segfault at mdns.c:622

Anonymous avatarAnonymous created an issue

Hi! I often get a segfault when running testmdnsd. The gdb log:

alex@pontus:~/work/mdns/tinysvcmdns$ gdb ./testmdnsd GNU gdb (GDB) 7.0.1-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /home/alex/work/mdns/tinysvcmdns/testmdnsd...done. (gdb) r Starting program: /home/alex/work/mdns/tinysvcmdns/testmdnsd [Thread debugging using libthread_db enabled] [New Thread 0x7ffff7860700 (LWP 4713)] mdnsd_start OK. press ENTER to add hostname & service

added service and hostname. press ENTER to exit

Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7860700 (LWP 4713)] mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622 622 p += txt_rec->txt[0] + 1; (gdb) bt

0 mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622

1 mdns_parse_pkt (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:680

2 0x0000000000401a25 in main_loop (svr=0x605010) at mdnsd.c:358

3 0x00007ffff7bc98ca in start_thread (arg=<value optimized out>) at pthread_create.c:300

4 0x00007ffff7930b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

5 0x0000000000000000 in ?? ()

(gdb) p txt_rec $1 = (struct rr_data_txt ) 0x616c10 (gdb) p txt_rec->txt $2 = (uint8_t ) 0x0

Comments (2)

  1. Alexander Gordeev

    Oops, now with the right formatting:

    alex@pontus:~/work/mdns/tinysvcmdns$ gdb ./testmdnsd 
    GNU gdb (GDB) 7.0.1-debian
    Copyright (C) 2009 Free Software Foundation, Inc.
    License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
    and "show warranty" for details.
    This GDB was configured as "x86_64-linux-gnu".
    For bug reporting instructions, please see:
    <http://www.gnu.org/software/gdb/bugs/>...
    Reading symbols from /home/alex/work/mdns/tinysvcmdns/testmdnsd...done.
    (gdb) r
    Starting program: /home/alex/work/mdns/tinysvcmdns/testmdnsd 
    [Thread debugging using libthread_db enabled]
    [New Thread 0x7ffff7860700 (LWP 4713)]
    mdnsd_start OK. press ENTER to add hostname & service
    
    added service and hostname. press ENTER to exit
    
    Program received signal SIGSEGV, Segmentation fault.
    [Switching to Thread 0x7ffff7860700 (LWP 4713)]
    mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622
    622                 p += txt_rec->txt[0] + 1;
    (gdb) bt
    #0  mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622
    #1  mdns_parse_pkt (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:680
    #2  0x0000000000401a25 in main_loop (svr=0x605010) at mdnsd.c:358
    #3  0x00007ffff7bc98ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
    #4  0x00007ffff7930b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
    #5  0x0000000000000000 in ?? ()
    (gdb) p txt_rec 
    $1 = (struct rr_data_txt *) 0x616c10
    (gdb) p txt_rec->txt
    $2 = (uint8_t *) 0x0
    

    I'm almost sure, that the bug is triggered when I resolve the service using avahi-discover.

  2. geekman

    Hi Alexander, may I ask which version of Avahi are you using that triggers this bug? Also, could you also print the value of rr_data_len? I have a suspicion it might be zero, but I'll need to be sure.

  3. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.