Control: reassign -1 libcurl4 7.65.1-1
Control: affects -1 + rtorrent
Control: tags -1 + upstream fixed-upstream
Control: fixed -1 7.65.3-1
Dear Maintainer,
I just tried to find some more information from the given backtrace.
That I guess would translate to something like below [1],
if it would have been done with a debugger and debug symbols.
These stack looks in the last frames similar to these shown in [2] and [3].
And these seem to get fixed upstream in commit [4]
that is in curl-7_65_2 and above.
So in theory the libcurl4 7.65.3-1 from unstable
might not show these segfaults.
Kind regards,
Bernhard
[1]
rtorrent(+0x11e59) [0x4afe59]
| 0x00411e54 0x00411e59 in do_panic(int) at main.cc:596: int stackSize =
backtrace(stackPtrs, 20);
linux-gate.so.1(__kernel_sigreturn+0) [0xb7f92d7c]
| 0xb7fd4d7c <__kernel_sigreturn>
libcurl.so.4(+0x31640) [0xb7e69640]
| 0xb7eab640 in sh_delentry at multi.c:253: dta->sh_entry =
NULL;
libcurl.so.4(+0x328f2) [0xb7e6a8f2]
| 0xb7eac8ed 0xb7eac8f2 in Curl_multi_closed at multi.c:2397
libcurl.so.4(+0x2f7f7) [0xb7e677f7]
| 0xb7ea97f2 0xb7ea97f7 in Curl_closesocket at connect.c:1347
libcurl.so.4(+0x30612) [0xb7e68612]
| 0xb7eaa60d 0xb7eaa612 in trynextip at connect.c:606
libcurl.so.4(+0x30951) [0xb7e68951]
| 0xb7eaa94c 0xb7eaa951 in Curl_is_connected at connect.c:861
libcurl.so.4(+0x33d5c) [0xb7e6bd5c]
| 0xb7eadd57 0xb7eadd5c in multi_runsingle at multi.c:1509
libcurl.so.4(+0x35205) [0xb7e6d205]
| 0xb7eaf200 0xb7eaf205 in multi_socket at multi.c:2564
libcurl.so.4(curl_multi_socket_action+0x2f) [0xb7e6d3af]
| 0xb7eaf3aa 0xb7eaf3af in curl_multi_socket_action at multi.c:2677
rtorrent(+0xda370) [0x578370]
| 0x004da36b 0x004da370 in core::CurlStack::receive_action(core::CurlSocket*,
int) at curl_stack.cc:95
rtorrent(+0xda68c) [0x57868c]
| 0x004da687 0x004da68c in core::CurlStack::receive_timeout() at
curl_stack.cc:171
rtorrent(+0x1341b) [0x4b141b]
| 0x00413418 0x0041341b in std::function<void ()>::operator()() const at
/usr/include/c++/7/bits/std_function.h:706
libtorrent.so.20(_ZN7torrent11thread_base10event_loopEPS0_+0x229) [0xb7d8ec89]
| 0xb7dd0c83 0xb7dd0c89 in std::function<void ()>::operator()() const at
/usr/include/c++/7/bits/std_function.h:706
rtorrent(+0x10b7b) [0x4aeb7b]
| 0x00410b76 0x00410b7b in main(int, char**) at main.cc:480:
torrent::thread_base::event_loop(torrent::main_thread());
libc.so.6(__libc_start_main+0xf1) [0xb77e7b41]
| 0xb7829b3d 0xb7829b41 in __libc_start_main at ../csu/libc-start.c:308
rtorrent(+0x1173b) [0x4af73b]
| 0x00411736 0x0041173b <_start+44>
[2] https://github.com/curl/curl/issues/3995
[3] https://github.com/curl/curl/issues/4057
[4] https://github.com/curl/curl/commit/4981fae7f158152fca01bddb042231f9f8343d58
# Bullseye/testing i386 qemu VM 2019-08-14
apt update
apt dist-upgrade
apt install systemd-coredump gdb mc rtorrent rtorrent-dbgsym
libtorrent20-dbgsym libcurl4-dbgsym
apt build-dep rtorrent
mkdir /home/benutzer/source/rtorrent/orig -p
cd /home/benutzer/source/rtorrent/orig
apt source rtorrent
cd
mkdir /home/benutzer/source/libcurl4/orig -p
cd /home/benutzer/source/libcurl4/orig
apt source libcurl4
cd
gdb -q --args /usr/bin/rtorrent
set width 0
set pagination off
directory /home/benutzer/source/rtorrent/orig/rtorrent-0.9.7/src
set backtrace past-main
display/i $pc
tb main
run
generate-core-file /tmp/core1
gdb -q /usr/bin/rtorrent --core /tmp/core1
set width 0
set pagination off
directory /home/benutzer/source/rtorrent/orig/rtorrent-0.9.7/src
directory /home/benutzer/source/libcurl4/orig/curl-7.65.1/lib
set backtrace past-main
display/i $pc
b * _start+44
b * __libc_start_main+237
b * main+3654
b * _ZN7torrent11thread_base10event_loopEPS0_+0x223
b * client_perform+280
b * core::CurlStack::receive_timeout+39
b * core::CurlStack::receive_action(core::CurlSocket*, int)+91
b * curl_multi_socket_action+42
b * multi_socket+624
b * multi_runsingle+2103
b * Curl_is_connected+748
b * trynextip+189
b * Curl_closesocket+66
b * Curl_multi_closed+125
b * sh_delentry+48
b * __kernel_sigreturn+0
b * do_panic(int)+164
############
# From submitter:
rtorrent(+0x11e59) [0x4afe59]
| 0x00411e54 0x00411e59 in do_panic(int) at main.cc:596: int stackSize =
backtrace(stackPtrs, 20);
linux-gate.so.1(__kernel_sigreturn+0) [0xb7f92d7c]
| 0xb7fd4d7c <__kernel_sigreturn>
libcurl.so.4(+0x31640) [0xb7e69640]
| 0xb7eab640 in sh_delentry at multi.c:253: dta->sh_entry =
NULL;
libcurl.so.4(+0x328f2) [0xb7e6a8f2]
| 0xb7eac8ed 0xb7eac8f2 in Curl_multi_closed at multi.c:2397
libcurl.so.4(+0x2f7f7) [0xb7e677f7]
| 0xb7ea97f2 0xb7ea97f7 in Curl_closesocket at connect.c:1347
libcurl.so.4(+0x30612) [0xb7e68612]
| 0xb7eaa60d 0xb7eaa612 in trynextip at connect.c:606
libcurl.so.4(+0x30951) [0xb7e68951]
| 0xb7eaa94c 0xb7eaa951 in Curl_is_connected at connect.c:861
libcurl.so.4(+0x33d5c) [0xb7e6bd5c]
| 0xb7eadd57 0xb7eadd5c in multi_runsingle at multi.c:1509
libcurl.so.4(+0x35205) [0xb7e6d205]
| 0xb7eaf200 0xb7eaf205 in multi_socket at multi.c:2564
libcurl.so.4(curl_multi_socket_action+0x2f) [0xb7e6d3af]
| 0xb7eaf3aa 0xb7eaf3af in curl_multi_socket_action at multi.c:2677
rtorrent(+0xda370) [0x578370]
| 0x004da36b 0x004da370 in core::CurlStack::receive_action(core::CurlSocket*,
int) at curl_stack.cc:95
rtorrent(+0xda68c) [0x57868c]
| 0x004da687 0x004da68c in core::CurlStack::receive_timeout() at
curl_stack.cc:171
rtorrent(+0x1341b) [0x4b141b]
| 0x00413418 0x0041341b in std::function<void ()>::operator()() const at
/usr/include/c++/7/bits/std_function.h:706
libtorrent.so.20(_ZN7torrent11thread_base10event_loopEPS0_+0x229) [0xb7d8ec89]
| 0xb7dd0c83 0xb7dd0c89 in std::function<void ()>::operator()() const at
/usr/include/c++/7/bits/std_function.h:706
rtorrent(+0x10b7b) [0x4aeb7b]
| 0x00410b76 0x00410b7b in main(int, char**) at main.cc:480:
torrent::thread_base::event_loop(torrent::main_thread());
libc.so.6(__libc_start_main+0xf1) [0xb77e7b41]
| 0xb7829b3d 0xb7829b41 in __libc_start_main at ../csu/libc-start.c:308
rtorrent(+0x1173b) [0x4af73b]
| 0x00411736 0x0041173b <_start+44>
0x4b141b - 0x4af73b = 0x1CE0
0x4af73b + 0x1CE0 = 0x4B141B
0x0041173b + 0x1CE0 = 0x0041341B
0x57868c - 0x4af73b = 0xC8F51
0x4af73b + 0xC8F51 = 0x57868C
0x0041173b + 0xC8F51 = 0x004DA68C
0x578370 - 0x4af73b = 0xC8C35
0x4af73b + 0xC8C35 = 0x578370
0x0041173b + 0xC8C35 = 0x004DA370
0x4afe59 - 0x4af73b = 0x71E
0x4af73b + 0x71E = 0x4AFE59
0x0041173b + 0x71E = 0x00411E59
(gdb) info b
Num Type Disp Enb Address What
1 breakpoint keep y 0x00411736 <_start+44>
2 breakpoint keep y 0xb7829b3d in __libc_start_main at
../csu/libc-start.c:308
3 breakpoint keep y 0x00410b76 in main(int, char**) at main.cc:480
4 breakpoint keep y 0xb7dd0c83 in std::function<void
()>::operator()() const at /usr/include/c++/7/bits/std_function.h:706
5 breakpoint keep y 0x00413418 in std::function<void
()>::operator()() const at /usr/include/c++/7/bits/std_function.h:706
6 breakpoint keep y 0x004da687 in
core::CurlStack::receive_timeout() at curl_stack.cc:171
7 breakpoint keep y 0x004da36b in
core::CurlStack::receive_action(core::CurlSocket*, int) at curl_stack.cc:95
8 breakpoint keep y 0xb7eaf3aa in curl_multi_socket_action at
multi.c:2677
9 breakpoint keep y 0xb7eaf200 in multi_socket at multi.c:2564
10 breakpoint keep y 0xb7eadd57 in multi_runsingle at multi.c:1509
11 breakpoint keep y 0xb7eaa94c in Curl_is_connected at connect.c:861
12 breakpoint keep y 0xb7eaa60d in trynextip at connect.c:606
13 breakpoint keep y 0xb7ea97f2 in Curl_closesocket at connect.c:1347
14 breakpoint keep y 0xb7eac8ed in Curl_multi_closed at multi.c:2397
15 breakpoint keep y 0xb7eab640 in sh_delentry at multi.c:253
16 breakpoint keep y 0xb7fd4d7c <__kernel_sigreturn>
17 breakpoint keep y 0x00411e54 in do_panic(int) at main.cc:596
(gdb) disassemble sh_delentry
Dump of assembler code for function sh_delentry:
...
0xb7eab639 <+41>: call 0xb7eaade0 <Curl_llist_remove>
0xb7eab63e <+46>: mov (%esi),%edx
0xb7eab640 <+48>: movl $0x0,0x24(%ebp)
0xb7eab647 <+55>: add $0x10,%esp
0xb7eab64a <+58>: test %edx,%edx
...
End of assembler dump.
https://github.com/curl/curl/issues/3995
https://github.com/curl/curl/issues/4057
https://github.com/curl/curl/commit/4981fae7f158152fca01bddb042231f9f8343d58
