Todd Denniston wrote:
Tim, the segfault is happening at:
muscleframework-1.1.5.orig/libmusclepkcs11/src/p11x_session.c:136
[while( prev->hnext != session ) {]
while being called from
closeSessionLocked (hSession=1) at p11_session.c:104
[else if (!CKR_ERROR(rv = session_FreeSession(session)))]
on what looked to me to be the second pass through the function after being called frommain:115 [rv = (*pFunctionList->C_CloseSession) (hSession);]
It looks like the cause is that before calling the while, there is no verification that (prev !=NULL) and it is.
I inserted some debugging statements around this point, and it seems like you're partially correct. It's certainly crashing here, but it's not because prev is (or becomes) NULL. It appears that the first time into the loop, prev points somewhere but the crash occurs when dereferencing prev->hnext.
Specifically, I added: log_Log(LOG_LOW, "prev = %lX", (prev ? prev : 99999)); log_Log(LOG_LOW, "prev->hnext = %lX", (prev->hnext ? prev->hnext : 99999)); just before the while loop is initiated. In the log, I get: 10/07 12:05:46 prev = 1869F and then the crash.It looks to me that when session_FreeSession is called the session table has a stale pointer in it. I'm not familiar enough with the code to fix it (or figure out why it's happening in the first place) yet.
-- Tim
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
