search

zombiecong / sctp-refimpl

Automatically exported from code.google.com/p/sctp-refimpl
0 stars 0 forks source link

Crash after usrsctp_finish() is called #20

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Establish an association
2. Call usrsctp_finish() on main thread

What is the expected output? What do you see instead?
Crash happens on internal thread:
#5  0x00007fff831cd78d in szone_free_definite_size ()
#6  0x00000001000a3047 in sctp_free_assoc at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_pcb.c:5873
#7  0x00000001000baa63 in sctp_timeout_handler at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctputil.c:1927
#8  0x000000010006ec81 in sctp_handle_tick [inlined] at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_callout.c:155
#9  0x000000010006ec33 in user_sctp_timer_iterate at 
/Users/mrubenchik/Work/3rdparty/sctp-refimpl-read-only/KERN/usrsctp/usrsctplib/n
etinet/sctp_callout.c:194
#10 0x00007fff83d87268 in _pthread_body ()
#11 0x00007fff83d871e5 in _pthread_start ()
#12 0x00007fff83d8541d in thread_start ()

What version of the product are you using? On what operating system?
OSX 10.10.3
sctp latest repo on June 25th 2015

Please provide any additional information below.
    if (asoc->mapping_array) {
        SCTP_FREE(asoc->mapping_array, SCTP_M_MAP);
        asoc->mapping_array = NULL;
    }

Original issue reported on code.google.com by mrubenc...@gmail.com on 25 Jun 2015 at 3:13

GoogleCodeExporter commented 9 years ago 
What does "establish an association" mean? Are you using a SOCK_STREAM socket 
or an SOCK_SEQPACKET socket? Are you the passive side or the active one?

Best regards
Michael

Original comment by t00FC...@googlemail.com on 3 Jul 2015 at 11:42

GoogleCodeExporter commented 9 years ago 
I use SOCK_STREAM and establish connection to myself as part of testing. So I 
have both active and passive sides.

Original comment by mrubenc...@gmail.com on 3 Jul 2015 at 2:28

GoogleCodeExporter commented 9 years ago 
OK. Can you share your test program? That way I don't have to write one since I 
wasn't able to
reproduce the issue with my test programs.
You can sent it privately: t00FCxen@googlemail.com

Original comment by t00FC...@googlemail.com on 3 Jul 2015 at 2:37

GoogleCodeExporter commented 9 years ago 
Unfortunately my test has a lot of dependencies which are not easy to strip so 
it might take a while for me to get to this.

Original comment by mrubenc...@gmail.com on 10 Jul 2015 at 3:19

GoogleCodeExporter commented 9 years ago 
OK. I see. I'll try to reproduce this, but I doubt I'll be successful. So let 
me know when you have something small to reproduce the issue.

Original comment by t00FC...@googlemail.com on 10 Jul 2015 at 3:29