[Bug 359957] Re: transmission crashed with SIGSEGV in curl_multi_socket_action()

Tue, 09 Jun 2009 13:40:58 -0700 

After a little Googling, this looks more and more to me like a libcurl
issue in 7.18.x that's fixed in newer versions.

Here is an rTorrent ticket with a similar backtrace,
http://libtorrent.rakshasa.no/ticket/1452.  That ticket's reporter said
he was experiencing it in Hardy with libcurl 7.18.0, and then reported
that the problems went away after upgrading to libcurl 7.19.0.

Debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503999,
reported against 7.18.2, reports a use-after-free condition.  The
valgrind report is:

==29933== Invalid read of size 8
==29933==    at 0x55F2CE7: Curl_removeHandleFromPipeline (url.c:2279)
==29933==    by 0x5607258: multi_runsingle (multi.c:1334)
==29933==    by 0x5607D4A: curl_multi_perform (multi.c:1460)
==29933==    by 0x43A606: HTTP_OP_SET::got_select(FDSET_GROUP&, double) 
(http_curl.C:912)
==29933==    by 0x4133FE: CLIENT_STATE::do_io_or_sleep(double) 
(client_state.C:417)
==29933==    by 0x43D03C: boinc_main_loop() (main.C:473)
==29933==    by 0x5FEA1A5: (below main) (in /lib/libc-2.7.so)
==29933==  Address 0x8ee1a08 is 0 bytes inside a block of size 32 free'd
==29933==    at 0x4C20B6E: free (vg_replace_malloc.c:323)
==29933==    by 0x55F2EC1: conn_free (url.c:2125)
==29933==    by 0x55F3017: Curl_disconnect (url.c:2216)
==29933==    by 0x55F5001: CreateConnection (url.c:2506)
==29933==    by 0x55F513A: Curl_connect (url.c:4350)
==29933==    by 0x56076A4: multi_runsingle (multi.c:926)
==29933==    by 0x5607D4A: curl_multi_perform (multi.c:1460)
==29933==    by 0x43A606: HTTP_OP_SET::got_select(FDSET_GROUP&, double) 
(http_curl.C:912)
==29933==    by 0x4133FE: CLIENT_STATE::do_io_or_sleep(double) 
(client_state.C:417)
==29933==    by 0x43D03C: boinc_main_loop() (main.C:473)
==29933==    by 0x5FEA1A5: (below main) (in /lib/libc-2.7.so)


** Bug watch added: rorrent (libtorrent) Trac #1452
   http://libtorrent.rakshasa.no/ticket/1452

** Bug watch added: Debian Bug tracker #503999
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503999

-- 
transmission crashed with SIGSEGV in curl_multi_socket_action()
https://bugs.launchpad.net/bugs/359957
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to