search

jeroennijhof / openufp

Open URL Filtering Proxy is an URL Filtering Server for N2H2 or Websense compatible devices.
GNU General Public License v3.0
5 stars 4 forks source link

segfault when using openufp caching #5

Closed liveaverage closed 5 years ago

liveaverage commented 9 years ago

Sorry, I feel like we're pushing this app to new limits ;-)

We're getting segfault errors when using caching -- doesn't appear right way, but after running for a while we do see it:

Apr 20 12:19:17 somehost kernel: [2693620.635442] openufp[28038]: segfault at 8 ip 00007f9ed5a1cf28 sp 00007fffb56d4060 error 4 in libdb-5.1.so[7f9ed59dd000+16c000]

Here's some valgrind debug output:

==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4E6E004: bam_stkrel (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ED3B: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4E71F28: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4E71048: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72365: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4E71067: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72365: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4E71048: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: __bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4E71067: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4F00329: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4F0035C: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4F003DA: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CD2A: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CD33: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CE18: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CE2A: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CEAE: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Conditional jump or move depends on uninitialised value(s) ==990== at 0x4C2CEB4: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4C2CEC8: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== Use of uninitialised value of size 8 ==990== at 0x4C2CECE: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== ==990== Process terminating with default action of signal 11 (SIGSEGV) ==990== Bad permissions for mapped region at address 0x4F66CDC ==990== at 0x4C2CECE: memcpy@GLIBC_2.2.5 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==990== by 0x4F00401: db_pitem_nolog (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E70CD5: bam_pinsert (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E72422: bam_split (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4E5ECAC: ??? (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF6418: dbc_iput (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4EF401F: db_put (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x4F05D8A: __db_put_pp (in /usr/lib/x86_64-linux-gnu/libdb-5.1.so) ==990== by 0x401FC5: add_cache (in /usr/sbin/openufp) ==990== by 0x4019B3: main (in /usr/sbin/openufp) ==990== ==990== HEAP SUMMARY: ==990== in use at exit: 244,683 bytes in 45 blocks ==990== total heap usage: 177 allocs, 132 frees, 594,100 bytes allocated ==990== ==990== LEAK SUMMARY: ==990== definitely lost: 8,488 bytes in 3 blocks ==990== indirectly lost: 0 bytes in 0 blocks ==990== possibly lost: 220,972 bytes in 14 blocks ==990== still reachable: 15,223 bytes in 28 blocks ==990== suppressed: 0 bytes in 0 blocks ==990== Rerun with --leak-check=full to see details of leaked memory ==990== ==990== For counts of detected and suppressed errors, rerun with: -v ==990== Use --track-origins=yes to see where uninitialised values come from ==990== ERROR SUMMARY: 17 errors from 17 contexts (suppressed: 2 from 2)

liveaverage commented 9 years ago

Here's another, much longer valgrind trace, with leak-check=full and track-origins=yes -- it's worth nothing that the valgrind output is the same, regardless of whether I see segfaults logged or not:

http://pastebin.com/U7KKdFX1

I'll try to get this resolved, but I've simply disabled caching for the time being. Thanks!

jeroennijhof commented 9 years ago

Could you run openufp in debug mode and submit the logs? I think it's the hash which is causing troubles.

liveaverage commented 9 years ago

Sorry for the delay, Jeroen. Here's debug output with the caching set to the default:

http://pastebin.com/1CyhsYhg

I hope to get some time to get this fixed some time this weekend! Thanks for the help, and a great project.

jeroennijhof commented 5 years ago

Fixed in version 1.1