Deleted state machine memory may be accessed in degraded connections
Description
With some applications using LibSub, there are some various failures happening in the LibSub library. Most of them are:
- assert violation in
ToolkitEventCallback
(two machines process the same event), - segmentation fault in
SOPC_StaMac_EventDispatcher
, the code tries to accesspSM->pListMonIt
which is a NULL pointer.
The problems do not appear in check_libsub
, even modified to reproduce the connection configurations used by the application.
Analysis
Debugging the first kind of error shows that 2 machines in the pListClient
of the LibSub have exactly the same content.
Further debug shows that the machine with iCliId == 2
is freed due to connection error; however its pointer is kept in the list.
Sometimes, the same pointer is returned by the next call to SOPC_StaMac_Create
, resulting in two exactly identical machines in pListClient
.
In check_libsub
however, the SOPC_StaMac_Create
always returned new pointer, hence masking the problem.