1. geekman
  2. tinysvcmdns
Issue #2 new

segfault at mdns.c:622

Anonymous created an issue

Hi! I often get a segfault when running testmdnsd. The gdb log:

alex@pontus:~/work/mdns/tinysvcmdns$ gdb ./testmdnsd GNU gdb (GDB) 7.0.1-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /home/alex/work/mdns/tinysvcmdns/testmdnsd...done. (gdb) r Starting program: /home/alex/work/mdns/tinysvcmdns/testmdnsd [Thread debugging using libthread_db enabled] [New Thread 0x7ffff7860700 (LWP 4713)] mdnsd_start OK. press ENTER to add hostname & service

added service and hostname. press ENTER to exit

Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7860700 (LWP 4713)] mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622 622 p += txt_rec->txt[0] + 1; (gdb) bt

0 mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622

1 mdns_parse_pkt (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:680

2 0x0000000000401a25 in main_loop (svr=0x605010) at mdnsd.c:358

3 0x00007ffff7bc98ca in start_thread (arg=<value optimized out>) at pthread_create.c:300

4 0x00007ffff7930b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

5 0x0000000000000000 in ?? ()

(gdb) p txt_rec $1 = (struct rr_data_txt ) 0x616c10 (gdb) p txt_rec->txt $2 = (uint8_t ) 0x0

Comments (2)

  1. Alexander Gordeev

    Oops, now with the right formatting:

    alex@pontus:~/work/mdns/tinysvcmdns$ gdb ./testmdnsd 
    GNU gdb (GDB) 7.0.1-debian
    Copyright (C) 2009 Free Software Foundation, Inc.
    License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
    and "show warranty" for details.
    This GDB was configured as "x86_64-linux-gnu".
    For bug reporting instructions, please see:
    <http://www.gnu.org/software/gdb/bugs/>...
    Reading symbols from /home/alex/work/mdns/tinysvcmdns/testmdnsd...done.
    (gdb) r
    Starting program: /home/alex/work/mdns/tinysvcmdns/testmdnsd 
    [Thread debugging using libthread_db enabled]
    [New Thread 0x7ffff7860700 (LWP 4713)]
    mdnsd_start OK. press ENTER to add hostname & service
    
    added service and hostname. press ENTER to exit
    
    Program received signal SIGSEGV, Segmentation fault.
    [Switching to Thread 0x7ffff7860700 (LWP 4713)]
    mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622
    622                 p += txt_rec->txt[0] + 1;
    (gdb) bt
    #0  mdns_parse_rr (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:622
    #1  mdns_parse_pkt (pkt_buf=0x605190 "", pkt_len=1131) at mdns.c:680
    #2  0x0000000000401a25 in main_loop (svr=0x605010) at mdnsd.c:358
    #3  0x00007ffff7bc98ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
    #4  0x00007ffff7930b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
    #5  0x0000000000000000 in ?? ()
    (gdb) p txt_rec 
    $1 = (struct rr_data_txt *) 0x616c10
    (gdb) p txt_rec->txt
    $2 = (uint8_t *) 0x0
    

    I'm almost sure, that the bug is triggered when I resolve the service using avahi-discover.

  2. geekman repo owner

    Hi Alexander, may I ask which version of Avahi are you using that triggers this bug? Also, could you also print the value of rr_data_len? I have a suspicion it might be zero, but I'll need to be sure.

  3. Log in to comment