thanks for the bug report.
On Mon, May 20, 2013 at 5:28 AM, Lauri Kasanen <[email protected]> wrote: > Hi > > There's a segfault in checking timeouts: > ==5404== Invalid read of size 8 > ==5404== at 0x40C154: rb_next (mk_rbtree.c:315) > ==5404== by 0x409816: mk_sched_check_timeouts (mk_scheduler.c:461) > ==5404== by 0x408BBD: mk_epoll_init (mk_epoll.c:280) > ==5404== by 0x409669: mk_sched_launch_worker_loop > (mk_scheduler.c:302) ==5404== by 0x5032FEA: start_thread > (in /lib/libpthread-2.7.so) ==5404== by 0x530B94C: clone > (in /lib/libc-2.7.so) ==5404== Address 0x5632e68 is 5,592 bytes inside > a block of size 5,616 free'd ==5404== at 0x4C2220F: free > (in /opt/valgrind/lib/valgrind/vgpreload_memcheck-amd64-linux.so) > ==5404== by 0x409869: mk_sched_check_timeouts (mk_scheduler.c:477) > ==5404== by 0x408BBD: mk_epoll_init (mk_epoll.c:280) ==5404== by > 0x409669: mk_sched_launch_worker_loop (mk_scheduler.c:302) ==5404== > by 0x5032FEA: start_thread (in /lib/libpthread-2.7.so) ==5404== by > 0x530B94C: clone (in /lib/libc-2.7.so) > > That is, it is not safe to remove a node from the RB tree and then > continue to iterate, because then rb_next(node) accesses freed memory > (node). > > - Lauri > _______________________________________________ > Monkey mailing list > [email protected] > http://lists.monkey-project.com/listinfo/monkey > -- Eduardo Silva http://edsiper.linuxchile.cl http://www.monkey-project.com
_______________________________________________ Monkey mailing list [email protected] http://lists.monkey-project.com/listinfo/monkey
