crash in dht when performing an attended transfer
Issue generated from Tuleap's migration script. Originally submitted by: Eloi Bail (eloi)
I encountered a crash when performing an unattended transfer:
(gdb) bt full
#0 0x00007ffff428f267 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:55
resultvar = 0
pid = 19604
selftid = 19604
#1 0x00007ffff4290eca in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x40, sa_sigaction = 0x40}, sa_mask = {__val = {140737488339616, 140737302038112, 1, 140737301933400, 140737290036494, 140737488339520, 537, 91,
140737299224216, 512, 140737299633913, 140737302038112, 140737299637147, 140737488339552, 140737488339616, 91}}, sa_flags = -188718000, sa_restorer = 0x7fffffffc280}
sigs = {__val = {32, 0 }}
#2 0x00007ffff42d2c53 in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff43eb1a8 "*** Error in `%s': %s: 0x%s ***\
") at ../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fffffffc4f0, reg_save_area = 0x7fffffffc480}}
fd = 25
on_2 =
list =
nlist =
cp =
written =
#3 0x00007ffff42dc8a3 in malloc_printerr (ptr=, str=0x7ffff43e72dd "corrupted double-linked list", action=1) at malloc.c:4965
buf = "00000000013bdf60"
cp =
#4 _int_malloc (av=av@entry=0x7ffff461ec00 _arena>, bytes=bytes@entry=160) at malloc.c:3694
p =
iters =
nb =
idx =
bin =
victim =
size = 24432
victim_index =
remainder =
remainder_size = 24256
block =
bit =
map =
fwd =
bck =
errstr = 0x0
__func__ = "_int_malloc"
#5 0x00007ffff42df0b5 in __libc_calloc (n=, elem_size=) at malloc.c:3213
av = 0x7ffff461ec00
oldtop = 0x2cf0500
p =
bytes = 160
sz = 160
csz =
oldtopsize = 133888
mem =
clearsize =
nclears =
d =
hook =
__func__ = "__libc_calloc"
#6 0x00007ffff373ff6c in ?? () from /usr/lib/x86_64-linux-gnu/libtasn1.so.6
---Type to continue, or q to quit---
No symbol table info available.
#7 0x00007ffff37401ed in asn1_create_element () from /usr/lib/x86_64-linux-gnu/libtasn1.so.6
No symbol table info available.
#8 0x00007ffff62f59e0 in gnutls_x509_crt_init () from /usr/lib/x86_64-linux-gnu/libgnutls-deb0.so.28
No symbol table info available.
#9 0x00007ffff62fa12b in gnutls_x509_crt_list_import () from /usr/lib/x86_64-linux-gnu/libgnutls-deb0.so.28
No symbol table info available.
#10 0x00007ffff62fa467 in gnutls_x509_crt_list_import2 () from /usr/lib/x86_64-linux-gnu/libgnutls-deb0.so.28
No symbol table info available.
#11 0x00000000007d2c39 in dht::crypto::Certificate::unpack(unsigned char const*, unsigned long) ()
No symbol table info available.
#12 0x00000000007d4222 in dht::crypto::Certificate::Certificate(std::vector<unsigned char, std::allocator > const&) ()
No symbol table info available.
#13 0x00000000007e683b in std::_Function_handler_ptrdht::Value const&, std::shared_ptrdht::Value&, dht::InfoHash, sockaddr const*, unsigned int), dht::{lambda(dht::InfoHash, std::shared_ptrdht::Value const&, std::shared_ptrdht::Value&, dht::InfoHash, sockaddr const*, unsigned int)#2}>::_M_invoke ()
No symbol table info available.
#14 0x00000000007bf81f in dht::Dht::processMessage(unsigned char const*, unsigned long, sockaddr const*, unsigned int) ()
No symbol table info available.
#15 0x00000000007c2467 in dht::Dht::periodic(unsigned char const*, unsigned long, sockaddr const*, unsigned int) ()
No symbol table info available.
#16 0x00000000007e16aa in dht::DhtRunner::loop_() ()
No symbol table info available.
#17 0x00000000004dd4e3 in dht::DhtRunner::loop (this=0x1381288) at /home/eloi/DEV/SFL/ring/ring-daemon/contrib/x86_64-linux-gnu/include/opendht/dhtrunner.h:373
lck = {_M_device = @0x1381298}
#18 0x00000000004c97bd in ring::RingAccount::handleEvents (this=0x13806a0) at ringaccount.cpp:556
lock = {_M_device = @0x0}
now = {__d = {__r = 0}}
c = <error reading variable c (Cannot access memory at address 0x10)>
#19 0x00000000004ca9e1 in ring::RingAccount::::operator()(void) const (__closure=0x7fffbc001290) at ringaccount.cpp:768
this = 0x13806a0
#20 0x00000000004d2816 in std::_Function_handler_():: >::_M_invoke(const std::_Any_data &) (__functor=...) at /usr/include/c++/4.9/functional:2039
No locals.
#21 0x000000000043e66c in std::function<void ()>::operator()() const (this=0x7fffbc0011f8) at /usr/include/c++/4.9/functional:2439
No locals.
#22 0x0000000000559310 in ring::Manager::pollEvents (this=0x11747c0 ring::Manager::instance()::instance\_) at manager.cpp:1410
iter = {first = 20448928, second = {_unary_or_binary_function> = {}, std::\_Function\_base = {static _M_max_size = 16, static _M_max_align = 8, _M_functor = {
_M_unused = {_M_object = , _M_const_object = , _M_function_pointer = ,
_M_member_pointer = (void (std::_Undefined_class::*)(std::_Undefined_class * const)) 0x7fffbc001290, this adjustment 7065173089232508416},
_M_pod_data = "\220\022\000\274\377\177\000\000\000VZ\344}\211\fb"},
_M_manager = _Function_base::_Base_manager_():: >::_M_manager(std::_Any_data &, const std::_Any_data &, std::_Manager_operation)>},
_M_invoker = _Function_handler_():: >::_M_invoke(const std::_Any_data &)>}}
#23 0x000000000048f3d1 in DRing::pollEvents () at ring_api.cpp:77
No locals.
#24 0x0000000000449c62 in std::_Function_handler::_M_invoke(std::_Any_data const&) (__functor=...) at /usr/include/c++/4.9/functional:2039
No locals.
#25 0x000000000043e66c in std::function<void ()>::operator()() const (this=0x1310768) at /usr/include/c++/4.9/functional:2439
No locals.
#26 0x000000000043d6f4 in EventCallback::call (this=0x1310760) at dbusclient.cpp:59
No locals.
#27 0x00007ffff7bbf265 in DBus::DefaultMainLoop::dispatch() () from /usr/lib/x86_64-linux-gnu/libdbus-c++-1.so.0
No symbol table info available.
#28 0x00007ffff7bbfef3 in DBus::BusDispatcher::enter() () from /usr/lib/x86_64-linux-gnu/libdbus-c++-1.so.0
No symbol table info available.
---Type to continue, or q to quit---
#29 0x0000000000439dd6 in DBusClient::event_loop (this=0x1310590) at dbusclient.cpp:230
No locals.
#30 0x000000000043591e in run () at main.cpp:139
No locals.
#31 0x0000000000435b63 in main (argc=3, argv=0x7fffffffdce8) at main.cpp:200
programName = "/home/eloi/DEV/SFL/ring/ring-daemon/bin/dring"
writable = std::vector of length 46, capacity 46 = {47 '/', 104 'h', 111 'o', 109 'm', 101 'e', 47 '/', 101 'e', 108 'l', 111 'o', 105 'i', 47 '/', 68 'D', 69 'E', 86 'V', 47 '/', 83 'S', 70 'F', 76 'L',
47 '/', 114 'r', 105 'i', 110 'n', 103 'g', 47 '/', 114 'r', 105 'i', 110 'n', 103 'g', 45 '-', 100 'd', 97 'a', 101 'e', 109 'm', 111 'o', 110 'n', 47 '/', 98 'b', 105 'i', 110 'n', 0 '\000', 100 'd',
114 'r', 105 'i', 110 'n', 103 'g', 0 '\000'}
persistent = false
(gdb)