Bug 224599 - net-p2p/monero-cli: Segmentation fault with any operation
Summary: net-p2p/monero-cli: Segmentation fault with any operation
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Only Me
Assignee: Vasil Dimov
Depends on:
Reported: 2017-12-26 15:43 UTC by Thierry Thomas
Modified: 2018-03-26 17:19 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Thomas freebsd_committer 2017-12-26 15:43:22 UTC
Trying to run monerod, with any arg, ends with a segfault:

$ gdb801 /usr/local/bin/monerod
GNU gdb (GDB) 8.0.1 [GDB v8.0.1 for FreeBSD]
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd11.0".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
Find the GDB manual and other documentation resources online at:
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/bin/monerod...(no debugging symbols found)...done.
(gdb) r --help
Starting program: /usr/local/bin/monerod --help
Monero 'Helium Hydra' (v0.11.1.0-release)

Usage: /usr/local/bin/monerod [options|settings] [daemon_command...]

  --help                                Produce help message
  --version                             Output version information
  --os-version                          OS for which this executable was 
  --config-file arg (=/home/thierry/.bitmonero/bitmonero.conf)
                                        Specify configuration file
  --test-dbg-lock-sleep arg (=0)        Sleep time in ms, defaults to 0 (off), 
                                        used to debug before/after locking 
                                        mutex. Values 100 to 1000 are good for 
  --detach                              Run as daemon
  --pidfile arg                         File path to write the daemon's PID to 
                                        (optional, requires --detach)
  --non-interactive                     Run non-interactive

  --log-file arg (=/home/thierry/.bitmonero/bitmonero.log)
                                        Specify log file
  --log-level arg
  --max-concurrency arg (=0)            Max number of threads to use for a 
                                        parallel job
  --data-dir arg (=/home/thierry/.bitmonero)
                                        Specify data directory
  --testnet-data-dir arg (=/home/thierry/.bitmonero/testnet)
                                        Specify testnet data directory
  --test-drop-download                  For net tests: in download, discard ALL
                                        blocks instead checking/saving them 
                                        (very fast)
  --test-drop-download-height arg (=0)  Like test-drop-download but disards 
                                        only after around certain height
  --testnet                             Run on testnet. The wallet must be 
                                        launched with --testnet flag.
  --enforce-dns-checkpointing           checkpoints from DNS server will be 
  --db-type arg (=lmdb)                 Specify database type, available: lmdb
  --prep-blocks-threads arg (=4)        Max number of threads to use when 
                                        preparing block hashes in groups.
  --fast-block-sync arg (=1)            Sync up most of the way by using 
                                        embedded, known block hashes.
  --db-sync-mode arg (=fast:async:1000) Specify sync option, using format 
  --db-salvage                          Try to salvage a blockchain database if
                                        it seems corrupted
  --show-time-stats arg (=0)            Show time-stats when processing 
                                        blocks/txs and disk synchronization.
  --block-sync-size arg (=0)            How many blocks to sync at once during 
                                        chain synchronization (0 = adaptive).
  --check-updates arg (=notify)         Check for new versions of monero: 
  --fluffy-blocks                       Relay blocks as fluffy blocks where 
                                        possible (automatic on testnet)
  --testnet-p2p-bind-port arg (=28080)  Port for testnet p2p network protocol
  --p2p-bind-port arg (=18080)          Port for p2p network protocol
  --extra-messages-file arg             Specify file for extra messages to 
                                        include into coinbase transactions
  --start-mining arg                    Specify wallet address to mining for
  --mining-threads arg                  Specify mining threads count
  --bg-mining-enable                    enable/disable background mining
  --bg-mining-ignore-battery            if true, assumes plugged in when unable
                                        to query system power status
  --bg-mining-min-idle-interval arg     Specify min lookback interval in 
                                        seconds for determining idle state
  --bg-mining-idle-threshold arg        Specify minimum avg idle percentage 
                                        over lookback interval
  --bg-mining-miner-target arg          Specificy maximum percentage cpu use by
  --p2p-bind-ip arg (=          Interface for p2p network protocol
  --p2p-external-port arg (=0)          External port for p2p network protocol 
                                        (if port forwarding used with NAT)
  --allow-local-ip                      Allow local ip add to peer list, mostly
                                        in debug purposes
  --add-peer arg                        Manually add peer to local peerlist
  --add-priority-node arg               Specify list of peers to connect to and
                                        attempt to keep the connection open
  --add-exclusive-node arg              Specify list of peers to connect to 
                                        only. If this option is given the 
                                        options add-priority-node and seed-node
                                        are ignored
  --seed-node arg                       Connect to a node to retrieve peer 
                                        addresses, and disconnect
  --hide-my-port                        Do not announce yourself as peerlist 
  --no-igd                              Disable UPnP port mapping
  --offline                             Do not listen for peers, nor connect to
  --out-peers arg (=-1)                 set max number of out peers
  --tos-flag arg (=-1)                  set TOS flag
  --limit-rate-up arg (=-1)             set limit-rate-up [kB/s]
  --limit-rate-down arg (=-1)           set limit-rate-down [kB/s]
  --limit-rate arg (=-1)                set limit-rate [kB/s]
  --save-graph                          Save data for dr monero
  --rpc-bind-port arg (=18081)          Port for RPC server
  --testnet-rpc-bind-port arg (=28081)  Port for testnet RPC server
  --restricted-rpc                      Restrict RPC to view only commands
  --rpc-bind-ip arg (=        Specify ip to bind rpc server
  --rpc-login arg                       Specify username[:password] required 
                                        for RPC server
  --confirm-external-bind               Confirm rpc-bind-ip value is NOT a 
                                        loopback (local) IP

Program received signal SIGSEGV, Segmentation fault.
0x000000080407dd59 in __je_tcache_dalloc_small (tsd=<optimized out>, tcache=0x805c0d000, ptr=0x805c36400, binind=<optimized out>, slow_path=false)
    at /usr/src/contrib/jemalloc/include/jemalloc/internal/tcache.h:415
415             if (unlikely(tbin->ncached == tbin_info->ncached_max)) {
(gdb) bt
#0  0x000000080407dd59 in __je_tcache_dalloc_small (tsd=<optimized out>, tcache=0x805c0d000, ptr=0x805c36400, binind=<optimized out>, slow_path=false)
    at /usr/src/contrib/jemalloc/include/jemalloc/internal/tcache.h:415
#1  __je_arena_dalloc (tsdn=<optimized out>, ptr=<optimized out>, tcache=<optimized out>, slow_path=false)
    at /usr/src/contrib/jemalloc/include/jemalloc/internal/arena.h:1438
#2  __je_idalloctm (is_metadata=false, slow_path=false, tsdn=<optimized out>, ptr=<optimized out>, tcache=<optimized out>)
    at /usr/src/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h:1067
#3  __je_iqalloc (tsd=<optimized out>, ptr=<optimized out>, tcache=<optimized out>, slow_path=<optimized out>)
    at /usr/src/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h:1084
#4  ifree (tsd=0x0, ptr=<optimized out>, tcache=<optimized out>, slow_path=<optimized out>) at jemalloc_jemalloc.c:1815
#5  0x000000080407e311 in __free (ptr=0x805c36400) at jemalloc_jemalloc.c:1935
#6  0x00000000007c7aaa in ?? ()
#7  0x00000000007e3135 in ?? ()
#8  0x00000000007e31ee in ?? ()
#9  0x00000000007e585f in ?? ()
#10 0x00000000007e350e in ?? ()
#11 0x00000000007d9f3a in ?? ()
#12 0x00000000007da0be in ?? ()
#13 0x00000000007e1b51 in ?? ()
#14 0x00000008040f6611 in __cxa_finalize (dso=0x0) at /usr/src/lib/libc/stdlib/atexit.c:235
#15 0x0000000804085be1 in exit (status=0) at /usr/src/lib/libc/stdlib/exit.c:72
#16 0x0000000000425046 in ?? ()
#17 0x0000000800ba3000 in ?? ()
#18 0x0000000000000000 in ?? ()

Note: same thing with monero-wallet-cli.

Sorry, no symbol available: this port is unbuildable if WITH_DEBUG is set.
Comment 1 Vasil Dimov freebsd_committer 2017-12-27 17:41:28 UTC

This is due to a double free bug in boost:


The crash occurs during program exit and only if this is enabled (set to "true") in malloc.conf(3):

       "opt.junk" (const char *) r- [--enable-fill]
           Junk filling. If set to "alloc", each byte of uninitialized
           allocated memory will be initialized to 0xa5. If set to "free", all
           deallocated memory will be initialized to 0x5a. If set to "true",
           both allocated and deallocated memory will be initialized, and if
           set to "false", junk filling be disabled entirely. This is intended
           for debugging and will impact performance negatively. This option
           is "false" by default unless --enable-debug is specified during
           configuration, in which case it is "true" by default unless running
           inside Valgrind[2].

So, for now, a workaround is to disable opt.junk in malloc.conf(3), or to ignore the crash at exit or to patch boost.
Comment 2 Thierry Thomas freebsd_committer 2017-12-28 09:12:11 UTC
(In reply to Vasil Dimov from comment #1)
Thanks Vasil!
What about noting this in pkg-message?
Comment 3 Vasil Dimov freebsd_committer 2018-01-05 19:00:46 UTC
I was hoping to get this resolved quickly, but the fix for boost got stuck. I added a note in pkg-message in r458162.

I am leaving this bug with status "open" until the issue gets resolved.
Comment 4 Mark Linimon freebsd_committer freebsd_triage 2018-02-24 00:08:14 UTC
Maintainership was reset.
Comment 5 Vasil Dimov freebsd_committer 2018-02-25 11:23:13 UTC
Hey, my maintainership was not reset. I guess it was a mistake to de-assign this from me. Reassigning it back.
Comment 6 Vasil Dimov freebsd_committer 2018-03-26 17:19:08 UTC
Closing this bug report as the issue seems to have been fixed in the recent versions of the software involved: boost 1.66 and monero