[sr-dev] Crash bug freeing To headers
Alex Balashov
abalashov at evaristesys.com
Wed Aug 28 10:00:04 CEST 2013
On 08/28/2013 03:55 AM, Daniel-Constantin Mierla wrote:
> As expected, a buffer overflow somewhere.
>
> Look in logs for a message like:
>
> BUG: qm_*: prev. fragm. tail overwritten ...
>
> and give also the output of 'bt full'.
Here's the 'bt full' from the core dump whose backtrace I last pasted
(the one that crashes in free_to()) and to which the head/tail
overwritten message corresponds:
http://pastebin.com/gk8cR26m
-- Alex
--
Alex Balashov - Principal
Evariste Systems LLC
235 E Ponce de Leon Ave
Suite 106
Decatur, GA 30030
United States
Tel: +1-678-954-0670
Web: http://www.evaristesys.com/, http://www.alexbalashov.com/
More information about the sr-dev
mailing list