Opened 11 years ago
Last modified 8 years ago
#12231 closed defect
Fast TCP NAT connection setup / teardown causes invalid pointer free — at Version 3
| Reported by: | Igmar Palsenberg | Owned by: | |
|---|---|---|---|
| Component: | network/NAT | Version: | VirtualBox 4.3.0 |
| Keywords: | Cc: | ||
| Guest type: | Linux | Host type: | Mac OS X |
Description (last modified by )
VirtualBox 4.3 r89960 Extension pack 4.3 r89960
Situation:
VM with CentOS 6.4, 2 NIC's configured : 1 NAT, 1 host-only
Reproduce steps:
Install CentOS (other versions will probably do, it doesn't seem OS related When logged into the vm, run :
wget -m ftp://ftp.vim.org/pub/vim/patches/7.3/
Results in :
/Applications/VirtualBox.app/Contents/MacOS/VirtualBox -startvm "palsenberg.com" VirtualBox(93971,0x112ad1000) malloc: *** error for object 0x10019ad90: pointer being freed was not allocated *** set a breakpoint in malloc_error_break to debug
GDB backtrace
(gdb) bt #0 0x00007fff95ebe686 in mach_msg_trap () #1 0x00007fff95ebdc42 in mach_msg () #2 0x00007fff8d430233 in __CFRunLoopServiceMachPort () #3 0x00007fff8d435916 in __CFRunLoopRun () #4 0x00007fff8d4350e2 in CFRunLoopRunSpecific () #5 0x00007fff94d8beb4 in RunCurrentEventLoopInMode () #6 0x00007fff94d8bc52 in ReceiveNextEventCommon () #7 0x00007fff94d8bae3 in BlockUntilNextEventMatchingListInMode () #8 0x00007fff907db533 in _DPSNextEvent () #9 0x00007fff907dadf2 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #10 0x00007fff907d21a3 in -[NSApplication run] () #11 0x0000000101acbff4 in QEventDispatcherMac::processEvents () #12 0x000000010189bc14 in QEventLoop::processEvents () #13 0x000000010189bf34 in QEventLoop::exec () #14 0x000000010189d55c in QCoreApplication::exec () #15 0x0000000101013f6f in TrustedMain () #16 0x0000000100001fad in start () (gdb) info threads 28 0x00007fff95ebfd0a in __ioctl () 27 0x00007fff95ebfd0a in __ioctl () 26 0x00007fff95ec0212 in __pthread_kill () 25 0x00007fff95ec00fa in __psynch_cvwait () 24 0x00007fff95ec00fa in __psynch_cvwait () 23 0x00007fff95ec00fa in __psynch_cvwait () 22 0x00007fff95ec00fa in __psynch_cvwait () 21 0x00007fff95ebfd0a in __ioctl () 20 0x00007fff95ebfd0a in __ioctl () 19 0x00007fff95ec00fa in __psynch_cvwait () 18 0x00007fff95ec00fa in __psynch_cvwait () 17 0x00007fff95ec0386 in __semwait_signal () 16 0x00007fff95ec00fa in __psynch_cvwait () 15 0x00007fff95ec00fa in __psynch_cvwait () 14 0x00007fff95ec00fa in __psynch_cvwait () 13 0x00007fff95ec00fa in __psynch_cvwait () 12 0x00007fff95ec00fa in __psynch_cvwait () 11 0x00007fff95ec00fa in __psynch_cvwait () 10 0x00007fff95ebfd0a in __ioctl () 9 0x00007fff95ebfd0a in __ioctl () 8 0x00007fff95ebfd0a in __ioctl () 7 0x00007fff95ec00fa in __psynch_cvwait () 6 0x00007fff95ec00fa in __psynch_cvwait () 5 0x00007fff95ec00fa in __psynch_cvwait () 4 0x00007fff95ec00fa in __psynch_cvwait () 3 0x00007fff95ec0322 in select$DARWIN_EXTSN () 2 0x00007fff95ec0d16 in kevent () * 1 0x00007fff95ebe686 in mach_msg_trap ()
Info from VBox.log (not always present after a crash) :
00:01:37.405498 NAT: ti is null. can't do any reseting connection actions 00:02:47.051903 NAT: ti is null. can't do any reseting connection actions
Change History (4)
by , 11 years ago
comment:2 by , 11 years ago
I've uploaded the bt and threads info at http://www.palsenberg.com/plain/vbox-12231/
If desired, I can also upload the corefile. It huge : about 1GB.
comment:3 by , 11 years ago
| Description: | modified (diff) |
|---|
Note:
See TracTickets
for help on using tickets.
Vbox.log