Dear Sir or Madam:
I have found what seems to be a bug in either the simulator itself
(core) or in one of its components, namely in the DSR algorithm
implementation. The scenario and traffic generator
files were created with the CMU tools provided and are attached to this
email: scen-3-677-677-test (three-node 677m by 677m scenario),
cbr-3-3-200-test (three nodes, maximum of three connections, 200
packets/s). The simulation file, wireless.tcl, is based on Marc Greis'
tutorial part IX.2.
You will find the error details below.
Thank you.
Yours sincerely,
Francisco
--------------------------------------------------------------------------------------------------
Versions of OS, NS and add-on components installed:
OS: Fedora Core 4, Kernel (i686) 2.6.11
ns: 2.29
otcl: 1.11
tclcl: 1.17
Tcl: 8.49
Tk: 8.49
Steps to reproduce the error:
1) ns wireless.tcl
output:
num_nodes is set 3
INITIALIZE THE LIST xListHead
Loading connection pattern...
Loading scenario file...
Starting Simulation...
channel.cc:sendUp - Calc highestAntennaZ_ and distCST_
highestAntennaZ_ = 1.5, distCST_ = 550.0
SORTING LISTS ...DONE!
Segmentation fault
2) gdb backtrace; NOTE CAREFULLY that the packet instance address is
0x32, which is clearly invalid!
output:
Starting program: /usr/local/bin/ns wireless.tcl
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0x933000
num_nodes is set 3
INITIALIZE THE LIST xListHead
Loading connection pattern...
Loading scenario file...
Starting Simulation...
channel.cc:sendUp - Calc highestAntennaZ_ and distCST_
highestAntennaZ_ = 1.5, distCST_ = 550.0
SORTING LISTS ...DONE!
Program received signal SIGSEGV, Segmentation fault.
0x0805a354 in Packet::access (this=0x32, off=3464) at ./common/packet.h:367
367 return (&bits_[off]);
(gdb) bt
#0 0x0805a354 in Packet::access (this=0x32, off=3464) at
./common/packet.h:367
#1 0x0805cb65 in hdr_cmn::access (p=0x32) at ./common/packet.h:495
#2 0x08139c67 in CMUPriQueue::prq_get_nexthop (this=0x9e868e0, id=2)
at queue/dsr-priqueue.cc:208
#3 0x0815caba in DSRAgent::xmitFailed (this=0x9d45010, pkt=0xa052330,
reason=0x8298d8e "DROP_RTR_MAC_CALLBACK") at dsr/dsragent.cc:2695
#4 0x0815d470 in DSRAgent::xmitFlowFailed (this=0x9d45010, pkt=0xa052330,
reason=0x8298d8e "DROP_RTR_MAC_CALLBACK") at dsr/dsragent.cc:2597
#5 0x0815d4bf in XmitFlowFailureCallback (pkt=0xa052330, data=0x9d45010)
at dsr/dsragent.cc:2799
#6 0x08133050 in ARPTable::arpresolve (this=0x9e87cf8, dst=2, p=0xa055cb0,
ll=0x9e874f0) at mac/arp.cc:164
#7 0x08118765 in LL::sendDown (this=0x9e874f0, p=0xa055cb0) at
mac/ll.cc:203
#8 0x0811855c in LL::recv (this=0x9e874f0, p=0xa055cb0) at mac/ll.cc:163
#9 0x080e398c in LL::handle (this=0x9e874f0, e=0xa055cb0) at ./mac/ll.h:85
#10 0x08051ebb in Scheduler::dispatch (this=0x9a3b7e8, p=0xa055cb0,
t=55.275470096642685) at common/scheduler.cc:150
#11 0x08051ee6 in Scheduler::run (this=0x9a3b7e8) at common/scheduler.cc:129
#12 0x080520de in Scheduler::command (this=0x9a3b7e8, argc=2,
argv=0xbf9a2af0)
at common/scheduler.cc:198
#13 0x0826364a in TclClass::dispatch_cmd (clientData=0x9a3b7e8, argc=5,
argv=0xbf9a2ae4) at Tcl.cc:490
#14 0x082672d6 in OTclDispatch (cd=Variable "cd" is not available.
) at otcl.c:434
---Type <return> to continue, or q <return> to quit---q
Quit
3) valgrind leak-check=full
output:
==3320== Memcheck, a memory error detector for x86-linux.
==3320== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==3320== Using valgrind-2.4.0, a program supervision framework for
x86-linux.
==3320== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==3320== For more details, rerun with: -v
==3320==
num_nodes is set 3
INITIALIZE THE LIST xListHead
Loading connection pattern...
Loading scenario file...
Starting Simulation...
channel.cc:sendUp - Calc highestAntennaZ_ and distCST_
highestAntennaZ_ = 1.5, distCST_ = 550.0
SORTING LISTS ...DONE!
==3320== Invalid read of size 4
==3320== at 0x805A354: Packet::access(int) const (packet.h:367)
==3320== by 0x805CB64: hdr_cmn::access(Packet const*) (packet.h:495)
==3320== by 0x8139C66: CMUPriQueue::prq_get_nexthop(int)
(dsr-priqueue.cc:208)
==3320== by 0x815CAB9: DSRAgent::xmitFailed(Packet*, char const*)
(dsragent.cc:2695)
==3320== by 0x815D46F: DSRAgent::xmitFlowFailed(Packet*, char const*)
(dsragent.cc:2597)
==3320== by 0x815D4BE: XmitFlowFailureCallback(Packet*, void*)
(dsragent.cc:2799)
==3320== by 0x813304F: ARPTable::arpresolve(int, Packet*, LL*)
(arp.cc:164)
==3320== by 0x8118764: LL::sendDown(Packet*) (ll.cc:203)
==3320== by 0x811855B: LL::recv(Packet*, Handler*) (ll.cc:163)
==3320== by 0x80E398B: LL::handle(Event*) (ll.h:85)
==3320== by 0x8051EBA: Scheduler::dispatch(Event*, double)
(scheduler.cc:150)==3320== by 0x8051EE5: Scheduler::run()
(scheduler.cc:129)
==3320== Address 0x4E is not stack'd, malloc'd or (recently) free'd
==3320==
==3320== Process terminating with default action of signal 11 (SIGSEGV)
==3320== Access not within mapped region at address 0x4E
==3320== at 0x805A354: Packet::access(int) const (packet.h:367)
==3320== by 0x805CB64: hdr_cmn::access(Packet const*) (packet.h:495)
==3320== by 0x8139C66: CMUPriQueue::prq_get_nexthop(int)
(dsr-priqueue.cc:208)
==3320== by 0x815CAB9: DSRAgent::xmitFailed(Packet*, char const*)
(dsragent.cc:2695)
==3320== by 0x815D46F: DSRAgent::xmitFlowFailed(Packet*, char const*)
(dsragent.cc:2597)
==3320== by 0x815D4BE: XmitFlowFailureCallback(Packet*, void*)
(dsragent.cc:2799)
==3320== by 0x813304F: ARPTable::arpresolve(int, Packet*, LL*)
(arp.cc:164)
==3320== by 0x8118764: LL::sendDown(Packet*) (ll.cc:203)
==3320== by 0x811855B: LL::recv(Packet*, Handler*) (ll.cc:163)
==3320== by 0x80E398B: LL::handle(Event*) (ll.h:85)
==3320== by 0x8051EBA: Scheduler::dispatch(Event*, double)
(scheduler.cc:150)==3320== by 0x8051EE5: Scheduler::run()
(scheduler.cc:129)
==3320==
==3320== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 22 from 1)
==3320== malloc/free: in use at exit: 7012006 bytes in 49605 blocks.
==3320== malloc/free: 356554 allocs, 306949 frees, 14246551 bytes allocated.
==3320== For counts of detected errors, rerun with: -v
==3320== searching for pointers to 49605 not-freed blocks.
==3320== checked 7844028 bytes.
==3320==
==3320==
==3320== 7336 (184 direct, 7152 indirect) bytes in 2 blocks are
definitely lost in loss record 58 of 87
==3320== at 0x1B90939A: operator new(unsigned) (vg_replace_malloc.c:132)
==3320== by 0x8062CAA: Packet::alloc() (packet.h:548)
==3320== by 0x8062D6B: Packet::copy() const (packet.h:614)
==3320== by 0x811664C: WirelessChannel::sendUp(Packet*, Phy*)
(channel.cc:378)
==3320== by 0x811547D: Channel::recv(Packet*, Handler*) (channel.cc:146)
==3320== by 0x813BF51: WirelessPhy::sendDown(Packet*)
(wireless-phy.cc:302)
==3320== by 0x813A748: Phy::recv(Packet*, Handler*) (phy.cc:122)
==3320== by 0x811E474: Mac802_11::transmit(Packet*, double)
(mac-802_11.cc:120)
==3320== by 0x811AC3F: Mac802_11::check_pktCTRL() (mac-802_11.cc:722)
==3320== by 0x811BC82: Mac802_11::deferHandler() (mac-802_11.cc:584)
==3320== by 0x813D45E: DeferTimer::handle(Event*) (mac-timers.cc:143)
==3320== by 0x8051EBA: Scheduler::dispatch(Event*, double)
(scheduler.cc:150)==3320==
==3320==
==3320== 8000 bytes in 1 blocks are possibly lost in loss record 76 of 87
==3320== at 0x1B909222: malloc (vg_replace_malloc.c:130)
==3320== by 0x7B02A4: TclpAlloc (in /usr/lib/libtcl8.4.so)
==3320== by 0x7B7136: Tcl_Alloc (in /usr/lib/libtcl8.4.so)
==3320== by 0x7D8A5C: TclCreateExecEnv (in /usr/lib/libtcl8.4.so)
==3320== by 0x7B07EC: Tcl_CreateInterp (in /usr/lib/libtcl8.4.so)
==3320== by 0x7FCF21: Tcl_Main (in /usr/lib/libtcl8.4.so)
==3320== by 0x804B6C2: main (tclAppInit.cc:67)
==3320==
==3320==
==3320== 10176 bytes in 6 blocks are possibly lost in loss record 77 of 87
==3320== at 0x1B9095DA: operator new[](unsigned)
(vg_replace_malloc.c:138)
==3320== by 0x815E768: Cache::Cache(char*, int, MobiCache*)
(mobicache.cc:485)
==3320== by 0x815E87F: MobiCache::MobiCache() (mobicache.cc:188)
==3320== by 0x815E96D: makeRouteCache() (mobicache.cc:168)
==3320== by 0x8154459: DSRAgent::DSRAgent() (dsragent.cc:347)
==3320== by 0x815E07E: DSRAgentClass::create(int, char const* const*)
(dsragent.cc:334)
==3320== by 0x8263673: TclClass::create_shadow(void*, Tcl_Interp*,
int, char const**) (Tcl.cc:497)
==3320== by 0x82672D5: OTclDispatch (otcl.c:434)
==3320== by 0x7B12B4: TclInvokeStringCommand (in /usr/lib/libtcl8.4.so)
==3320== by 0x7B27DC: TclEvalObjvInternal (in /usr/lib/libtcl8.4.so)
==3320== by 0x7DAE4F: (within /usr/lib/libtcl8.4.so)
==3320== by 0x7E0E8D: TclCompEvalObj (in /usr/lib/libtcl8.4.so)
==3320==
==3320==
==3320== 756012 bytes in 3 blocks are possibly lost in loss record 85 of 87
==3320== at 0x1B9095DA: operator new[](unsigned)
(vg_replace_malloc.c:138)
==3320== by 0x8162DFA: FlowTable::FlowTable(int) (flowstruct.cc:59)
==3320== by 0x81543AE: DSRAgent::DSRAgent() (dsragent.cc:342)
==3320== by 0x815E07E: DSRAgentClass::create(int, char const* const*)
(dsragent.cc:334)
==3320== by 0x8263673: TclClass::create_shadow(void*, Tcl_Interp*,
int, char const**) (Tcl.cc:497)
==3320== by 0x82672D5: OTclDispatch (otcl.c:434)
==3320== by 0x7B12B4: TclInvokeStringCommand (in /usr/lib/libtcl8.4.so)
==3320== by 0x7B27DC: TclEvalObjvInternal (in /usr/lib/libtcl8.4.so)
==3320== by 0x7DAE4F: (within /usr/lib/libtcl8.4.so)
==3320== by 0x7E0E8D: TclCompEvalObj (in /usr/lib/libtcl8.4.so)
==3320== by 0x7DAF35: (within /usr/lib/libtcl8.4.so)
==3320== by 0x7E0E8D: TclCompEvalObj (in /usr/lib/libtcl8.4.so)
==3320==
==3320== LEAK SUMMARY:
==3320== definitely lost: 184 bytes in 2 blocks.
==3320== indirectly lost: 7152 bytes in 2 blocks.
==3320== possibly lost: 774188 bytes in 10 blocks.
==3320== still reachable: 6230482 bytes in 49591 blocks.
==3320== suppressed: 0 bytes in 0 blocks.
==3320== Reachable blocks (those to which a pointer was found) are not
shown.
==3320== To see them, rerun with: --show-reachable=yes
Segmentation fault
set god_ [God instance]
#
# nodes: 3, pause: 2.00, max speed: 10.00, max x: 677.00, max y: 677.00
#
$node_(0) set X_ 134.530598512703
$node_(0) set Y_ 656.698400482132
$node_(0) set Z_ 0.000000000000
$node_(1) set X_ 284.829443074186
$node_(1) set Y_ 299.770635153468
$node_(1) set Z_ 0.000000000000
$node_(2) set X_ 443.947033187836
$node_(2) set Y_ 306.036265992220
$node_(2) set Z_ 0.000000000000
$god_ set-dist 0 1 16777215
$god_ set-dist 0 2 16777215
$god_ set-dist 1 2 1
$ns_ at 2.000000000000 "$node_(0) setdest 276.971026464825 45.998061703657
5.241464492917"
$ns_ at 2.000000000000 "$node_(1) setdest 267.509205427932 589.791480424029
1.396139555237"
$ns_ at 2.000000000000 "$node_(2) setdest 649.437167075214 85.462991504535
1.280381424893"
$ns_ at 23.433479031138 "$god_ set-dist 0 1 1"
$ns_ at 23.433479031138 "$god_ set-dist 0 2 2"
$ns_ at 59.847295234865 "$god_ set-dist 0 2 16777215"
$ns_ at 59.847295234865 "$god_ set-dist 1 2 16777215"
$ns_ at 95.089632854029 "$god_ set-dist 0 1 16777215"
$ns_ at 121.640578247135 "$node_(0) setdest 276.971026464825 45.998061703657
0.000000000000"
$ns_ at 123.640578247135 "$node_(0) setdest 404.294198902602 418.207834399359
9.553881317193"
$ns_ at 135.023625084179 "$god_ set-dist 0 2 1"
$ns_ at 148.009612107700 "$god_ set-dist 0 1 1"
$ns_ at 148.009612107700 "$god_ set-dist 1 2 2"
$ns_ at 151.768989748313 "$god_ set-dist 0 2 16777215"
$ns_ at 151.768989748313 "$god_ set-dist 1 2 16777215"
$ns_ at 164.815930027866 "$node_(0) setdest 404.294198902602 418.207834399359
0.000000000000"
$ns_ at 166.815930027866 "$node_(0) setdest 425.908040176815 173.343685493452
5.359986080992"
$ns_ at 180.951043298821 "$god_ set-dist 0 1 16777215"
$ns_ at 191.372152833729 "$god_ set-dist 0 2 1"
$ns_ at 210.100667234936 "$node_(1) setdest 267.509205427932 589.791480424029
0.000000000000"
$ns_ at 212.100667234936 "$node_(1) setdest 546.353432739273 469.208652971173
9.998585479265"
$ns_ at 212.677282503719 "$node_(0) setdest 425.908040176814 173.343685493452
0.000000000000"
$ns_ at 214.677282503719 "$node_(0) setdest 473.314235313647 581.210076339938
1.709202454778"
$ns_ at 235.881204732981 "$god_ set-dist 0 2 16777215"
$ns_ at 237.446284938035 "$node_(2) setdest 649.437167075214 85.462991504535
0.000000000000"
$ns_ at 239.446284938035 "$node_(2) setdest 292.902000128668 126.545619921174
0.507845146496"
$ns_ at 242.484945631624 "$node_(1) setdest 546.353432739273 469.208652971173
0.000000000000"
$ns_ at 244.484945631624 "$node_(1) setdest 501.246581925845 259.849295409083
5.050552880977"
$ns_ at 247.655487880765 "$god_ set-dist 0 1 1"
$ns_ at 277.216783697820 "$god_ set-dist 0 2 2"
$ns_ at 277.216783697820 "$god_ set-dist 1 2 1"
$ns_ at 286.888900340133 "$node_(1) setdest 501.246581925845 259.849295409083
0.000000000000"
$ns_ at 288.888900340133 "$node_(1) setdest 348.686223365770 59.389646441687
1.361593444182"
$ns_ at 364.382754659815 "$god_ set-dist 0 1 16777215"
$ns_ at 364.382754659815 "$god_ set-dist 0 2 16777215"
#
# Destination Unreachables: 11
#
# Route Changes: 18
#
# Link Changes: 12
#
# Node | Route Changes | Link Changes
# 0 | 14 | 10
# 1 | 10 | 8
# 2 | 12 | 6
#
#
# nodes: 3, max conn: 3, send rate: 0.0050000000000000001, seed: 394576
#
#
# 0 connecting to 1 at time 47.745473211512653
#
set udp_(0) [new Agent/UDP]
$ns_ attach-agent $node_(0) $udp_(0)
set null_(0) [new Agent/Null]
$ns_ attach-agent $node_(1) $null_(0)
set cbr_(0) [new Application/Traffic/CBR]
$cbr_(0) set packetSize_ 512
$cbr_(0) set interval_ 0.0050000000000000001
$cbr_(0) set random_ 1
$cbr_(0) set maxpkts_ 10000
$cbr_(0) attach-agent $udp_(0)
$ns_ connect $udp_(0) $null_(0)
$ns_ at 47.745473211512653 "$cbr_(0) start"
#
# 0 connecting to 2 at time 54.844718889726657
#
set udp_(1) [new Agent/UDP]
$ns_ attach-agent $node_(0) $udp_(1)
set null_(1) [new Agent/Null]
$ns_ attach-agent $node_(2) $null_(1)
set cbr_(1) [new Application/Traffic/CBR]
$cbr_(1) set packetSize_ 512
$cbr_(1) set interval_ 0.0050000000000000001
$cbr_(1) set random_ 1
$cbr_(1) set maxpkts_ 10000
$cbr_(1) attach-agent $udp_(1)
$ns_ connect $udp_(1) $null_(1)
$ns_ at 54.844718889726657 "$cbr_(1) start"
#
# 1 connecting to 2 at time 70.204997514470008
#
set udp_(2) [new Agent/UDP]
$ns_ attach-agent $node_(1) $udp_(2)
set null_(2) [new Agent/Null]
$ns_ attach-agent $node_(2) $null_(2)
set cbr_(2) [new Application/Traffic/CBR]
$cbr_(2) set packetSize_ 512
$cbr_(2) set interval_ 0.0050000000000000001
$cbr_(2) set random_ 1
$cbr_(2) set maxpkts_ 10000
$cbr_(2) attach-agent $udp_(2)
$ns_ connect $udp_(2) $null_(2)
$ns_ at 70.204997514470008 "$cbr_(2) start"
#
#Total sources/connections: 2/3
#
