View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004908 | GNUnet | cadet service | public | 2017-02-21 16:51 | 2018-06-07 00:24 |
| Reporter | Christian Grothoff | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | crash | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | i7 | OS | Debian GNU/Linux | OS Version | squeeze |
| Product Version | Git master | ||||
| Target Version | 0.11.0pre66 | Fixed in Version | 0.11.0pre66 | ||
| Summary | 0004908: new cadet API not good at tolerating destroy during transmission success CB | ||||
| Description | From conversation test: ==18201== Invalid write of size 4 ==18201== at 0x4856288: cadet_mq_send_now (cadet_api_new.c:486) ==18201== by 0x48FF300: run_ready (scheduler.c:620) ==18201== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) ==18201== by 0x49219C4: GNUNET_SERVICE_ruN_ (service_new.c:1844) ==18201== by 0x11055C: main (gnunet-service-conversation.c:1321) ==18201== Address 0x5816984 is 52 bytes inside a block of size 76 free'd ==18201== at 0x482E438: free (vg_replace_malloc.c:530) ==18201== by 0x48939E5: GNUNET_xfree_ (common_allocation.c:330) ==18201== by 0x4855B96: destroy_channel (cadet_api_new.c:352) ==18201== by 0x4859565: GNUNET_CADET_channel_destroy (cadet_api_new.c:1277) ==18201== by 0x10A9F0: destroy_line_cadet_channels (gnunet-service-conversation.c:318) ==18201== by 0x10AC2C: mq_done_finish_caller_shutdown (gnunet-service-conversation.c:345) ==18201== by 0x48E32AE: GNUNET_MQ_impl_send_in_flight (mq.c:491) ==18201== by 0x485625C: cadet_mq_send_now (cadet_api_new.c:485) ==18201== by 0x48FF300: run_ready (scheduler.c:620) ==18201== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) ==18201== by 0x49219C4: GNUNET_SERVICE_ruN_ (service_new.c:1844) ==18201== by 0x11055C: main (gnunet-service-conversation.c:1321) ==18201== Block was alloc'd at ==18201== at 0x482D27C: malloc (vg_replace_malloc.c:299) ==18201== by 0x489365D: GNUNET_xmalloc_unchecked_ (common_allocation.c:227) ==18201== by 0x4892F6E: GNUNET_xmalloc_ (common_allocation.c:75) ==18201== by 0x4855579: create_channel (cadet_api_new.c:292) ==18201== by 0x4856C9F: handle_channel_created (cadet_api_new.c:656) ==18201== by 0x48E172D: GNUNET_MQ_inject_message (mq.c:265) ==18201== by 0x488F800: recv_message (client.c:301) ==18201== by 0x48E078F: GNUNET_MST_from_buffer (mst.c:232) ==18201== by 0x48E1320: GNUNET_MST_read (mst.c:359) ==18201== by 0x489027F: receive_ready (client.c:383) ==18201== by 0x48FF300: run_ready (scheduler.c:620) ==18201== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) == | ||||
| Additional Information | Real question is if we should consider this a bug in conversation, or in cadet API ;-) | ||||
| Tags | No tags attached. | ||||
|
|
Bug is tricky, now mutated to: ==21969== Invalid write of size 4 ==21969== at 0x4855EDF: cadet_mq_send_continue (cadet_api_new.c:454) ==21969== by 0x48E30B7: GNUNET_MQ_impl_send_continue (mq.c:459) ==21969== by 0x488F76C: transmit_ready (client.c:281) ==21969== by 0x48FF300: run_ready (scheduler.c:620) ==21969== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) ==21969== by 0x49219C4: GNUNET_SERVICE_ruN_ (service_new.c:1844) ==21969== by 0x11055C: main (gnunet-service-conversation.c:1321) ==21969== Address 0x5813808 is 48 bytes inside a block of size 76 free'd ==21969== at 0x482E438: free (vg_replace_malloc.c:530) ==21969== by 0x48939E5: GNUNET_xfree_ (common_allocation.c:330) ==21969== by 0x4855B96: destroy_channel (cadet_api_new.c:352) ==21969== by 0x4859565: GNUNET_CADET_channel_destroy (cadet_api_new.c:1277) ==21969== by 0x10A9F0: destroy_line_cadet_channels (gnunet-service-conversation.c:318) ==21969== by 0x10AC2C: mq_done_finish_caller_shutdown (gnunet-service-conversation.c:345) ==21969== by 0x48E32AE: GNUNET_MQ_impl_send_in_flight (mq.c:491) ==21969== by 0x4856301: cadet_mq_send_now (cadet_api_new.c:491) ==21969== by 0x48FF300: run_ready (scheduler.c:620) ==21969== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) ==21969== by 0x49219C4: GNUNET_SERVICE_ruN_ (service_new.c:1844) ==21969== by 0x11055C: main (gnunet-service-conversation.c:1321) ==21969== Block was alloc'd at ==21969== at 0x482D27C: malloc (vg_replace_malloc.c:299) ==21969== by 0x489365D: GNUNET_xmalloc_unchecked_ (common_allocation.c:227) ==21969== by 0x4892F6E: GNUNET_xmalloc_ (common_allocation.c:75) ==21969== by 0x4855579: create_channel (cadet_api_new.c:292) ==21969== by 0x4856C9F: handle_channel_created (cadet_api_new.c:656) ==21969== by 0x48E172D: GNUNET_MQ_inject_message (mq.c:265) ==21969== by 0x488F800: recv_message (client.c:301) ==21969== by 0x48E078F: GNUNET_MST_from_buffer (mst.c:232) ==21969== by 0x48E1320: GNUNET_MST_read (mst.c:359) ==21969== by 0x489027F: receive_ready (client.c:383) ==21969== by 0x48FF300: run_ready (scheduler.c:620) ==21969== by 0x48FFDFE: GNUNET_SCHEDULER_run (scheduler.c:887) ==21969== |
|
|
Seems fixed in 3767578..89e6063 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2017-02-21 16:51 | Christian Grothoff | New Issue | |
| 2017-02-21 16:51 | Christian Grothoff | Status | new => assigned |
| 2017-02-21 16:51 | Christian Grothoff | Assigned To | => Christian Grothoff |
| 2017-02-21 17:37 | Christian Grothoff | Note Added: 0011802 | |
| 2017-02-21 17:46 | Christian Grothoff | Note Added: 0011803 | |
| 2017-02-21 17:46 | Christian Grothoff | Status | assigned => resolved |
| 2017-02-21 17:46 | Christian Grothoff | Resolution | open => fixed |
| 2017-02-21 17:46 | Christian Grothoff | Fixed in Version | => 0.11.0pre66 |
| 2018-06-07 00:24 | Christian Grothoff | Status | resolved => closed |
