Context Navigation

← Previous Ticket
Next Ticket →

#5047 closed Bug (duplicate)

segfault in UTP_ProcessIncoming

Reported by:	adamjacobmuller	Owned by:
Priority:	Normal	Milestone:	None Set
Component:	Daemon	Version:	2.60
Severity:	Normal	Keywords:
Cc:

Description

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff611b710 (LWP 6646)]
UTP_ProcessIncoming (conn=0xef380000ef39, packet=0xef360000ef37 <Address 0xef360000ef37 out of bounds>, len=<value optimized out>, syn=<value optimized out>) at utp.cpp:2111
2111    utp.cpp: No such file or directory.
        in utp.cpp
(gdb) bt
#0  UTP_ProcessIncoming (conn=0xef380000ef39, packet=0xef360000ef37 <Address 0xef360000ef37 out of bounds>, len=<value optimized out>, syn=<value optimized out>) at utp.cpp:2111
#1  0x000000000045210a in UTP_IsIncomingUTP (incoming_proc=0x41ed90 <incoming>, send_to_proc=<value optimized out>, send_to_userdata=<value optimized out>, buffer=0x7ffff6119d10 "!\001\035i\223\310\nW\360\024\321\203", len=30, to=0x10, tolen=16) at utp.cpp:2580
#2  0x000000000041ed32 in tr_utpPacket (buf=0x7ffff6119d10 "!\001\035i\223\310\nW\360\024\321\203", buflen=30, from=0x10, fromlen=16, ss=0x66e600) at tr-utp.c:179
#3  0x000000000041e418 in event_callback (s=<value optimized out>, type=<value optimized out>, sv=0x66e600) at tr-udp.c:225
#4  0x00007ffff779db4c in event_base_loop () from /usr/lib/libevent-2.0.so.5
#5  0x000000000041f810 in libeventThreadFunc (veh=<value optimized out>) at trevent.c:248
#6  0x000000000041064a in ThreadFunc (_t=0x66ec50) at platform.c:118
#7  0x00007ffff647b894 in start_thread () from /lib/libpthread.so.0
#8  0x00007ffff61ed27d in clone () from /lib/libc.so.6
(gdb) bt full
#0  UTP_ProcessIncoming (conn=0xef380000ef39, packet=0xef360000ef37 <Address 0xef360000ef37 out of bounds>, len=<value optimized out>, syn=<value optimized out>) at utp.cpp:2111
        packet_end = 0x7ffff6119d2e "4\340\063B\343\306\320\220\347\354}\365\211z\277\005\252\277\343\202g(\201\315\224\363\242\233\370Ot\277h]\212\201\250\301\204\066@\335\025\227\"An|w\367n\036w|\r\331\017|\234\332s*\373@\320\264\017\067N\276\310\242\322\004%\347\312-\347\214\300\225>\346W\245\203\323\240E\340\302\205\352\333;\240\335\245\214q\357G?Z}\375\031~J\276\234\225\025\234\062\246\360\027\017\253\312\277\367\231\375\377\371\305Qo\246Z\345_\320W\224}-\232\"\033\325\"s\321\375\266\260\260\275\260k\242\200\217\332\330>\v\t\353\371\312\343\311V,\241j\324U\333\352%[\212\347\364N\370b\313\276f\206\316U\332m\344\254\335\066\241R\263\242\313"...
        min_rtt = 71265
        prev_delay_base = <value optimized out>
        pk_ack_nr = 61233
        time = 12556935909173
        their_delay = <value optimized out>
        selack_ptr = <value optimized out>
        data = 0xef340000ef35 <Address 0xef340000ef35 out of bounds>
        extension = <value optimized out>
        seqnr = 0
        acks = 61233
        actual_delay = 4128348544
        pk_seq_nr = 61235
        pk_flags = 2 '\002'
        acked_bytes = 16
        p = <value optimized out>
#1  0x000000000045210a in UTP_IsIncomingUTP (incoming_proc=0x41ed90 <incoming>, send_to_proc=<value optimized out>, send_to_userdata=<value optimized out>, buffer=0x7ffff6119d10 "!\001\035i\223\310\nW\360\024\321\203", len=30, to=0x10, tolen=16) at utp.cpp:2580
        read = <value optimized out>
        conn = 0xd26c860
        i = 3967001317
        flags = 2 '\002'
        addr = {_in = {_in6 = "\000\000\000\000\000\000\000\000\000\000\377\377b\342w\336", _in6w = {0, 0, 0, 0, 0, 65535, 57954, 56951}, _in6d = {0, 0, 4294901760, 3732398690}, _in6addr = {__in6_u = {
                __u6_addr8 = "\000\000\000\000\000\000\000\000\000\000\377\377b\342w\336", __u6_addr16 = {0, 0, 0, 0, 0, 65535, 57954, 56951}, __u6_addr32 = {0, 0, 4294901760, 3732398690}}}}, _port = 13300}
        version = <value optimized out>
        id = 7529
#2  0x000000000041ed32 in tr_utpPacket (buf=0x7ffff6119d10 "!\001\035i\223\310\nW\360\024\321\203", buflen=30, from=0x10, fromlen=16, ss=0x66e600) at tr-utp.c:179
No locals.
#3  0x000000000041e418 in event_callback (s=<value optimized out>, type=<value optimized out>, sv=0x66e600) at tr-udp.c:225
        rc = 30
        fromlen = 16
        buf = "!\001\035i\223\310\nW\360\024\321\203\000\002\200\000ld\357\061\000\b\000\000\000\000\000\016\000\000\064\340\063B\343\306\320\220\347\354}\365\211z\277\005\252\277\343\202g(\201\315\224\363\242\233\370Ot\277h]\212\201\250\301\204\066@\335\025\227\"An|w\367n\036w|\r\331\017|\234\332s*\373@\320\264\017\067N\276\310\242\322\004%\347\312-\347\214\300\225>\346W\245\203\323\240E\340\302\205\352\333;\240\335\245\214q\357G?Z}\375\031~J\276\234\225\025\234\062\246\360\027\017\253\312\277\367\231\375\377\371\305Qo\246Z\345_\320W\224}-\232\"\033\325\"s\321\375\266\260\260\275\260k\242\200\217\332\330>\v\t\353\371\312\343\311V,\241j\324U\333\352%[\212\347\364N\370b\313\276f\206\316U\332m\344\254\335\066\241R\263\242\313\252G\257\215ui\301c\025\234\340\347\346\017\363\327_\315\315u\327\231\066\275\374\312WIb\300\022\242!\202\"\023\067RZ\325/\366\303x\343\277C\211E\305^\356o\211\242\234\201\203Z\205\062\a\237n&\270-\204\350\177\302\240eh_\335jq\375(}\370L>\026\236\001\203]\370\023\304\273\201\365\315\241\230V\017~\361g\253\063\354\373\062\064\251\031\nK\333\317\203r\367\\\251s\272\071\354\204\341\005\"\034\253OD\275\276>\254\237\215\032w\276\321\177\307J-\002\377\347\226\260\262'\366\060\262\302\264\262%\262\274\266\320\030\366\377\177\000\000p\245\021\366\377\177\000\000`\245\021\366\377\177\000\000\025\000\000\000\000\000\000\000P\253"...
        from = {ss_family = 2, __ss_align = 0, 
          __ss_padding = "\020s\017\r\000\000\000\000V\270\377\367\377\177\000\000P0g\000\000\000\000\000\303\266\377\367\377\177\000\000\240\255\021\366\377\177\000\000\220\255\021\366\377\177\000\000\000\000\000\000\000\000\000\000u\267\377\367\377\177\000\000\260\255\021\366\377\177\000\000\300\355f\000\000\000\000\000H\357f\000\000\000\000\000z\351\032\366\377\177\000\000\000\000\000\000\000\000\000\000\033\243y\367\377\177\000"}
#4  0x00007ffff779db4c in event_base_loop () from /usr/lib/libevent-2.0.so.5
No symbol table info available.
#5  0x000000000041f810 in libeventThreadFunc (veh=<value optimized out>) at trevent.c:248
        base = <value optimized out>
        eh = 0x66ebd0
#6  0x000000000041064a in ThreadFunc (_t=0x66ec50) at platform.c:118
No locals.
#7  0x00007ffff647b894 in start_thread () from /lib/libpthread.so.0
No symbol table info available.
#8  0x00007ffff61ed27d in clone () from /lib/libc.so.6
No symbol table info available.

Change History (1)

comment:1 Changed 10 years ago by jordan

Resolution set to duplicate
Status changed from new to closed

I think this is a dupe of #5002

Note: See TracTickets for help on using tickets.

Download in other formats: