silc-client-1.1.4 memory corruption
Sami Farin
safari-silc at safari.iki.fi
Fri Apr 4 17:28:38 CEST 2008
x86_64 arch, Linux 2.6.24.4, glibc-2.7.90-7 (Fedora).
Frame 3 shows items=47009695160704 but that is obviously wrong.
segfaulted at 0x00002ac14bff4171
#0 0x00002ac14bff4171 in malloc_consolidate () from /lib64/libc.so.6
#1 0x00002ac14bff6401 in _int_malloc () from /lib64/libc.so.6
#2 0x00002ac14bff804f in calloc () from /lib64/libc.so.6
#3 0x000055555563f789 in silc_calloc (items=47009695160704, size=1096) at silcmemory.c:47
#4 0x0000555555610878 in silc_client_add_client (client=0x555555a77940, conn=0x555555b361a0,
nickname=0x555555ba7f40 "e", username=0x555555b70610 "", userinfo=0x0, id=0x555555bb6ab0,
mode=0) at client_entry.c:789
#5 0x0000555555610bc6 in silc_client_get_client (client=0x555555a77940, conn=0x555555b361a0,
client_id=0x7fff52151100) at client_entry.c:1045
#6 0x0000555555618183 in silc_client_notify_join (fsm=0x555555b4b4e0,
fsm_context=0x555555b361a0, state_context=0x555555bdf350) at client_notify.c:391
#7 0x000055555564e5c6 in silc_fsm_run (schedule=<value optimized out>,
app_context=<value optimized out>, type=<value optimized out>, fd=1438058000, context=0x0)
at silcfsm.c:429
#8 0x0000555555609149 in silc_client_packet_receive (engine=<value optimized out>,
stream=<value optimized out>, packet=0x555555b171a0,
callback_context=<value optimized out>, stream_context=<value optimized out>)
at client.c:120
#9 0x000055555563553d in silc_packet_dispatch (packet=0x555555b171a0) at silcpacket.c:2006
#10 0x00005555556399cc in silc_packet_read_process (stream=0x555555b369e0)
at silcpacket.c:2317
#11 0x000055555563a374 in silc_packet_stream_io (stream=<value optimized out>,
status=<value optimized out>, context=<value optimized out>) at silcpacket.c:438
#12 0x0000555555642568 in silc_schedule_dispatch_fd (schedule=0x555555b2e820)
at silcschedule.c:61
#13 0x00005555556433d5 in silc_schedule_iterate (schedule=0x555555b2e820, timeout_usecs=0)
at silcschedule.c:455
#14 0x0000555555643512 in silc_schedule_one (schedule=0x555555b2e820, timeout_usecs=0)
at silcschedule.c:484
#15 0x00005555555c9823 in my_silc_scheduler_fd (source=<value optimized out>, condition=1096,
data=0x555555ba7f40) at silc-core.c:91
#16 0x00002ac14bab1373 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#17 0x00002ac14bab4bad in g_main_context_iterate () from /lib64/libglib-2.0.so.0
#18 0x00002ac14bab4d5c in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#19 0x00005555555a43bc in main (argc=2, argv=0x7fff52151978) at silc.c:376
(gdb) x 47009695160704
0x2ac14c2e5980 <main_arena>: 0x00000001
Running silc with valgrind results into this:
==1869== Process terminating with default action of signal 4 (SIGILL)
==1869== Illegal opcode at address 0xFE5D5
==1869== at 0xFE5D5: silc_atomic_add_int8 (silcatomic.h:793)
==1869== by 0xFED8E: silc_packet_stream_ref (silcpacket.c:1155)
==1869== by 0xFE893: silc_packet_stream_link_va (silcpacket.c:1073)
==1869== by 0xFEBD4: silc_packet_stream_link (silcpacket.c:1089)
==1869== by 0x14B4A9: silc_ske_initiator (silcske.c:1842)
==1869== by 0xD6C6B: silc_client_st_connect_key_exchange
(client_connect.c:516)
==1869== by 0x10BB23: silc_fsm_run (silcfsm.c:429)
==1869== by 0x10B6D6: silc_fsm_start_sync (silcfsm.c:249)
==1869== by 0xCAA5D: silc_client_connection_st_run (client.c:268)
==1869== by 0x10BB23: silc_fsm_run (silcfsm.c:429)
==1869== by 0x10B8B9: silc_fsm_continue_sync (silcfsm.c:309)
==1869== by 0x10C509: silc_fsm_signal (silcfsm.c:689)
==1869==
Now running under gdb, silc compiled with -O0 -ggdb3 .
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.silcnet.org/pipermail/silc-devel/attachments/20080404/129f0dac/attachment.bin
More information about the silc-devel
mailing list