213819 – crash probably related to DHT, in dht::UnpackBucketEntry

Bug 213819 - crash probably related to DHT, in dht::UnpackBucketEntry

Summary: crash probably related to DHT, in dht::UnpackBucketEntry

Status:	RESOLVED FIXED

Alias:	None

Product:	ktorrent
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Joris Guisson

URL:
Keywords:

Duplicates (4):	214096 214103 214925 215525 (view as bug list)
Depends on:
Blocks:

Reported:	2009-11-09 09:16 UTC by Jonathan Marten
Modified:	2009-11-21 12:11 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Jonathan Marten 2009-11-09 09:16:14 UTC

Version:            (using Devel)
Compiler:          gcc version 4.2.4 (Gentoo 4.2.4 p1.0)
 
OS:                Linux
Installed from:    Compiled sources

This has happened twice, on the same torrent - downloading works correctly for a long time (several hours) and then crashes without any other indications.  Looking at the code it seems to be trying to process something related to IPv6, but the system does not have any IPv6 interfaces configured.  The only relevant message on stderr is:

terminate called after throwing an instance of 'bt::Error'

Even if this is bad information received from a peer, the application should not really crash in this case.

Comment 1 Joris Guisson 2009-11-09 19:44:54 UTC

Version ? Backtrace ?

Comment 2 Jonathan Marten 2009-11-09 20:36:10 UTC

Oops, forgot to include the backtrace!  SVN r1046635.

Application: KTorrent (ktorrent), signal: Aborted
[Current thread is 0 (LWP 5444)]

Thread 6 (Thread 0xb3ac8b90 (LWP 5452)):
#0  0xb80e0424 in __kernel_vsyscall ()
#1  0xb71308a5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb71c9648 in QMutexPrivate::wait (this=0x9a60a70, timeout=-1) at thread/qmutex_unix.cpp:84
#3  0xb71c3bdd in QMutex::lock (this=0x9a5f0e4) at thread/qmutex.cpp:205
#4  0xb7fce7f9 in QMutexLocker::relock (this=0xb3ac8258) at /ws/trunk/inst/include/QtCore/qmutex.h:120
#5  0xb8043c8d in dht::RPCServerThread::handlePacket (this=0x9a5f0d8) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/rpcserver.cpp:62
#6  0xb8043f87 in dht::RPCServerThread::run (this=0x9a5f0d8) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/rpcserver.cpp:109
#7  0xb71ca0ff in QThreadPrivate::start (arg=0x9a5f0d8) at thread/qthread_unix.cpp:244
#8  0xb712c16b in start_thread () from /lib/libpthread.so.0
#9  0xb651287e in clone () from /lib/libc.so.6

Thread 5 (Thread 0xaf167b90 (LWP 5463)):
#0  0xb80e0424 in __kernel_vsyscall ()
#1  0xb71308a5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb71cab44 in QWaitCondition::wait (this=0xa016338, mutex=0xa016334, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  0xb779c37f in QHostInfoAgent::run (this=0xa016328) at kernel/qhostinfo.cpp:252
#4  0xb71ca0ff in QThreadPrivate::start (arg=0xa016328) at thread/qthread_unix.cpp:244
#5  0xb712c16b in start_thread () from /lib/libpthread.so.0
#6  0xb651287e in clone () from /lib/libc.so.6

Thread 4 (Thread 0xae966b90 (LWP 5464)):
#0  0xb80e0424 in __kernel_vsyscall ()
#1  0xb7130bd2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb71c9910 in thread_sleep (ti=0xae966284) at thread/qthread_unix.cpp:394
#3  0xb71c9a3f in QThread::msleep (msecs=<value optimized out>) at thread/qthread_unix.cpp:420
#4  0xb7fd0252 in net::DownloadThread::update (this=0x9a3c618) at /ws/trunk/extragear/network/ktorrent/libbtcore/net/downloadthread.cpp:110
#5  0xb7fd1858 in net::NetworkThread::run (this=0x9a3c618) at /ws/trunk/extragear/network/ktorrent/libbtcore/net/networkthread.cpp:48
#6  0xb71ca0ff in QThreadPrivate::start (arg=0x9a3c618) at thread/qthread_unix.cpp:244
#7  0xb712c16b in start_thread () from /lib/libpthread.so.0
#8  0xb651287e in clone () from /lib/libc.so.6

Thread 3 (Thread 0xae165b90 (LWP 5465)):
#0  0xb80e0424 in __kernel_vsyscall ()
#1  0xb71308a5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb71cab44 in QWaitCondition::wait (this=0x9a3c9b0, mutex=0x9a3c9b4, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  0xb7fcf626 in net::UploadThread::update (this=0x9a3c978) at /ws/trunk/extragear/network/ktorrent/libbtcore/net/uploadthread.cpp:73
#4  0xb7fd1858 in net::NetworkThread::run (this=0x9a3c978) at /ws/trunk/extragear/network/ktorrent/libbtcore/net/networkthread.cpp:48
#5  0xb71ca0ff in QThreadPrivate::start (arg=0x9a3c978) at thread/qthread_unix.cpp:244
#6  0xb712c16b in start_thread () from /lib/libpthread.so.0
#7  0xb651287e in clone () from /lib/libc.so.6

Thread 2 (Thread 0xad964b90 (LWP 5466)):
#0  0xb80e0424 in __kernel_vsyscall ()
#1  0xb71308a5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb71cab44 in QWaitCondition::wait (this=0xa071cac, mutex=0xa071ca8, time=4294967295) at thread/qwaitcondition_unix.cpp:87
#3  0xb7fd58bb in net::ReverseResolverThread::run (this=0xa071ca0) at /ws/trunk/extragear/network/ktorrent/libbtcore/net/reverseresolver.cpp:120
#4  0xb71ca0ff in QThreadPrivate::start (arg=0xa071ca0) at thread/qthread_unix.cpp:244
#5  0xb712c16b in start_thread () from /lib/libpthread.so.0
#6  0xb651287e in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb563e920 (LWP 5444)):
[KCrash Handler]
#6  0xb80e0424 in __kernel_vsyscall ()
#7  0xb6474125 in raise () from /lib/libc.so.6
#8  0xb6475931 in abort () from /lib/libc.so.6
#9  0xb666e7a0 in __gnu_cxx::__verbose_terminate_handler () from /usr/lib/gcc/i686-pc-linux-gnu/4.2.4/libstdc++.so.6
#10 0xb666c0a5 in ?? () from /usr/lib/gcc/i686-pc-linux-gnu/4.2.4/libstdc++.so.6
#11 0xb666c0e2 in std::terminate () from /usr/lib/gcc/i686-pc-linux-gnu/4.2.4/libstdc++.so.6
#12 0xb666c20a in __cxa_throw () from /usr/lib/gcc/i686-pc-linux-gnu/4.2.4/libstdc++.so.6
#13 0xb803fcae in dht::UnpackBucketEntry (ba=@0xe656f44, off=0, ip_version=6) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/pack.cpp:81
#14 0xb8033128 in dht::NodeLookup::callFinished (this=0xa6376d0, rsp=0xe65f910) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/nodelookup.cpp:66
#15 0xb804892c in dht::Task::onResponse (this=0xa6376d0, c=0xe6bca00, rsp=0xe65f910) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/task.cpp:68
#16 0xb8048064 in dht::RPCCallListener::qt_metacall (this=0xa6376d0, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0xbfa6dd1c)
    at /ws/BUILD.keelhaul/extragear-trunk-BUILD/network/ktorrent/libbtcore/rpccall.moc:75
#17 0xb8048d12 in dht::Task::qt_metacall (this=0xa6376d0, _c=QMetaObject::InvokeMetaMethod, _id=4, _a=0xbfa6dd1c) at /ws/BUILD.keelhaul/extragear-trunk-BUILD/network/ktorrent/libbtcore/task.moc:73
#18 0xb72fa3f0 in QMetaObject::metacall (object=0xa6376d0, cl=QMetaObject::InvokeMetaMethod, idx=4, argv=0xbfa6dd1c) at kernel/qmetaobject.cpp:237
#19 0xb730b90b in QMetaObject::activate (sender=0xe6bca00, m=0xb80b6334, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3395
#20 0xb8047fbd in dht::RPCCall::onCallResponse (this=0xe6bca00, _t1=0xe6bca00, _t2=0xe65f910) at /ws/BUILD.keelhaul/extragear-trunk-BUILD/network/ktorrent/libbtcore/rpccall.moc:155
#21 0xb8047feb in dht::RPCCall::response (this=0xe6bca00, rsp=0xe65f910) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/rpccall.cpp:62
#22 0xb80408e9 in dht::RPCServer::handlePackets (this=0x9a5f540) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/rpcserver.cpp:229
#23 0xb802f5ab in dht::DHT::update (this=0x9a616b0) at /ws/trunk/extragear/network/ktorrent/libbtcore/dht/dht.cpp:334
#24 0xb802f3d7 in dht::DHT::qt_metacall (this=0x9a616b0, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0xbfa6de68) at /ws/BUILD.keelhaul/extragear-trunk-BUILD/network/ktorrent/libbtcore/dht.moc:76
#25 0xb72fa3f0 in QMetaObject::metacall (object=0x9a616b0, cl=QMetaObject::InvokeMetaMethod, idx=6, argv=0xbfa6de68) at kernel/qmetaobject.cpp:237
#26 0xb730b90b in QMetaObject::activate (sender=0x9a616ec, m=0xb73ce664, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3395
#27 0xb7369815 in QTimer::timeout (this=0x9a616ec) at .moc/debug-shared/moc_qtimer.cpp:134
#28 0xb73152c0 in QTimer::timerEvent (this=0x9a616ec, e=0xbfa6e3b8) at kernel/qtimer.cpp:271
#29 0xb7307b1c in QObject::event (this=0x9a616ec, e=0xbfa6e3b8) at kernel/qobject.cpp:1210
#30 0xb67ffe4d in QApplicationPrivate::notify_helper (this=0x9a656c0, receiver=0x9a616ec, e=0xbfa6e3b8) at kernel/qapplication.cpp:4251
#31 0xb6802432 in QApplication::notify (this=0xbfa6e628, receiver=0x9a616ec, e=0xbfa6e3b8) at kernel/qapplication.cpp:4216
#32 0xb7a13917 in KApplication::notify (this=0xbfa6e628, receiver=0x9a616ec, event=0xbfa6e3b8) at /ws/trunk/kdelibs/kdeui/kernel/kapplication.cpp:302
#33 0xb72f32bd in QCoreApplication::notifyInternal (this=0xbfa6e628, receiver=0x9a616ec, event=0xbfa6e3b8) at kernel/qcoreapplication.cpp:704
#34 0xb73280a3 in QTimerInfoList::activateTimers (this=0x9a65f50) at kernel/qcoreapplication.h:215
#35 0xb732940c in QEventDispatcherUNIX::processEvents (this=0x9a5b628, flags=@0xbfa6e528) at kernel/qeventdispatcher_unix.cpp:924
#36 0xb68c3271 in QEventDispatcherX11::processEvents (this=0x9a5b628, flags=@0xbfa6e55c) at kernel/qeventdispatcher_x11.cpp:152
#37 0xb72f23a1 in QEventLoop::processEvents (this=0xbfa6e5c0, flags=@0xbfa6e598) at kernel/qeventloop.cpp:149
#38 0xb72f261d in QEventLoop::exec (this=0xbfa6e5c0, flags=@0xbfa6e5c8) at kernel/qeventloop.cpp:197
#39 0xb72f511a in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#40 0xb67fd044 in QApplication::exec () at kernel/qapplication.cpp:3590
#41 0x0806887f in main (argc=5, argv=0xbfa6e9d4) at /ws/trunk/extragear/network/ktorrent/ktorrent/main.cpp:172

Comment 3 Joris Guisson 2009-11-09 21:30:06 UTC

SVN commit 1046842 by guisson:

Make sure exceptions in DHT code are caught, fixes a crash 

BUG: 213819


 M  +3 -0      ChangeLog  
 M  +22 -8     libbtcore/dht/announcetask.cpp  
 M  +17 -9     libbtcore/dht/dht.cpp  
 M  +22 -8     libbtcore/dht/nodelookup.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1046842

Comment 4 Joris Guisson 2009-11-09 21:34:55 UTC

It seems a peer was sending bad data, this resulted in an exception being thrown which wasn't caught. So the solution is simple, catch the exceptions and ignore the bad data.

Comment 5 Marcin Gryszkalis 2009-11-11 13:03:22 UTC

*** Bug 214096 has been marked as a duplicate of this bug. ***

Comment 6 Joris Guisson 2009-11-15 13:37:36 UTC

*** Bug 214103 has been marked as a duplicate of this bug. ***

Comment 7 Dario Andres 2009-11-17 14:38:29 UTC

*** Bug 214925 has been marked as a duplicate of this bug. ***

Comment 8 Joris Guisson 2009-11-21 12:11:03 UTC

*** Bug 215525 has been marked as a duplicate of this bug. ***