View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002355GNUnettransport servicepublic2012-05-15 09:452012-06-02 19:15
ReporterMatthias Wachs Assigned ToMatthias Wachs  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.9.3Fixed in Version0.9.3 
Summary0002355: Segfault in transmit_send_continuation
Description==10286== Memcheck, a memory error detector
==10286== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==10286== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==10286== Command: gnunet-service-transport -c /home/mwachs/gnunet/gnunet-debug/src/transport/test_transport_api_udp_peer1.conf
==10286==
==10289== Memcheck, a memory error detector
==10289== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==10289== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==10289== Command: gnunet-service-transport -c /home/mwachs/gnunet/gnunet-debug/src/transport/test_transport_api_udp_peer2.conf
==10289==
==10286==
==10286== HEAP SUMMARY:
==10286== in use at exit: 6,162 bytes in 88 blocks
==10286== total heap usage: 18,979 allocs, 18,891 frees, 1,614,656 bytes allocated
==10286==
==10286== LEAK SUMMARY:
==10286== definitely lost: 0 bytes in 0 blocks
==10286== indirectly lost: 0 bytes in 0 blocks
==10286== possibly lost: 0 bytes in 0 blocks
==10286== still reachable: 6,162 bytes in 88 blocks
==10286== suppressed: 0 bytes in 0 blocks
==10286== Reachable blocks (those to which a pointer was found) are not shown.
==10286== To see them, rerun with: --leak-check=full --show-reachable=yes
==10286==
==10286== For counts of detected and suppressed errors, rerun with: -v
==10286== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 4)
==10289== Invalid read of size 8
==10289== at 0x40C088: transmit_send_continuation (gnunet-service-transport_neighbours.c:1057)
==10289== by 0x7089E83: disconnect_and_free_it (plugin_transport_udp.c:702)
==10289== by 0x566F8B9: GNUNET_CONTAINER_multihashmap_get_multiple (container_multihashmap.c:485)
==10289== by 0x708A25A: udp_disconnect (plugin_transport_udp.c:742)
==10289== by 0x40B89F: free_neighbour (gnunet-service-transport_neighbours.c:834)
==10289== by 0x412AAC: disconnect_all_neighbours (gnunet-service-transport_neighbours.c:2984)
==10289== by 0x566F202: GNUNET_CONTAINER_multihashmap_iterate (container_multihashmap.c:213)
==10289== by 0x412ADC: GST_neighbours_stop (gnunet-service-transport_neighbours.c:2997)
==10289== by 0x4043FF: shutdown_task (gnunet-service-transport.c:533)
==10289== by 0x568EFA4: run_ready (scheduler.c:602)
==10289== by 0x568F7AD: GNUNET_SCHEDULER_run (scheduler.c:790)
==10289== by 0x569DFD7: GNUNET_SERVICE_run (service.c:1773)
==10289== Address 0x10 is not stack'd, malloc'd or (recently) free'd
==10289==
==10289==
==10289== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==10289== Access not within mapped region at address 0x10
==10289== at 0x40C088: transmit_send_continuation (gnunet-service-transport_neighbours.c:1057)
==10289== by 0x7089E83: disconnect_and_free_it (plugin_transport_udp.c:702)
==10289== by 0x566F8B9: GNUNET_CONTAINER_multihashmap_get_multiple (container_multihashmap.c:485)
==10289== by 0x708A25A: udp_disconnect (plugin_transport_udp.c:742)
==10289== by 0x40B89F: free_neighbour (gnunet-service-transport_neighbours.c:834)
==10289== by 0x412AAC: disconnect_all_neighbours (gnunet-service-transport_neighbours.c:2984)
==10289== by 0x566F202: GNUNET_CONTAINER_multihashmap_iterate (container_multihashmap.c:213)
==10289== by 0x412ADC: GST_neighbours_stop (gnunet-service-transport_neighbours.c:2997)
==10289== by 0x4043FF: shutdown_task (gnunet-service-transport.c:533)
==10289== by 0x568EFA4: run_ready (scheduler.c:602)
==10289== by 0x568F7AD: GNUNET_SCHEDULER_run (scheduler.c:790)
==10289== by 0x569DFD7: GNUNET_SERVICE_run (service.c:1773)
==10289== If you believe this happened as a result of a stack
==10289== overflow in your program's main thread (unlikely but
==10289== possible), you can try to increase the size of the
==10289== main thread stack using the --main-stacksize= flag.
==10289== The main thread stack size used in this run was 16777216.
==10289==
==10289== HEAP SUMMARY:
==10289== in use at exit: 52,902 bytes in 1,407 blocks
==10289== total heap usage: 3,034 allocs, 1,627 frees, 329,055 bytes allocated
==10289==
==10289== LEAK SUMMARY:
==10289== definitely lost: 0 bytes in 0 blocks
==10289== indirectly lost: 0 bytes in 0 blocks
==10289== possibly lost: 0 bytes in 0 blocks
==10289== still reachable: 52,902 bytes in 1,407 blocks
==10289== suppressed: 0 bytes in 0 blocks
==10289== Reachable blocks (those to which a pointer was found) are not shown.
==10289== To see them, rerun with: --leak-check=full --show-reachable=yes
==10289==
==10289== For counts of detected and suppressed errors, rerun with: -v
==10289== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
PASS: test_transport_api_udp
TagsNo tags attached.

Activities

Matthias Wachs

2012-05-15 10:11

reporter   ~0005895

Order before:
- remove neighbour from hashmap
- call client_disconenct
- plugin_disconnect -> transmit_send_continuation -> lookup_neighbour -> CRASH!

transmit_send_continuation need neighbour

changed to:
disconnect_notify_cb
papi->disconnect
n->state = S_DISCONNECT_FINISHED
GNUNET_CONTAINER_multihashmap_remove

Issue History

Date Modified Username Field Change
2012-05-15 09:45 Matthias Wachs New Issue
2012-05-15 09:45 Matthias Wachs Status new => assigned
2012-05-15 09:45 Matthias Wachs Assigned To => Matthias Wachs
2012-05-15 10:11 Matthias Wachs Note Added: 0005895
2012-05-15 10:11 Matthias Wachs Status assigned => resolved
2012-05-15 10:11 Matthias Wachs Resolution open => fixed
2012-05-15 14:58 Christian Grothoff Fixed in Version => 0.9.3
2012-05-15 14:58 Christian Grothoff Target Version => 0.9.3
2012-06-02 19:15 Christian Grothoff Status resolved => closed