Created attachment 58563 [details] logs, GDB dump and modified source so you can make sense of the logs Version: unspecified (using KDE 4.5.5) OS: Linux Program received signal SIGSEGV, Segmentation fault. 0x41d07594 in memcpy () from /lib/libc.so.6 caused by p.getLength in "bool ChunkDownload::piece(const Piece & p,bool & ok)" returning the value 0x10000. This causes the memcpy() in the method to run off the end of DST buffer (which is only 0x4000 long) and it segfaults. I am running ARM Slackware current (KDE 4.5.5) on a SheevaPlug computer. This fault happens every couple of days. I will attach logs and stuff. Unfortunately, tracebacks don't work in memcpy() because it's written in ASM and doesn't retain a proper stack frame. Reproducible: Always
*** This bug has been marked as a duplicate of bug 268162 ***
I submitted 268162 and this is not the same bug! In 268162 the segfault was on the read of the SRC pointer to memcpy(). The SRC buffer is only a few bytes long and we try to read 0x4000 bytes from it. In this one, the segfault is on the write of the DST pointer to memcpy(). Here the DST buffer is 0x4000 bytes long and we try to write 0x10000 bytes to it. And 268162 happens at least twenty times as often as this one.
The fix done for 268162, will also fix this situation. If the length of the Piece object does not match the length we expect, it will be ignored. You should upgrade to libktorrent 1.1