| Anonymous | Login | Signup for a new account | 2024-11-14 19:01 CET | |
| My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0000669 | aMule | External Conn | public | 2005-11-27 17:58 | 2008-02-24 01:46 | ||||
| Reporter | ced | ||||||||
| Assigned To | GonoszTopi | ||||||||
| Priority | urgent | Severity | major | Reproducibility | always | ||||
| Status | resolved | Resolution | fixed | ||||||
| Platform | Slackware 10.2 | OS | Linux | OS Version | 2.4.31 | ||||
| Product Version | SVN | ||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0000669: ECSocket bug | ||||||||
| Description | Bug when connect to external port connection with special requests. Here the code to reproduce the bug: | ||||||||
| Steps To Reproduce | /* Bug in ECSocket code - aMule-2.0.3: amuled segfault - aMule-CVS-20051127: enter infinite loop error after the socket 10sec timeout (ECSocket error: Invalid socket (uninitialized)). webserver and amulecmd segfault with when you connect to external port connection. Amuled don't crash but seriously disturbed Probably buggy on previous cvs version but not tested. */ #include <stdio.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> int main(int argc, char **argv) { struct sockaddr_in to; char buf[8]; int sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (sock < 0) { perror("socket"); return -1; } to.sin_addr.s_addr = inet_addr("192.168.0.1"); to.sin_port = htons(4712); to.sin_family = AF_INET; if (connect(sock, (const struct sockaddr *)&to, sizeof(to)) < 0) { perror("connect"); return -1; } memset(buf, 0, 8); memcpy(buf, "\x01", 1); strcat(buf, "ed2k"); send(sock, "\x20", 1, 0); send(sock, buf, strlen(buf), 0); close(sock); return 0; } | ||||||||
| Additional Information | I confirm this happen always on my system when I remote connect with the sample code. If anyone can confirm this bug. | ||||||||
| Tags | No tags attached. | ||||||||
| Fixed in Revision | |||||||||
| Operating System | |||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0001517) ced (reporter) 2005-11-27 18:00 |
/* Bug in ECSocket code - aMule-2.0.3: amuled segfault - aMule-CVS-20051127: enter infinite loop error after the socket 10sec timeout (ECSocket error: Invalid socket (uninitialized)). webserver and amulecmd segfault with when you connect to external port connection. Amuled don't crash but seriously disturbed Probably buggy on previous cvs version but not tested. */ #include <stdio.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> int main(int argc, char **argv) { struct sockaddr_in to; char buf[8]; int sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (sock < 0) { perror("socket"); return -1; } to.sin_addr.s_addr = inet_addr("192.168.0.1"); to.sin_port = htons(4712); to.sin_family = AF_INET; if (connect(sock, (const struct sockaddr *)&to, sizeof(to)) < 0) { perror("connect"); return -1; } memset(buf, 0, 8); memcpy(buf, "\x01", 1); strcat(buf, "ed2k"); send(sock, "\x20", 1, 0); send(sock, buf, strlen(buf), 0); close(sock); return 0; } |
|
(0001518) ced (reporter) 2005-11-27 19:18 |
Backtrace for amule-2.0.3 Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 7247)] 0x403e165f in memcpy () from /lib/libc.so.6 (gdb) bt #0 0x403e165f in memcpy () from /lib/libc.so.6 0000001 0x080ab094 in ECSocket::ReadBuffer (this=0x9584d60, buffer=0x4096b008, len=1278269979) at ECSocket.cpp:459 0000002 0x080ad55c in CECTag (this=0xbffff3a0, socket=@0x9584d60) at ECPacket.cpp:436 0000003 0x080ad75e in CECTag::ReadChildren (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:483 0000004 0x080ad4f0 in CECTag (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:428 0000005 0x080ad75e in CECTag::ReadChildren (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:483 0000006 0x080ad4f0 in CECTag (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:428 0000007 0x080ad75e in CECTag::ReadChildren (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:483 0000008 0x080adbb3 in CECPacket (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:728 0000009 0x080ab8f5 in ECSocket::ReadPacket (this=0x9584d60) at ECSocket.cpp:691 0000010 0x080c7f1b in ExternalConn::OnSocketEvent (this=0x9457a18, event=@0x9668a98) at ExternalConn.cpp:149 #11 0x400db5f7 in wxAppConsole::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 0000012 0x40186e70 in wxEvtHandler::ProcessEventIfMatches () from /usr/lib/libwx_base-2.6.so.0 0000013 0x401862df in wxEventHashTable::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 0000014 0x40187010 in wxEvtHandler::ProcessEvent () from /usr/lib/libwx_base-2.6.so.0 0000015 0x40186db6 in wxEvtHandler::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 0000016 0x400db579 in wxAppConsole::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 0000017 0x080645d6 in CamuleDaemonApp::OnRun (this=0x84145d8) at amuled.cpp:397 0000018 0x40120fa8 in wxEntry () from /usr/lib/libwx_base-2.6.so.0 0000019 0x08063678 in main (argc=1, argv=0xbffff7f4) at amuled.cpp:124 (gdb) bt full #0 0x403e165f in memcpy () from /lib/libc.so.6 No symbol table info available. 0000001 0x080ab094 in ECSocket::ReadBuffer (this=0x9584d60, buffer=0x4096b008, len=1278269979) at ECSocket.cpp:459 No locals. 0000002 0x080ad55c in CECTag (this=0xbffff3a0, socket=@0x9584d60) at ECPacket.cpp:436 No locals. 0000003 0x080ad75e in CECTag::ReadChildren (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:483 i = 0 tmp_tagCount = 13584 0000004 0x080ad4f0 in CECTag (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:428 No locals. 0000005 0x080ad75e in CECTag::ReadChildren (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:483 i = 0 tmp_tagCount = 47990 0000006 0x080ad4f0 in CECTag (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:428 No locals. 0000007 0x080ad75e in CECTag::ReadChildren (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:483 i = 1 tmp_tagCount = 25956 0000008 0x080adbb3 in CECPacket (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:728 No locals. 0000009 0x080ab8f5 in ECSocket::ReadPacket (this=0x9584d60) at ECSocket.cpp:691 flags = 32 p = (class CECPacket *) 0x0 0000010 0x080c7f1b in ExternalConn::OnSocketEvent (this=0x9457a18, event=@0x9668a98) at ExternalConn.cpp:149 sock = (class ECSocket *) 0x9584d60 request = (class CECPacket *) 0x0 response = (class CECPacket *) 0x0 #11 0x400db5f7 in wxAppConsole::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000012 0x40186e70 in wxEvtHandler::ProcessEventIfMatches () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000013 0x401862df in wxEventHashTable::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000014 0x40187010 in wxEvtHandler::ProcessEvent () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000015 0x40186db6 in wxEvtHandler::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000016 0x400db579 in wxAppConsole::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000017 0x080645d6 in CamuleDaemonApp::OnRun (this=0x84145d8) at amuled.cpp:397 No locals. 0000018 0x40120fa8 in wxEntry () from /usr/lib/libwx_base-2.6.so.0 No symbol table info available. 0000019 0x08063678 in main (argc=1, argv=0xbffff7f4) at amuled.cpp:124 No locals. (gdb) thread apply all bt Thread 4 (Thread 32771 (LWP 7253)): #0 0x4002f186 in nanosleep () from /lib/libpthread.so.0 0000001 0x00000000 in ?? () 0000002 0x4018b42a in wxMicroSleep () from /usr/lib/libwx_base-2.6.so.0 0000003 0x4018b465 in wxMilliSleep () from /usr/lib/libwx_base-2.6.so.0 0000004 0x4018376f in wxThread::Sleep () from /usr/lib/libwx_base-2.6.so.0 0000005 0x08171606 in CTimer::CTimerThread::Entry (this=0x841b0e0) at Timer.cpp:100 0000006 0x4018314b in wxThreadInternal::PthreadStart () from /usr/lib/libwx_base-2.6.so.0 0000007 0x4018301f in wxPthreadStart () from /usr/lib/libwx_base-2.6.so.0 0000008 0x400294eb in pthread_start_thread () from /lib/libpthread.so.0 0000009 0x4002957f in pthread_start_thread_event () from /lib/libpthread.so.0 0000010 0x4042fb0a in clone () from /lib/libc.so.6 Thread 2 (Thread 32769 (LWP 7250)): #0 0x404272da in poll () from /lib/libc.so.6 0000001 0x40028990 in __pthread_manager () from /lib/libpthread.so.0 0000002 0x40028bb7 in __pthread_manager_event () from /lib/libpthread.so.0 0000003 0x4042fb0a in clone () from /lib/libc.so.6 Thread 1 (Thread 16384 (LWP 7247)): #0 0x403e165f in memcpy () from /lib/libc.so.6 0000001 0x080ab094 in ECSocket::ReadBuffer (this=0x9584d60, buffer=0x4096b008, len=1278269979) at ECSocket.cpp:459 0000002 0x080ad55c in CECTag (this=0xbffff3a0, socket=@0x9584d60) at ECPacket.cpp:436 0000003 0x080ad75e in CECTag::ReadChildren (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:483 0000004 0x080ad4f0 in CECTag (this=0xbffff440, socket=@0x9584d60) at ECPacket.cpp:428 0000005 0x080ad75e in CECTag::ReadChildren (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:483 0000006 0x080ad4f0 in CECTag (this=0xbffff4e0, socket=@0x9584d60) at ECPacket.cpp:428 0000007 0x080ad75e in CECTag::ReadChildren (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:483 0000008 0x080adbb3 in CECPacket (this=0x95a6b30, socket=@0x9584d60) at ECPacket.cpp:728 0000009 0x080ab8f5 in ECSocket::ReadPacket (this=0x9584d60) at ECSocket.cpp:691 0000010 0x080c7f1b in ExternalConn::OnSocketEvent (this=0x9457a18, event=@0x9668a98) at ExternalConn.cpp:149 #11 0x400db5f7 in wxAppConsole::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 0000012 0x40186e70 in wxEvtHandler::ProcessEventIfMatches () from /usr/lib/libwx_base-2.6.so.0 0000013 0x401862df in wxEventHashTable::HandleEvent () from /usr/lib/libwx_base-2.6.so.0 0000014 0x40187010 in wxEvtHandler::ProcessEvent () from /usr/lib/libwx_base-2.6.so.0 0000015 0x40186db6 in wxEvtHandler::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 0000016 0x400db579 in wxAppConsole::ProcessPendingEvents () from /usr/lib/libwx_base-2.6.so.0 0000017 0x080645d6 in CamuleDaemonApp::OnRun (this=0x84145d8) at amuled.cpp:397 0000018 0x40120fa8 in wxEntry () from /usr/lib/libwx_base-2.6.so.0 0000019 0x08063678 in main (argc=1, argv=0xbffff7f4) at amuled.cpp:124 |
|
(0001538) ced (reporter) 2005-12-03 02:17 |
Bugs reproduce on amule-cvs(20051202): The requests are funny, other random data could lead to same results or crash amuled This request make unavailable communication with port 4712 (amulecmd and amuleweb segfault) http://192.168.0.1:4712/if(this->request){packet_data=schmilblick;}else{packet_data=NULL;}return; [^] Amuled debug messages: ZLib operation returned Z_DATA_ERROR ZLib error message: incorrect header check zstream state: next_in=0x993662a avail_in=506 total_in=2 next_out=0x993e630 avail_out=32768 total_out=0 CECSocket error: Invalid socket (uninitialized) CECSocket error: Invalid socket (uninitialized) CECSocket error: Invalid socket (uninitialized) This request cause amuled to consume a lot of memory and cpu time http://192.168.0.1:4712/if [^](this-> After 2 minutes depend memory capacity on the system, launch the request one more time and port 4712 is unavailable, cpu time usage increase. ---------------------------------------------- Amuled debug messages after the first request: ZLib operation returned Z_DATA_ERROR ZLib error message: incorrect header check zstream state: next_in=0x9764e32 avail_in=440 total_in=2 next_out=0x976d008 avail_out=32768 total_out=0 CECSocket error: Invalid socket (uninitialized) ----------------------------------------------- Amuled debug messages after the second request: ZLib operation returned Z_DATA_ERROR ZLib error message: incorrect header check zstream state: next_in=0x40b89de2 avail_in=440 total_in=2 next_out=0x40b91de8 avail_out=32768 total_out=0 CECSocket error: Invalid socket (uninitialized) CECSocket error: Invalid socket (uninitialized) CECSocket error: Invalid socket (uninitialized) |
|
(0001927) Xaignar (manager) 2006-03-24 13:49 |
This no longer seems to happen in 2.1.x and CVS. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2005-11-27 17:58 | ced | New Issue | |
| 2005-11-27 18:00 | ced | Note Added: 0001517 | |
| 2005-11-27 19:18 | ced | Note Added: 0001518 | |
| 2005-11-27 21:08 | GonoszTopi | Assigned To | => GonoszTopi |
| 2005-11-27 21:08 | GonoszTopi | Priority | normal => urgent |
| 2005-11-27 21:08 | GonoszTopi | Status | new => acknowledged |
| 2005-11-27 21:08 | GonoszTopi | Projection | none => minor fix |
| 2005-11-27 21:08 | GonoszTopi | ETA | none => < 1 day |
| 2005-11-27 22:57 | GonoszTopi | Status | acknowledged => resolved |
| 2005-11-27 22:57 | GonoszTopi | Resolution | open => fixed |
| 2005-12-03 02:17 | ced | Status | resolved => feedback |
| 2005-12-03 02:17 | ced | Resolution | fixed => reopened |
| 2005-12-03 02:17 | ced | Note Added: 0001538 | |
| 2005-12-04 19:32 | GonoszTopi | Status | feedback => acknowledged |
| 2005-12-04 19:32 | GonoszTopi | Projection | minor fix => none |
| 2005-12-04 19:32 | GonoszTopi | ETA | < 1 day => none |
| 2006-03-24 13:49 | Xaignar | Note Added: 0001927 | |
| 2008-02-24 01:46 | Xaignar | Status | acknowledged => resolved |
| 2008-02-24 01:46 | Xaignar | Resolution | reopened => fixed |
|
Issue History |
| Copyright © 2000 - 2024 MantisBT Team |
 |