#1 btslave SEGFAULT

open
nobody
None
5
2006-07-02
2006-07-02
Adam Banko
No

When running 3 torrents in repeater mode btslave
SEGFAULTs. This happens randomly, in minutes or hours
after startup.

I'm using version 09Jul05.

gdb output:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1211959616 (LWP 8424)]
0x08059e22 in bsMessageAddBytes (message=0x80ad3f8,
data=0x24000 <Address 0x24000 out of bounds>,
length=16384) at bsmessage.c:179
179 memcpy(bsMessageGetDatas(message) +
usedData, data, length);

(gdb) bt
#0 0x08059e22 in bsMessageAddBytes (message=0x80ad3f8,
data=0x24000 <Address 0x24000 out of bounds>,
length=16384) at bsmessage.c:179
#1 0x0805328f in processRequestMessage
(requestMessage=0x80ac380) at bsconnect.c:732
#2 0x08054ea1 in processMessage (message=0x80ac380) at
bsconnect.c:1521
#3 0x0804b866 in pushByteIntoConnection
(connection=0x81d2b40, byte=0 '\0') at bstcp.c:516
#4 0x0804b9a7 in readMessage (connection=0x81d2b40) at
bstcp.c:550
#5 0x0804ba13 in readMessages (readSockets={__fds_bits
= {0, 0, 0, 0, 134217728, 0 <repeats 27 times>}}) at
bstcp.c:568
#6 0x0804bec4 in bsSelect () at bstcp.c:652
#7 0x0804a7aa in bsRunTorrents () at bsroot.c:370
#8 0x08049c34 in main (argc=9, argv=0xbfe51bc4) at
bsmain.c:197

(gdb) info args
message = 0x80ad3f8
data = (U8 *) 0x24000 <Address 0x24000 out of bounds>
length = 16384
(gdb) up
#1 0x0805328f in processRequestMessage
(requestMessage=0x80ac380) at bsconnect.c:732
732 bsMessageAddBytes(pieceMessage,
bsPieceGetDatas(piece) + dataIndex, length);
(gdb) info args
requestMessage = 0x80ac380
(gdb) down
#0 0x08059e22 in bsMessageAddBytes (message=0x80ad3f8,
data=0x24000 <Address 0x24000 out of bounds>,
length=16384) at bsmessage.c:179
179 memcpy(bsMessageGetDatas(message) +
usedData, data, length);
(gdb) up
#1 0x0805328f in processRequestMessage
(requestMessage=0x80ac380) at bsconnect.c:732
732 bsMessageAddBytes(pieceMessage,
bsPieceGetDatas(piece) + dataIndex, length);
(gdb) info args
requestMessage = 0x80ac380
(gdb) up
#2 0x08054ea1 in processMessage (message=0x80ac380) at
bsconnect.c:1521
1521 processRequestMessage(message);
(gdb) info args
message = 0x80ac380
(gdb) up
#3 0x0804b866 in pushByteIntoConnection
(connection=0x81d2b40, byte=0 '\0') at bstcp.c:516
516 bsProcessMessageCallback(message);
(gdb) info args
connection = 0x81d2b40
byte = 0 '\0'

Discussion