USR::TMX == Disconnected()
    USR::facebook == Disconnected()
    (TMX) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk 303 TMX :NickServ Drained ]
    (TMX) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk 303 TMX :NickServ Drained ]
    (wlm) IRC -> ZNC [PING :PinglBee]
    (wlm) ZNC -> IRC [PONG :PinglBee]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (facebook) IRC -> ZNC [:TMX!facebook@ds9.internal.omega.org.uk PRIVMSG TMX :®]
    (wlm) IRC -> ZNC [:root!root@ds9.internal.omega.org.uk PRIVMSG &bitlbee :Error: Charset mismatch detected. The charset setting is currently set to utf-8, so please make sure your IRC client will send and accept text in that charset, or tell BitlBee which charset to expect by changing the charset setting. See `help set charset' for more information. Your message was ignored.]
    (TMXBot) IRC -> ZNC [:TMXBot!TMXBot@saphyr-E0EC4C59 PRIVMSG TMXBot :®]
    (TMXBot) CLI -> ZNC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PING ds9.uk.irc.saphyr.co.uk]
    (TMXBot) IRC -> ZNC [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> CLI [:ds9.uk.irc.saphyr.co.uk PONG ds9.uk.irc.saphyr.co.uk :ds9.uk.irc.saphyr.co.uk]
    (TMXBot) ZNC -> IRC [PRIVMSG TMXBot :®]
    (facebook) ZNC -> IRC [PRIVMSG TMX :®]
    (wlm) ZNC -> IRC [PRIVMSG wlm :®]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :This module hit a timeout which is possibly a bug.]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Use "silent yes" to disable this message.]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Last request: ISON ds9.uk.irc.saphyr.co.uk NickServ Drained]
    (TMX) ZNC -> CLI [:*route_replies!route_replies@znc.in PRIVMSG TMX :Expected replies: ]

    Program received signal SIGSEGV, Segmentation fault.
    0xb7b1556f in CRouteRepliesMod::Timeout() ()
    from /home/znc/znc/lib/znc/route_replies.so

     
  • TMX

    TMX - 2010-08-18

    (gdb) bt full
    #0 0xb7b1556f in CRouteRepliesMod::Timeout() ()
    from /home/znc/znc/lib/znc/route_replies.so
    No symbol table info available.
    #1 0xb7b12860 in CRouteTimeout::RunJob() ()
    from /home/znc/znc/lib/znc/route_replies.so
    No symbol table info available.
    #2 0x08072bce in CCron::run(long&) ()
    No symbol table info available.
    #3 0x08095d08 in TSocketManager<CZNCSock>::Cron() ()
    No symbol table info available.
    #4 0x08098238 in TSocketManager<CZNCSock>::Loop() ()
    No symbol table info available.
    #5 0x0808a617 in CZNC::Loop() ()
    No symbol table info available.
    #6 0x080672e4 in main ()
    No symbol table info available.

     
  • Psychon

    Psychon - 2010-08-18
    • assigned_to: prozacx --> psychon
    • status: pending --> closed
     
  • Psychon

    Psychon - 2010-08-18

    Thanks for that verbose info, it was really helpful and I managed to track this down.
    As a work-around, you can enable silent timeouts on all users. This NULL pointer dereference happens while trying to generate the timeout message.

    Fixed in r2102 (and r2103 fixes that one again).

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks