search

zombiecong / sctp-refimpl

Automatically exported from code.google.com/p/sctp-refimpl
0 stars 0 forks source link

Memory leak for incoming connection in TCP typed listener #19

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Have non blocking TCP type listening socket
2. Establish a new connection to this socket. sonewconn is called which does 
not set so_count to 1 for the new connection
3. Call usrsctp_close which does not release memory because so_count is already 
0

What is the expected output? What do you see instead?
Expect usrsctp_close to free memory

What version of the product are you using? On what operating system?
Lasted SVN as of June 04 2015

Original issue reported on code.google.com by mrubenc...@gmail.com on 4 Jun 2015 at 7:26

GoogleCodeExporter commented 9 years ago 
Thanks for reporting the issue. I checked in a fix for soabort():
https://code.google.com/p/sctp-refimpl/source/detail?r=9278
Can you test and report if it also fixes the issue for you?

Best regards
Michael

Original comment by t00FC...@googlemail.com on 15 Jun 2015 at 4:37

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
There is something wrong with the current state of the repo. There is a memory 
corruption on OSX so I can't really test the fix.

#0  0x00007fff86658286 in __pthread_kill ()
#1  0x00007fff86e0342f in pthread_kill ()
#2  0x00007fff87539b53 in abort ()
#3  0x00007fff86250e06 in szone_error ()
#4  0x00007fff86248fd5 in tiny_free_list_remove_ptr ()
#5  0x00007fff8624778d in szone_free_definite_size ()
#6  0x00000001000d731e in sctp_free_assoc at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_pcb.c:5866
#7  0x0000000100107e0c in sctp_timeout_handler at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctputil.c:1927
#8  0x0000000100075dd0 in sctp_handle_tick at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_callout.c:155
#9  0x0000000100075cac in user_sctp_timer_iterate at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_callout.c:194
#10 0x00007fff86e01268 in _pthread_body ()
#11 0x00007fff86e011e5 in _pthread_start ()
#12 0x00007fff86dff41d in thread_start ()

malloc: *** error for object 0x100936e50: incorrect checksum for freed object - 
object was probably modified after being freed.

sctp_pcb.c:5865
    if (asoc->mapping_array) {
        SCTP_FREE(asoc->mapping_array, SCTP_M_MAP);
        asoc->mapping_array = NULL;
    }

Original comment by mrubenc...@gmail.com on 17 Jun 2015 at 2:39