View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0003701GNUnettransport servicepublic2015-03-06 03:452018-06-07 00:25
Reporteramatus Assigned ToChristian Grothoff  
PrioritynormalSeveritycrashReproducibilityhave not tried
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.11.0pre66Fixed in Version0.11.0pre66 
Summary0003701: NPE in GST_ats_expire_address
DescriptionMy peer at rev 35341 hit a null pointer exception trying to call GNUNET_ATS_address_destroy(NULL). No useful log messages.
Additional InformationProgram terminated with signal SIGSEGV, Segmentation fault.
#0 0xb76fd3f5 in GNUNET_ATS_address_destroy (ar=0x0)
    at ats_api_scheduling.c:796
796 ats_api_scheduling.c: No such file or directory.
(gdb) bt
#0 0xb76fd3f5 in GNUNET_ATS_address_destroy (ar=0x0)
    at ats_api_scheduling.c:796
#1 0x0804e0af in GST_ats_expire_address (address=0x8824810)
    at gnunet-service-transport_ats.c:711
#2 0x0805f7a3 in cleanup_validation_entry (cls=0x0, key=0x8824810,
    value=0x8824770) at gnunet-service-transport_validation.c:431
#3 0x0805f92c in timeout_hello_validation (cls=0x8824770, tc=0xbffe7c94)
    at gnunet-service-transport_validation.c:496
#4 0xb76b3403 in run_ready (rs=0x87e1c00, ws=0x87e1c88) at scheduler.c:587
#5 0xb76b3c91 in GNUNET_SCHEDULER_run (task=0xb76be81f <service_task>,
    task_cls=0xbffe7ec0) at scheduler.c:867
#6 0xb76c03bd in GNUNET_SERVICE_run (argc=7, argv=0xbffe80a4,
    service_name=0x8064968 "transport", options=GNUNET_SERVICE_OPTION_NONE,
    task=0x804c4f9 <run>, task_cls=0x0) at service.c:1503
#7 0x0804cad0 in main (argc=7, argv=0xbffe80a4)
    at gnunet-service-transport.c:929
(gdb) f 1
#1 0x0804e0af in GST_ats_expire_address (address=0x8824810)
    at gnunet-service-transport_ats.c:711
711 gnunet-service-transport_ats.c: No such file or directory.
(gdb) p *address
$1 = {peer = {public_key = {
      q_y = "14\371+\237!\245\245^\255_\244\341\301\005s\002#c\274\326\325\254U\350\241t\333f\251\224\264"}}, transport_name = 0x882484c "tcp",
  address = 0x8824840, address_length = 12,
  local_info = GNUNET_HELLO_ADDRESS_INFO_NONE}
(gdb) p *ai
$2 = {address = 0x8824a38, session = 0x99a2f70, ar = 0x0, properties = {
    utilization_out = 0, utilization_in = 0,
    scope = GNUNET_ATS_NET_UNSPECIFIED, distance = 0, delay = {
      rel_value_us = 570417}}, blocked = {abs_value_us = 1425586645541776},
  back_off = {rel_value_us = 900000000}, unblock_task = 0x0, expired = 1}
(gdb) p *ai->session
$3 = {url = 0x2bf93431 <error: Cannot access memory at address 0x2bf93431>,
  address = 0xa5a5219f, plugin = 0xa45fad5e, put = {state = 1929757153,
    easyhandle = 0xbc632302, s = 0x55acd5d6}, get = {state = 3681853928,
    easyhandle = 0xb494a966, s = 0x8820d70}, msg_head = 0x9213ef0,
  msg_tail = 0x0, msg_tk = 0x8c418d8, put_disconnect_task = 0x8a85100,
  timeout_task = 0x9213f20, recv_wakeup_task = 0x88871c0, next_receive = {
    abs_value_us = 614739184472555520}, timeout = {
    abs_value_us = 1425585960666388}, bytes_in_queue = 0,
  overhead = 115778061, msgs_in_queue = 331920, scope = 474}
TagsNo tags attached.

Activities

Christian Grothoff

2015-03-07 11:36

manager   ~0008984

Yes, we just need to check for NULL. 'ar' could obviously be NULL because it might have been in blocked state (see 'if NULL != ai->unblock_task) just above.
Fixed in SVN 35343.

Issue History

Date Modified Username Field Change
2015-03-06 03:45 amatus New Issue
2015-03-06 03:45 amatus Status new => assigned
2015-03-06 03:45 amatus Assigned To => Matthias Wachs
2015-03-07 11:36 Christian Grothoff Note Added: 0008984
2015-03-07 11:36 Christian Grothoff Status assigned => resolved
2015-03-07 11:36 Christian Grothoff Fixed in Version => 0.11.0pre66
2015-03-07 11:36 Christian Grothoff Resolution open => fixed
2015-03-07 11:36 Christian Grothoff Assigned To Matthias Wachs => Christian Grothoff
2015-03-07 11:36 Christian Grothoff Target Version => 0.11.0pre66
2018-06-07 00:25 Christian Grothoff Status resolved => closed