search

ryzom / ryzomcore

Ryzom Core is the open-source project related to the Ryzom game. This community repository is synchronized with the Ryzom Forge repository, based on the Core branch.
https://wiki.ryzom.dev
GNU Affero General Public License v3.0
333 stars 90 forks source link

Client segfaults when connecting to certain websites #333

Closed ryzom-pipeline closed 5 years ago

ryzom-pipeline commented 5 years ago

Original report by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

I believe this is related to #312, or at least the code around the fix efa3ac83949d.

Rebuilding against libssl1.0-dev resolves the first issue and I am able to play Ryzom. You can even get to the Create Account screen, but clicking on the "terms of use" link crashes with in openDocWithExtension (but the page does open in the browser):

#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x00007ffff4a004f9 in __add_to_environ (name=name@entry=0x7ffff4ed66be "LD_LIBRARY_PATH", value=value@entry=0x0, combined=combined@entry=0x0, replace=replace@entry=1)
    at setenv.c:131
#2  0x00007ffff4a0061a in __setenv (name=name@entry=0x7ffff4ed66be "LD_LIBRARY_PATH", value=value@entry=0x0, replace=replace@entry=1) at setenv.c:259
#3  0x00007ffff4e0ec95 in NLMISC::openDocWithExtension (document="http://app.ryzom.com/app_forum/index.php?page=topic/view/21885/1&post148782=en#1", ext="htm")
    at ./code/nel/src/misc/common.cpp:1728
#4  0x00007ffff4e0ed76 in NLMISC::openURL (url="http://app.ryzom.com/app_forum/index.php?page=topic/view/21885/1&post148782=en#1") at ./code/nel/src/misc/common.cpp:1738
#5  0x000055555595c440 in CAHOpenURL::execute (this=<optimized out>, sParams=...) at ./code/ryzom/client/src/login.cpp:1980
#6  0x00007ffff79bd93c in NLGUI::CAHManager::runActionHandler (this=0x5555562b6260, pAH=0x5555561ab498 <CAHOpenURLFactoryInstance>, pCaller=pCaller@entry=0x55555950e610, 
    Params="cfg_ConditionsTermsURL") at ./code/nel/src/gui/action_handler.cpp:289
#7  0x00007ffff79d2335 in NLGUI::CCtrlBaseButton::runLeftClickAction (this=this@entry=0x55555950e610) at ./code/nel/src/gui/ctrl_base_button.cpp:983
#8  0x00007ffff79d2975 in NLGUI::CCtrlBaseButton::handleEvent (this=0x55555950e610, event=...) at ./code/nel/src/gui/ctrl_base_button.cpp:713
#9  0x00007ffff7b5e26d in NLGUI::CWidgetManager::handleMouseEvent (this=0x555558b94500, evnt=...) at ./code/nel/src/gui/widget_manager.cpp:2321
#10 0x00007ffff7b60256 in NLGUI::CWidgetManager::handleEvent (this=<optimized out>, evnt=...) at ./code/nel/src/gui/widget_manager.cpp:2123
#11 0x0000555555c4529a in CInterfaceManager::handleEvent (this=<optimized out>, event=...) at ./code/ryzom/client/src/interface_v3/interface_manager.cpp:2055
#12 0x00007ffff7a949ec in NLGUI::CInputHandler::handleMouseButtonUpEvent (this=this@entry=0x555558bbb2f0, evnt=...) at ./code/nel/src/gui/input_handler.cpp:154
#13 0x0000555555c1de78 in CInputHandlerManager::operator() (this=0x555558bbb210, event=...) at ./code/ryzom/client/src/interface_v3/input_handler_manager.cpp:309
#14 0x00007ffff4e3d375 in NLMISC::CEventServer::pumpEvent (this=<optimized out>, event=0x55555937c9e0) at ./code/nel/src/misc/event_server.cpp:111
#15 0x00007ffff4e3d4c6 in NLMISC::CEventServer::pump (this=0x55555871d368, allWindows=allWindows@entry=true) at ./code/nel/src/misc/event_server.cpp:85
#16 0x0000555555c1e2ac in CInputHandlerManager::pumpEvents (this=0x555558bbb210) at ./code/ryzom/client/src/interface_v3/input_handler_manager.cpp:453
#17 0x0000555555951e09 in loginMainLoop () at ./code/ryzom/client/src/login.cpp:419
#18 0x0000555555953d01 in login () at ./code/ryzom/client/src/login.cpp:1014
#19 0x00005555557b75f5 in main (argc=<optimized out>, argv=<optimized out>) at ./code/ryzom/client/src/client.cpp:328

Thank you and let me know if there's anything I can do to help test, this is 100% reproducible on two of my machines.

edit: the 1.1 build requires the libcurl4 package, so this is not relevant

It does build successfully with libssl-dev (i.e. openssl 1.1), see attached build log & version info. After data patching and after the loading screen completes but before it shows the character selection, the client crashes with this stacktrace in X509_STORE_add_cert. Actually, it's even easier to trigger a crash, just click Create Account, see also gdb.txt:

#0  __GI___pthread_rwlock_wrlock (rwlock=0x6d6f) at pthread_rwlock_wrlock.c:100
#1  0x00007ffff3617ee9 in CRYPTO_THREAD_write_lock (lock=<optimized out>) at ../crypto/threads_pthread.c:66
#2  0x00007ffff36265de in X509_STORE_add_cert (ctx=ctx@entry=0x7fffdc00eb80, x=0x555558ce8db0) at ../crypto/x509/x509_lu.c:307
#3  0x00007ffff79ef3dd in NLGUI::sslCtxFunction (curl=<optimized out>, sslctx=<optimized out>, parm=<optimized out>) at ./code/nel/src/gui/curl_certificates.cpp:279
#4  0x00007ffff6297761 in ossl_connect_step1 (sockindex=0, conn=0x7fffdc00df70) at vtls/openssl.c:2126
#5  ossl_connect_common (conn=conn@entry=0x7fffdc00df70, sockindex=0, nonblocking=nonblocking@entry=true, done=done@entry=0x7fffe2af23d7) at vtls/openssl.c:3006
#6  0x00007ffff6298b0d in Curl_ossl_connect_nonblocking (conn=conn@entry=0x7fffdc00df70, sockindex=<optimized out>, done=done@entry=0x7fffe2af23d7) at vtls/openssl.c:3094
#7  0x00007ffff6299412 in Curl_ssl_connect_nonblocking (conn=conn@entry=0x7fffdc00df70, sockindex=sockindex@entry=0, done=0x7fffe2af23d7) at vtls/vtls.c:246
#8  0x00007ffff624a5d2 in https_connecting (conn=0x7fffdc00df70, done=<optimized out>) at http.c:1400
#9  0x00007ffff625d487 in Curl_protocol_connect (conn=0x7fffdc00df70, protocol_done=protocol_done@entry=0x7fffe2af23d7) at url.c:3957
#10 0x00007ffff6272796 in multi_runsingle (multi=multi@entry=0x7fffdc0105a0, now=..., data=data@entry=0x7fffdc000de0) at multi.c:1594
#11 0x00007ffff62736c1 in curl_multi_perform (multi=multi@entry=0x7fffdc0105a0, running_handles=running_handles@entry=0x7fffe2af2568) at multi.c:2149
#12 0x00007ffff6269680 in easy_transfer (multi=0x7fffdc0105a0) at easy.c:700
#13 easy_perform (events=false, data=0x7fffdc000de0) at easy.c:787
#14 curl_easy_perform (data=0x7fffdc000de0) at easy.c:806
#15 0x000055555591b2ff in CCurlHttpClient::sendRequest (this=this@entry=0x5555561a95a0 <CurlHttpClient>, methodWB="GET", 
    url="https://secure.ryzom.com/signup/from_client.php?language=en", cookieName="", cookieValue="", postParams="", verbose=true)
    at ./code/ryzom/client/src/http_client_curl.cpp:119
#16 0x000055555591ba10 in CCurlHttpClient::sendGet (this=this@entry=0x5555561a95a0 <CurlHttpClient>, url="https://secure.ryzom.com/signup/from_client.php", 
    params="language=en", verbose=true) at ./code/ryzom/client/src/http_client_curl.cpp:146
#17 0x000055555594f5f2 in initCreateAccount () at ./code/ryzom/client/src/login.cpp:2406
#18 0x00005555558f7f3d in CLoginStateMachine::run (this=0x5555561ab5c0 <LoginSM>) at ./code/ryzom/client/src/far_tp.cpp:394
#19 0x00007ffff4dfbb27 in NLMISC::TCoTaskData::run (this=0x5555562e6d50) at ./code/nel/src/misc/co_task.cpp:539
#20 0x00007ffff4e731e0 in NLMISC::ProxyFunc (arg=0x555559400590) at ./code/nel/src/misc/p_thread.cpp:95
#21 0x00007ffff0ad7494 in start_thread (arg=0x7fffe2af3700) at pthread_create.c:333
#22 0x00007ffff4ab3acf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
ryzom-pipeline commented 5 years ago

Original comment by Meelis Mägi (Bitbucket: [Meelis Mägi](https://bitbucket.org/Meelis Mägi), ).

The openURL is fixed, thanks.

OpenSSL 1.1 issue does not happen for me on clean ubuntu 18.04 and self compiled client (libssl-dev 1.1.0g, libcurl4-openssl-dev 7.58.0). There is libssl1.0.0 (1.0.2n) installed too, but client is linked to libssl.so.1.1 (as is curl)

ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

Thanks, I'll re-test with the latest commit and get back to you (and remember to include my .buildinfo this time).

ryzom-pipeline commented 5 years ago

Original comment by Cédric Ochs (Bitbucket: [Cédric OCHS](https://bitbucket.org/Cédric OCHS), ).

Well done @nimetu for the fix about openDocWithExtension, indeed I the LD_LIBRARY_PATH environment variable wasn't defined to it returned NULL.

About SSL problem, I didn't try but perhaps OpenSSL calls were made in different threads, someone had the same issue :

https://github.com/openssl/openssl/issues/1553

ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

@kervala here's the output of thread apply all bt full to see if it's multi-threaded

ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

trim duplicate stacktrace, reference attachments

ryzom-pipeline commented 5 years ago

Original comment by Meelis Mägi (Bitbucket: [Meelis Mägi](https://bitbucket.org/Meelis Mägi), ).

Quick check into debian9/i386 shows libcurl.so is linked against libssl1.0.2 while libssl-dev gives 1.1.0

You need to use libssl1.0-dev package

Using libssl-dev, final linking gives this warning

[100%] Linking CXX executable ../../../bin/ryzom_client_dev
/usr/bin/ld: warning: libssl.so.1.0.2, needed by /usr/lib/gcc/i686-linux-gnu/6/../../../i386-linux-gnu/libcurl.so, may conflict with libssl.so.1.1
/usr/bin/ld: warning: libcrypto.so.1.0.2, needed by /usr/lib/gcc/i686-linux-gnu/6/../../../i386-linux-gnu/libcurl.so, may conflict with libcrypto.so.1.1
[100%] Built target ryzom_client
ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

@nimetu firstly, I can confirm your openURL patch works for me, thanks

And secondly thanks for the diagnosis (my build log didn't show the warnings), I see now that using 1.1 requires the libcurl4 package, which is available in bionic, but not stretch, so that's why it works on Ubuntu.

ryzom-pipeline commented 5 years ago

Original comment by emorrp1 (Bitbucket: emorrp1, GitHub: emorrp1).

confirmed fixed by 552f8d4