View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003462 | GNUnet | HTTP transport | public | 2014-06-30 20:47 | 2018-06-07 00:25 |
| Reporter | amatus | Assigned To | Matthias Wachs | ||
| Priority | normal | Severity | crash | Reproducibility | sometimes |
| Status | closed | Resolution | fixed | ||
| Product Version | Git master | ||||
| Target Version | 0.11.0pre66 | Fixed in Version | 0.11.0pre66 | ||
| Summary | 0003462: server_send_callback is called for a session that was freed by server_delete_session | ||||
| Description | I'm running a peer with http(s)_{client,server} transport plugins enabled, after a while the transport service segfaults in the http_server plugin library. I was able to reproduce it under valgrind: ==27676== Invalid read of size 4 ==27676== at 0x4D2C3A6: server_send_callback (plugin_transport_http_server.c:1533) ==27676== by 0x4BBBAB6: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFE3A: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BC00F1: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFC93: MHD_run (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4D2B3F9: server_v4_run (plugin_transport_http_server.c:899) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) ==27676== Address 0x4f210b4 is 52 bytes inside a block of size 116 free'd ==27676== at 0x4029D28: free (vg_replace_malloc.c:468) ==27676== by 0x4089916: GNUNET_xfree_ (common_allocation.c:239) ==27676== by 0x4D2B7D4: server_delete_session (plugin_transport_http_server.c:619) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) ==27676== ==27676== Invalid read of size 4 ==27676== at 0x4D2C3B1: server_send_callback (plugin_transport_http_server.c:1536) ==27676== by 0x4BBBAB6: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFE3A: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BC00F1: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFC93: MHD_run (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4D2B3F9: server_v4_run (plugin_transport_http_server.c:899) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) ==27676== Address 0x4f210a4 is 36 bytes inside a block of size 116 free'd ==27676== at 0x4029D28: free (vg_replace_malloc.c:468) ==27676== by 0x4089916: GNUNET_xfree_ (common_allocation.c:239) ==27676== by 0x4D2B7D4: server_delete_session (plugin_transport_http_server.c:619) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) ==27676== ==27676== Invalid read of size 4 ==27676== at 0x4D2C3BC: server_send_callback (plugin_transport_http_server.c:1540) ==27676== by 0x4BBBAB6: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFE3A: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BC00F1: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFC93: MHD_run (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4D2B3F9: server_v4_run (plugin_transport_http_server.c:899) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) ==27676== Address 0xdf0adc6 is not stack'd, malloc'd or (recently) free'd ==27676== ==27676== ==27676== Process terminating with default action of signal 11 (SIGSEGV) ==27676== Access not within mapped region at address 0xDF0ADC6 ==27676== at 0x4D2C3BC: server_send_callback (plugin_transport_http_server.c:1540) ==27676== by 0x4BBBAB6: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFE3A: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BC00F1: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4BBFC93: MHD_run (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.22.0) ==27676== by 0x4D2B3F9: server_v4_run (plugin_transport_http_server.c:899) ==27676== by 0x40B8C94: GNUNET_SCHEDULER_run (scheduler.c:595) ==27676== by 0x40C2C0A: GNUNET_SERVICE_run (service.c:1498) ==27676== by 0x804A908: main (gnunet-service-transport.c:1181) | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-06-30 20:47 | amatus | New Issue | |
| 2014-06-30 20:47 | amatus | Status | new => assigned |
| 2014-06-30 20:47 | amatus | Assigned To | => Matthias Wachs |
| 2014-06-30 20:49 | amatus | Note Added: 0008488 | |
| 2014-07-03 15:29 | Matthias Wachs | Note Added: 0008501 | |
| 2014-07-03 15:29 | Matthias Wachs | Status | assigned => resolved |
| 2014-07-03 15:29 | Matthias Wachs | Resolution | open => fixed |
| 2014-09-30 10:32 | Christian Grothoff | Fixed in Version | => 0.11.0pre66 |
| 2014-09-30 10:32 | Christian Grothoff | Target Version | => 0.11.0pre66 |
| 2018-06-07 00:25 | Christian Grothoff | Status | resolved => closed |
