View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003164 | GNUnet | set service | public | 2013-12-08 00:00 | 2013-12-24 20:54 |
| Reporter | Christian Grothoff | Assigned To | Christian Grothoff | ||
| Priority | immediate | Severity | crash | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | Git master | ||||
| Target Version | 0.10.0 | Fixed in Version | 0.10.0 | ||
| Summary | 0003164: set union crashes with use-after-fee | ||||
| Description | ==26578== Invalid write of size 8 ==26578== at 0x10ADD7: _GSS_operation_destroy (gnunet-service-set.c:322) ==26578== by 0x11228C: send_done_and_destroy (gnunet-service-set_union.c:990) ==26578== by 0x112950: finish_and_destroy (gnunet-service-set_union.c:1070) ==26578== by 0x113040: handle_p2p_done (gnunet-service-set_union.c:1183) ==26578== by 0x1136A2: union_handle_p2p_message (gnunet-service-set_union.c:1322) ==26578== by 0x10F439: dispatch_p2p_message (gnunet-service-set.c:1290) ==26578== by 0x52BFFB5: process_incoming_data (mesh_api.c:871) ==26578== by 0x52C0678: msg_received (mesh_api.c:1045) ==26578== by 0x4E47619: receive_task (client.c:589) ==26578== by 0x4E85F10: run_ready (scheduler.c:595) ==26578== by 0x4E86862: GNUNET_SCHEDULER_run (scheduler.c:817) ==26578== by 0x4E9565F: GNUNET_SERVICE_run (service.c:1478) ==26578== Address 0x6c5e9b8 is 8 bytes inside a block of size 64 free'd ==26578== at 0x4C2A74C: free (vg_replace_malloc.c:468) ==26578== by 0x4E4A558: GNUNET_xfree_ (common_allocation.c:236) ==26578== by 0x10F339: channel_end_cb (gnunet-service-set.c:1254) ==26578== by 0x52BE29A: destroy_channel (mesh_api.c:470) ==26578== by 0x52C2CB7: GNUNET_MESH_channel_destroy (mesh_api.c:1444) ==26578== by 0x10ADD2: _GSS_operation_destroy (gnunet-service-set.c:321) ==26578== by 0x11228C: send_done_and_destroy (gnunet-service-set_union.c:990) ==26578== by 0x112950: finish_and_destroy (gnunet-service-set_union.c:1070) ==26578== by 0x113040: handle_p2p_done (gnunet-service-set_union.c:1183) ==26578== by 0x1136A2: union_handle_p2p_message (gnunet-service-set_union.c:1322) ==26578== by 0x10F439: dispatch_p2p_message (gnunet-service-set.c:1290) ==26578== by 0x52BFFB5: process_incoming_data (mesh_api.c:871) ==26578== | ||||
| Steps To Reproduce | grothoff@spec:~/svn/gnunet/src/dv$ ../testbed/gnunet-testbed-profiler -c test_transport_dv_data.conf -p 10 -e 100 | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-12-08 00:00 | Christian Grothoff | New Issue | |
| 2013-12-08 00:00 | Christian Grothoff | Status | new => assigned |
| 2013-12-08 00:00 | Christian Grothoff | Assigned To | => Florian Dold |
| 2013-12-08 21:40 | Christian Grothoff | Note Added: 0007781 | |
| 2013-12-08 21:40 | Christian Grothoff | Status | assigned => resolved |
| 2013-12-08 21:40 | Christian Grothoff | Fixed in Version | => 0.10.0 |
| 2013-12-08 21:40 | Christian Grothoff | Resolution | open => fixed |
| 2013-12-08 21:40 | Christian Grothoff | Assigned To | Florian Dold => Christian Grothoff |
| 2013-12-24 20:54 | Christian Grothoff | Status | resolved => closed |
